Getting record for first row, but want to get all record(s) available in table for a Particular MemberID
order_fetch.php
<?php
$objConnect = mysql_connect("localhost","root","");
$objDB = mysql_select_db("android");
$strMemberID = $_POST["sMemberID"];
$strSQL = "SELECT * FROM order_details WHERE MemberID = '".$strMemberID."' ";
$objQuery = mysql_query($strSQL);
$obResult = mysql_fetch_array($objQuery);
if($obResult)
{
$arr["OrderID"] = $obResult["OrderID"];
$arr["MemberID"] = $obResult["MemberID"];
$arr["TotalAmount"] = $obResult["TotalAmount"];
$arr["ItemDetails"] = $obResult["ItemDetails"];
}
mysql_close($objConnect);
echo json_encode($arr);
?>
This does not look like a great example of a question that will help the community here. Looks to me you'll have to debug your code to see what's going on.
Do so and while at it give us the content (and type) of the resultServer object and the Data object. Is that Data object even holding a collection?
You can't expect us to implement this or fix this without at least knowing the implementation of these objects? Not to mention the actual json you get from your server implementation.
Related
I am helping in some PHP design for a friends text game and have come to a stump.
I have scheduled a cron job to call the following page / following code, which is working correctly
<?php require("connect.php"); ?>
<?php
$sql = "SELECT id, name, health FROM users";
$query = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_object($query);
while($row = mysql_fetch_object($query)) {
$id = htmlspecialchars($row->id);
$name = htmlspecialchars($row->name);
$health = htmlspecialchars($row->health);
$sql = "SELECT * FROM property WHERE living='1' AND ownerid='$id'";
$query = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_object($query);
while($row = mysql_fetch_object($query)) {
$OwnerName = htmlspecialchars($row->ownername);
$OwnerID = htmlspecialchars($row->ownerid);
$RaidPropBonus = htmlspecialchars($row->raidperc);
$RaidPropMoney = htmlspecialchars($row->raidcash);
$PropertyLvl = htmlspecialchars($row->proplvl);
$Living = htmlspecialchars($row->living);
if($PropertyLvl == '5' && $Living == '1'){
if($health < '100'){
$result = mysql_query("UPDATE users SET health=$health + '1' WHERE id='$id'")
or die(mysql_error());
} else { }
} else { }
}
}
?>
Although this only works for ONE user only. I cannot understand why this is. Any other logged in / out accounts that have met the criteria have been ignored. I can maybe only think I am missing a loop? As the ID that is being met first is number 1 and it has stopped there?
Anybody advice at all maybe?
UPDATE - It seems correct I need to get a loop in there, but am so far failing to get this loop working correct. No matter where I seem to amend / add a loop it does not help. Please may somebody suggest anything?
UPDATE2 - As requested, updated with the new version of loop
For what I've understood, the loops should be made on the mysql_fetch_object that will get the each row from the query.
Take a look at the snippet
<?php
require("connect.php");
// here prepare the $userQuery (the one that fetches all users)
// then the first loop that will read each usew row
// AFAICT this should afect all script
while($userRow = mysql_fetch_object($userQuery))
{
// prepare data fetched from the $userQuery
// prepare the $propertyQuery (the one that fetches all properties of the user)
// then the second loop to read all user property rows
// and this will afect the updates
while($propertyRow = mysql_fetch_object($propertyQuery))
{
// prepare data fetched from $propertyQuery
// add logic here
}
}
?>
Also #Matthew Carpenter had a valid point, that mysql_* is deprecated, you should consider in using mysqli_*, or in my opinion take a look at PDO
I am new to PHP. I wanted to create a new record in another table but just one new variable gets returned. I've tried following:
$user_id = mysql_real_escape_string($_POST['user_id']);
$user_name = mysql_query("SELECT user_name FROM accept WHERE user_id=".$user_id." ");
$row1 = mysql_fetch_array($user_name);
$server = mysql_query("SELECT server FROM accept WHERE user_id=".$user_id." ");
$row2 = mysql_fetch_array($server);
$url = mysql_query("SELECT link FROM accept WHERE user_id=".$user_id."");
$row3 = mysql_fetch_array($url);
$lpoints = mysql_real_escape_string($_POST['lpoints']);
And my result is this.
