I can't figure out why, but whenever a user makes a post on the site I am working on it will post to the database multiple times, 1 entry for each member on the site(currently 3).
Here is my code.
Add_topic.php
$category=$_POST['category'];
$sub_category=$_POST['sub_category'];
$topic_data=$_POST['topic_data'];
$posted=date("h:i:s d/m/Y"); //create date time
$sql = "INSERT INTO `topics`(category, sub_category, topic_data, posted_by, posted)VALUES('$category', '$sub_category', '$topic_data', '".$_SESSION['user_id']."', '$posted')";
$result=mysql_query($sql);
if($result){
header("Location: topics.php?category=$category&sub_category=$sub_category");
exit();
}
Topics.php
$sql = "SELECT users.user_id, users.username, users.profile, topics.topic_id, topics.category, topics.sub_category,
topics.topic_data, topics.posted_by, topics.posted, topics.view, topics.reply
FROM users, topics WHERE topics.category = '" . $_GET['category'] . "' AND topics.sub_category = '" . $_GET['sub_category'] . "' ORDER BY topics.posted DESC";
$result = mysql_query($sql);
while($rows = mysql_fetch_array($result)){
I don't think that add_topic.php is inserting multiple rows. You can verify this by looking directly at your table.
I believe your issue is your query in Topics.php.
$sql = "SELECT users.user_id, users.username, users.profile, topics.topic_id,
topics.category, topics.sub_category, topics.topic_data,
topics.posted_by, topics.posted, topics.view, topics.reply
FROM users, topics
WHERE topics.category = '" . $_GET['category'] . "'
AND topics.sub_category = '" . $_GET['sub_category'] . "'
ORDER BY topics.posted DESC";
You are doing a join on users and topics, but you are not defining what links them. So it is creating a row for each user to each topic post.
You can see it as the 1st example result set at this SQLFiddle - http://sqlfiddle.com/#!2/7dfc4/4
What you want to do is LEFT JOIN users to topics ON topics.posted_by = users.user_id.
That is the 2nd example result set at - http://sqlfiddle.com/#!2/7dfc4/4
So your query would now be (escaping your $_GET to prevent SQL Injection) -
$sql = "SELECT users.user_id, users.username, users.profile, topics.topic_id,
topics.category, topics.sub_category, topics.topic_data,
topics.posted_by, topics.posted, topics.view, topics.reply
FROM topics
LEFT JOIN users
ON topics.posted_by = users.user_id
WHERE topics.category = '" . mysql_real_escape_string($_GET['category']) . "'
AND topics.sub_category = '" . mysql_real_escape_string($_GET['sub_category']) . "'
ORDER BY topics.posted DESC";
note - you should not be using mysql_* functions in new code. It is depreciated as of php v.5.5. You should update your code to mysqli_* or PDO. http://php.net/manual/en/mysqlinfo.api.choosing.php
Related
I have two tables:
users:
user_id
user_name
...
friends:
user_id (user who sent friend request)
friend_id (user who received a friend request)
confirmed (1 = friends, 0 = friend request)
I want each user to be able to see their friends and friend requests. I have problem with displaying friends usernames. I made it work, but it's a poor solution and I want to solve this problem using only one query (if possible).
I tried:
$sql = "SELECT friends.friend_id, friends.user_id, users.user_name FROM friends
INNER JOIN users ON friends.user_id = users.user_id
WHERE friends.user_id = " . $_SESSION['user_id'] . " AND confirmed = 1
OR friends.friend_id = " . $_SESSION['user_id'] . " AND confirmed = 1;";
My problem is that it will show user_name of users that have user_id same as user_id in friends table. My query needs to check if user_id is the same as the $_SESSION['user_id'], and if it's the same then it must return user_name of the user that has the user_id the same as friend_id in friends table.
