This question already has answers here:
Can I bind an array to an IN() condition in a PDO query?
(23 answers)
Closed 9 years ago.
I want to get all the list of registered players from an array
here is my function
function UpdateContact()
{
try {
$conn = $this->GetDBConnection();
$linkedInId = trim($_REQUEST['linkedInId']);
$statement = $conn->prepare('UPDATE users SET linkedInId = :linkedInId WHERE linkedInId = :linkedInId');
$statement->bindParam(':linkedInId', $linkedInId, PDO::PARAM_STR);
$statement->execute();
//$updatedTime = time() - 120;
$ids = implode(",",$_POST['ids']);
// $ids = (abc,def,geh,ijk,lac);
$statement = $conn->prepare('SELECT * FROM users WHERE linkedInId IN (:ids)');
$statement->execute($ids);
$conn = null;
if (!($row = $statement->fetchAll(PDO::FETCH_ASSOC)))
return false;
else
return $row;
} catch(PDOException $e) {
throw $e;
}
}
Just return false
Maybe because i am not able to bind the array with PDO Statement?
How can I fix this solution, i might want to add more binding parameters too later on, so i don't want to do execute($ids) either.
I have tried bindParam(':ids',$ids) too but of no avail
$items = array();
//$statement->bindParam(':updatedTime', $updatedTime, PDO::PARAM_STR);
foreach ($id as $ids)
{
$statement = $conn->prepare('SELECT * FROM users WHERE id = :id');
$statement->bindParam(':id', $id, PDO::PARAM_STR);
$statement->execute();
if(($row = $statement->fetch(PDO::FETCH_OBJ)))
$items[] = $id;
}
I think it would make more sense to parse the array/list and perform the select for each id in the array/list.
Pseudo code:
init resultArray;
For x in List
select * from database where ids =: x
if result
add result to resultArray
return resultArray
But that's just the basic way of doing it, I'm not sure if you can do it more advanced.
Related
I have an SQL table for a gallery, it has rows for id, userid, imagename.
I'm trying to write a function that calculates how many images a certain user has added, I'm new to PDO and SQL. This is what I have for my function;
// Photo Count
public function photoCount($id){
$this->db->query('SELECT * FROM gallery WHERE id = :id');
// Bind value
$this->db->bind(':id', $id);
$row = $this->db->single();
// Check row
$count = $this->db->rowCount();
return $count;
}
Do I need the line $row = $this->db->single(); or can I just return the rowCount at the moment all is being returned is 0's which is incorrect.
Any help appreciated.
Use SQL count function. If $this->db is a PDO object then...
public function photoCount($id){
$statement = $this->db->prepare('SELECT count(*) as c FROM gallery WHERE id = :id');
$statement->bindParam(":id", $id);
$statement->execute();
$result = $statement->fetch(PDO::FETCH_OBJ);
return $result->c;
}
This question already has answers here:
Can I parameterize the table name in a prepared statement? [duplicate]
(2 answers)
Closed 5 years ago.
I try to prepare statement to sql (mysqli) in php, but there is an error code as written above. This is the code I wrote:
if (!$this->isUserExist($username, $token)) {return false;}
$tables = array();
$tables[0] = "faculty";
$tables[1] = "department";
$tables[2] = "teacher";
$tables[3] = "announcement";
$ttable = $tables[$table];
var_dump($ttable); // faculty
var_dump($id); // 6
echo "DELETE FROM ".$ttable." WHERE ".$ttable.".id = ".$id.""; //returns DELETE FROM faculty WHERE faculty.id = 6
$stmt = $this->con->prepare("DELETE FROM ? WHERE ?.id = ?"); //Fatal error occurs here
$stmt->bind_param("sss",$ttable,$ttable,$id);
//$stmt->execute();
if ($stmt->num_rows> 0) {
return "true";
} else {
return "false";
}
However if i insert exact statement without any placeholders that is shown in echo my i get no errors, and MySQL database successfully deletes row.