First of all, combine your queries into one:
$user_id = mysql_real_escape_string($_POST['user_id']);
$user_info = mysql_query("SELECT user_name, server, link FROM accept WHERE user_id=".$user_id." ");
$row = mysql_fetch_array($user_info);
$lpoints = mysql_real_escape_string($_POST['lpoints']);
In order to create a new record, you will need INSERT INTO, to change existing records use UPDATE.
When you're fetching info from the database, it will be an array so you will need to use it accordingly. So essentially, to use the variables it will be like this:
$row['user_name'] or $row['server'] etc..
Also, look into using mysqli instead. You will need to change your connection script and some other syntax but it needs to be done. mysql is deprecated, insecure, and future support is not there so you will need to change it later anyway.
You should use pdo or mysqli and here is your code;
$user_id = &$_POST["user_id"];
if($user_id){
$result = mysql_query("select user_name,server,link,lpoints from accept where user_id='".mysql_real_escape_string($user_id)."'");
/*You should use single quotes for escaping sql injection*/
if($result){
$vars = mysql_fetch_array($result);
if($vars){
list($username,$server,$link,$lpoints) = $vars;
}
else{
//do something with errors
}
mysql_free_result($result);
}
else{
//do something with errors
}
}
else{
//do something with errors
}
Try This-
$user_id = mysql_real_escape_string($_POST['user_id']);
$result = mysql_query("SELECT user_name, server, link FROM accept WHERE user_id=".$user_id." ");
$row=mysql_fetch_array($result)
$row1=$row['user_name'];
$row2=$row['server'];
$row3=$row['link'];
$lpoints = mysql_real_escape_string($_POST['lpoints']);
Now you got what you wanted based on your requirement use the data to insert or update.
To get an array like this array("123","456","789"); I use the code:
$Regids = mysql_query("SELECT regid FROM $tabel WHERE active = '1'");
while($row = mysql_fetch_array($Regids))
{
$result_array[] = "\"".$row['regid']."\"";
}
$regIDs = implode(',', $result_array);
$registrationIDs = array($regIDs); // array("123","456","789");
but I would expect PHP/mySQL has a simpler/faster solution for this?
I doubt that your code produces the result you want.
// assuming the this query produces 123,456,789
$Regids = mysql_query("SELECT regid FROM $tabel WHERE active = '1'");
// $row contains: array("123")
while($row = mysql_fetch_array($Regids))
{
$result_array[] = "\"".$row['regid']."\"";
}
// $result_array now contains: array("\"123\"", "\"456\"", "\"798\"");
$regIDs = implode(',', $result_array);
// $regIDS now contains a single string: "\"123\",\"456\",\"798\"";
$registrationIDs = array($regIDs);
// registrationIDs now is an array containing a single string: array("\"123\",\"456\",\"798\"");
If you really need an array that looks like this: array("123","456","789"); it is much simpler.
$Regids = mysql_query("SELECT regid FROM $tabel WHERE active = '1'");
while($row = mysql_fetch_array($Regids))
$registrationIDs[] = $row['regid'];
and that's all.
If your mysql result contains the number as an integer instead of an string you can convert it like this:
$Regids = mysql_query("SELECT regid FROM $tabel WHERE active = '1'");
while($row = mysql_fetch_array($Regids))
$registrationIDs[] = strval($row['regid']);
Also, keep in mind that the mysql_* functions are becoming deprecated. Don't start new code with it and make plans to port your existing code to mysqli_* or PDO.
You can use PDO implementation. At first sight, it may be more difficult to understand, but once you get used to it, it reveals to be really powerful and handy (IMHO! One year ago i switched to it and i love it)!
For your example, the PDO implementation would be like this:
/*CONNECT TO DB, FIRST. $dbh contains a handler to the current DB connection*/
$stmt = $dbh->prepare("SELECT regid FROM table WHERE active = '1'");
$stmt->execute();
$Regids = $stmt->fetchAll(PDO::FETCH_COLUMN,0);
There are many formatting options you can specify, like
PDO::FETCH_COLUMN
PDO::FETCH_ASSOC
and more...These options will allow you to get the array formatted as you prefer. As you can see i got the result in just 3 simple rows.
EDIT
Note: you are not escaping PHP variables before inserting them in your Query, and your code may suffer SQL INJECTION. Be careful!! Here is a simple guide to prevent it.
(In my code, just to be clear, i avoided the problem by just putting the table name instead of $table, just to show simply how to get the result you wanted.)
try this .. use Group concat in query ...