Formulate your SQL query in the following way,
$sql = "SELECT
" . $_SESSION['user_id'] . " as user_id,
IF(u2.user_id = " . $_SESSION['user_id'] . ", u1.user_id, f.friend_id) as friend_id,
IF(f.user_id = " . $_SESSION['user_id'] . ", u2.user_name, u1.user_name) as friend_username
FROM users as u1
INNER JOIN friends as f
ON u1.user_id = f.user_id
INNER JOIN users as u2
ON f.friend_id = u2.user_id
WHERE (f.user_id = " . $_SESSION['user_id'] . " OR f.friend_id = " . $_SESSION['user_id'] . ") AND f.confirmed = 1";
Here's the live demo: http://sqlfiddle.com/#!9/e10252/7
Sidenote: Learn about prepared statement because right now your query is susceptible to SQL injection attack. Also see how you can prevent SQL injection in PHP.
I am attempting to output some a user username from the user table by joining it from a questions table, the intention being I can show which user posted this specific question.
users with id, username
discussion_q id, question_text, user_id
Here is where I am at:
$sql = "SELECT q.id AS questionId, q.question_text AS questionText, q.user_id AS questionUserId, q.published AS questionPub, users.id AS userId
FROM discussion_q
JOIN users
ON questionUserId = userId
WHERE project_id = '$projectId'
ORDER BY published";
I am getting 0 results returned back to me of course. I am sure I have over engineered this or missed something simple?
Here is my php to return the results:
$result = $conn->query($sql);
if (mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_assoc($result)) {
echo '<div class="twelve columns">
<p>' . $row['question_text'] . '</p>
<p>' . $row['published'] . ' by ' . $row['username'] . '</p>
</div>';
}
} else {
echo "0 results";
}
So the end goal is to output the question_text with the username of the user who posted.
$sql = "SELECT q.id AS questionId, q.question_text AS questionText, q.user_id AS questionUserId, q.published AS questionPub, users.id AS userId
FROM discussion AS q
JOIN users
ON (q.user_id = users.id)
WHERE project_id = '$projectId'
ORDER BY published";
Tried lots of different things to make it work, couldnt find the answer on the internet if its even possible to put 2 AND's with variable into 1 query. Hopefully someone can help me with this one.
Im trying to make a rating system with 1-5 points. There is a rating row in the database and the value should be put in front of the
/5
First try:
$query2 = "SELECT rating, gebruikersnaam, Foto.fotoid FROM rating, Foto WHERE rating.fotoid = Foto.fotoid AND Foto.fotoid = '".$id."'" AND gebruikersnaam "'".$gebruikersnaam."'";
Edited version
"SELECT rating, gebruikersnaam, Foto.fotoid
FROM rating
INNER JOIN Foto ON rating.fotoid = Foto.fotoid
WHERE rating.fotoid = Foto.fotoid AND Foto.fotoid = '" . $id . "' AND gebruikersnaam '" . $gebruikersnaam . "'";
$result2 = mysqli_query($GLOBALS['conn'], $query2);
var_dump($result2);
echo $query2;
$row2 = mysqli_fetch_array($result2);
echo "<h2>".$row2['gebruikersnaam']."</h2>";
echo "<h2>".$row2['rating']."/5</h2>";
var_dump(result2); echoes:
bool(false)
query2 echoes:
SELECT rating, gebruikersnaam, Foto.fotoid FROM rating INNER JOIN Foto ON rating.fotoid = Foto.fotoid WHERE rating.fotoid = Foto.fotoid AND Foto.fotoid = '54' AND gebruikersnaam 'Kees'
echo "<h2>".$row2['rating']."/5</h2>";
The code doesnt seem to get the ['rating'] anymore?
This should work! you put to much "" in the string! Also do a JOIN to the second table.
$query2 = "SELECT rating, gebruikersnaam, Foto.fotoid
FROM rating
INNER JOIN Foto ON rating.fotoid = Foto.fotoid
WHERE rating.fotoid = Foto.fotoid AND Foto.fotoid = '" . $id . "' AND gebruikersnaam '" . $gebruikersnaam . "'";
Basically I have 2 tables
Topics
Users
I am trying to use a left join so that I can link the "posted_by" in "topics" with "user_id" in "users", so that I can output both the users.username for display, as well as users.profile(avatar picture).