$Regids = mysql_fetch_array(mysql_query("SELECT GROUP_CONCAT(regid) as regids FROM $tabel WHERE active = '1'"));
echo $Regids[0]['regids']; // 123,456,789
for getting result "123","456","789" try this
$Regids = mysql_fetch_array(mysql_query("SELECT GROUP_CONCAT('\"',CONCAT(regid),'\"') as regids FROM $tabel WHERE active = '1'"));
echo $Regids[0]['regids']; // "123","456","789"
I have been learning PHP/MySQL for some time, have not learned that much, as I am focusing on iPhone Development as well as tackling my full time job as well.
I am building a mesaging client, using JSON to pull new messages and a chat windows.... The part I am having ap roblem with is getting information from my database. I am loking in this request to get all messages betwen to people (IE: FromUser and ToUser) and then display them in JSON, however I cannot display it in JSON properly for some reason.
Here is my example
<?php
$enduser = $_GET['usernameto'];
$enduser1 = $_GET['usernamefrom'];
$db = mydatabase;
$con = mysql_connect("localhost","admin","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db($db, $con);
$arr = array();
//Execute the query
$rs = mysql_query("SELECT * FROM messages WHERE touser = '$enduser' AND fromuser = '$enduser1'");
$rs1 = mysql_query("SELECT * FROM messages WHERE touser = '$enduser1' AND fromuser = '$enduser'");
// Add the rows to the array
while($obj = mysql_fetch_object($rs)) {
$arr = $obj;
}
// Add the rows to the array
while($obj1 = mysql_fetch_object($rs1)) {
$arr1 = $obj1;
}
echo '{"users":'.json_encode($arr).' '.json_encode($arr1).'}';
// echo ''.json_encode($arr).'';
mysql_close($con);
?>
Now this does show all messages for example FromUser= user1 ToUser= user2 and shows also Fromuser= user2 and toUser = User1. in two seperate JSON lists, but I would like for them to be pulled on one simple JSON list, if that can be done, that would be amazing, I know it must lay in my query section...
I also know their is tons of vulnerabilities and issues with my code that are not "clean" however for the time been this doesn't need to follow those methods, until I go and learn how to follow SQLi and Real Escape strings/injections....
Thanks :-)
The comment about learning about SQL Injection is correct but you would be able to get the messages in one query:
SELECT * FROM messages WHERE (touser = '$enduser' AND fromuser = '$enduser1') OR (touser = '$enduser1' AND fromuser = '$enduser')
This should select what you are looking for.
Your question is very unfocussed, but I think you just need to either concatenate the two result arrays with
$combined = array_merge($arr, $arr1);
Or change your query so it pulls both sets of data at once. But as Marc B say, you really need to get into the habit of avoid SQL injection, it's easy.
I have been trying to rack my brains on this one for a while and the documentation on both MySQL and MySQLi is confusing me. Would it be possible to get any help?
I have a table called track_table and it contains two rows hash and track
hash | track
sdfsdfsdfsdfsdfsd | Azelia Banks - 1991
I want to display the track name but I don't know how to. I have tried 'mysqli_fetch_assoc' and various other functions but nothing. Here is the query I have so far.
$hash = $_GET['sub'];
$check_track = "SELECT track FROM track_table WHERE hash = '.$hash.' ";
$track_res = mysqli_query($mysqli, $check_track) or die (mysqli_error($mysqli));
$result = mysqli_fetch_assoc($track_res);
echo $result['track'];
I just want to be able to display the track name on a webpage.
I know I haven't implemented any security features and I'm taking data straight from the user, I shall do this later, once I have fixed this problem.
There's a problem with the string-literal . variable . string-literal part of your script.
if ( !isset($_GET['sub']) ) {
die('missing paraemter sub');
}
$check_track = "
SELECT
track
FROM
track_table
WHERE
hash = '".mysqli_real_escape_string($mysqli, $_GET['sub'])."'
";
$track_res = mysqli_query($mysqli, $check_track) or die (mysqli_error($mysqli));
$result = mysqli_fetch_assoc($track_res);
if ( !$result ) {
echo 'no such record';
}
else {
echo $result['track'];
}
try this one
$hash = mysql_real_escape_string($_GET['sub']);
$check_track = "SELECT track FROM track_table WHERE hash = '.$hash.' ";
$track_res = mysql_query($check_track) or die (mysql_error());
$result = mysql_fetch_assoc($track_res);
print_r($result);
be sure about the names of table, column or input type.
i hope it will help you.