Here is my current code, which is giving me boolean errors.
<?php
include 'core/init.php';
include 'includes/overall/header.php';
$sql = " SELECT *, users.id, users.username, users.profile
FROM `topics`
LEFT JOIN
users ON topics.posted_by = " . mysql_real_escape_string($_GET['topic_id']) . " users.user_id ORDER BY `posted` DESC";
$result = mysql_query($sql);
// Start looping table row
while($rows = mysql_fetch_array($result)){
?>
<table>
<tr>
<td rowspan="4"> Avatar code to go here<br>
<? echo $rows['username']; ?></td>
<td><? echo $rows['category']; ?> > <? echo $rows['sub_category']; ?> </td>
</tr>
<tr>
<td><? echo $rows['posted']; ?></td>
</tr>
<tr>
<td><? echo $rows['topic_data']; ?></td>
</tr>
<tr>
<td>Reply (<? echo $rows['reply']; ?>) Replies</td>
</tr>
</table>
<?php
// Exit looping and close connection
}
mysql_close();
?>
I believe you are using something like
$sql = "SELECT users.user_id, users.username, users.profile, topics.topic_id, topics.category, topics.sub_category,
topics.topic_data, topics.posted_by, topics.posted, topics.view, topics.reply
FROM users WHERE topics.posted_by = users.user_id ORDER BY topics.posted DESC";
Try adding
$sql = "SELECT users.user_id, users.username, users.profile, topics.topic_id, topics.category, topics.sub_category,
topics.topic_data, topics.posted_by, topics.posted, topics.view, topics.reply
FROM users, topics WHERE topics.posted_by = users.user_id ORDER BY topics.posted DESC";
ON topics.posted_by = " . mysql_real_escape_string($_GET['topic_id']) . " users.user_id you know this will produce ON topics.posted_by = 1 users.user_id for example which is invalid SQL syntax. Use WHERE instead
ON topics.posted_by = users.user_id WHERE topics.id = (topic_id_variable)
P.S.: Using mysql_ is highly not recommended. You should change the API.
You need to provide how users relates to topics in your join clause. You have provided a outside variable to your join clause. This doesn't allow the database engine to establish a relationship on how the two tables should be joined.
I believe the query you are expecting should be something like this
$sql = " SELECT *, users.id, users.username, users.profile
FROM `topics`
LEFT JOIN
users ON topics.posted_by = users.user_id
WHERE topics.id = '" . mysql_real_escape_string($_GET['topic_id']) . "'
ORDER BY `posted` DESC";
I have two values from URL. This is those,
$_GET['a'] // this variable has a email address
$_GET['b'] // this variable has a code to activate my account.
I am trying to create UPDATE query using these two values, but problem is these two values belong to two different tables. email has in contact table and active column has in user table.
This is my code so far:
$q = "UPDATE tutors SET active = NULL
WHERE (active='" . mysqli_real_escape_string($dbc, $_GET['z']) . "')
LIMIT 1";
This code is working for me. but I need to check both values in WHERE clause. Can anybody help me to build this query?
UPDATE :
$q = "UPDATE tutors t, contact c SET t.active = NULL
WHERE t.active = '" . mysqli_real_escape_string($dbc, $_GET['z']) . "'
AND c.email = '" . mysqli_real_escape_string($dbc, $_GET['y']) . "'
AND t.contact_id = c.contact_id
LIMIT 1";
Thank you.
At a guess: something like this would work if your tutors and contacts are linked via a contact_id in the tutors table.
<?php
$q = "UPDATE tutors T, contacts C SET T.active = NULL
WHERE T.active = '" . mysqli_real_escape_string($dbc, $_GET['z']) . "'
AND C.email = '" . mysqli_real_escape_string($dbc, $_GET['a']) . "'
AND T.contact_id = C.contact_id"
but... I would need more information about your database schema to make this a more precise answer.