$stmt = $this->con->prepare("DELETE FROM faculty WHERE faculty.id = 6"); //no errors occur, executing this statement does affect row in MySQL database
The system doesn't allow to 'prepare' table names, You should do it this way
$stmt = $this->con->prepare("DELETE FROM ".$ttable." WHERE ".$ttable.".id = ?"); //Fatal error occurs here
$stmt->bind_param("s",$id);
please read this http://us3.php.net/manual/en/book.pdo.php#69304
Table and Column names cannot be replaced by parameters in PDO.
Do something like this:
$query = "DELETE FROM ".$ttable." WHERE ".$ttable.".id = ?";
$stmt = $this->con->prepare($query);
$stmt->bind_param("s",$id);
This question already has answers here:
How to check if a row exist in the database using PDO?
(3 answers)
Closed 5 years ago.
I'm learning PHP PDO and I need some help with codes. I have 2 Questions today.
First Question:
How can I check if row exist in table with Network_Code and Niche, if there is column with same ID to proceed, but with same ID and Niche to die message.
$network_code = $_GET[ 'ID' ];
$Niche = $_GET[ 'Niche' ];
$sql = "INSERT INTO `affiliates` (ID, Niche, Language, lockerURL, Network_Code, Google_ID) VALUES (NULL, '$Niche', '$Language', '$domain', '$network_code ', '$Google_ID')";
$query = $pdo->prepare( $sql );
$query->execute();
Second Question:
Is there any other way that I can use: $system_default[ 0 ]->column because I think that is wrong way, so I need something like this: $system_default->column
class default_system {
function __construct( $pdo ) {
$this->pdo = $pdo;
}
function getData() {
$ID = $_GET[ 'id' ];
$Niche = "clash-clans";
$query = $this->pdo->prepare( "SELECT * FROM `affiliates` WHERE `Network_Code` = '$ID' AND `Niche` = '$Niche'" );
$query->execute();
return $query->fetchAll( PDO::FETCH_OBJ ); // Return an Array of objects
}
}
$db_system = new default_system( $pdo );
$system_default = $db_system->getData();
echo $system_default[ 0 ]->lockerURL;
Below example for First Question, you can try to solve your problem certain ways below is example of it. you can read more about pdo from here
$query=$dbh->prepare("SELECT secret FROM users WHERE username=:param");
$query->bindParam(':param', $param);
$query->execute();
$result = $query -> fetch();
print_r($result);
For second issue
echo $system_default['lockerURL'];
and remove echo $system_default[ 0 ]->lockerURL; line
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 6 years ago.
I've been stuck on this for about 3 days now and asked multiple people about this and no one seems to have an answer to me why this is not working. I cannot figure out why they aren't binding because the bindings work on the select statement but not the update. I know for a fact that $sessCheck['userid'] and $sessCheck['hwid'] are being set because I already printed them out to check if they were null or something.
The request inbound from slim
{"userid": "1000","hwid":"TESTING"}
The function
function updateHWID(){
$request = Slim::getInstance()->request();
//$bsreq = utf8_encode();
$sessCheck = json_decode($request->getBody(), true, 9 );
$db = getConnection();
$sql = "SELECT userid,hwID FROM accounts WHERE userid = :userid";
$stuff = $db->prepare($sql);
$stuff->bindParam("userid", $sessCheck['userid']);
$stuff->execute();
$db = null;
$rows = $stuff->fetch(PDO::FETCH_ASSOC);
if ($rows['hwID'] != $sessCheck['hwid']) {
$sql2 = "UPDATE accounts SET hwID=':hwid' WHERE userID = ':userid';";
try {
$db2 = getConnection();
$stmt = $db2->prepare($sql2);
//these two param's are not binding
$stmt->bindParam("userid", $sessCheck['userid']);
$stmt->bindParam("hwid", $sessCheck['hwid']);
$stmt->execute();
//$rt = $stmt->fetch(PDO::FETCH_ASSOC);
//$stmt->debugDumpParams();
} catch(PDOException $e) {
echo '{"error":{"text":'. $e->getMessage() .'}}';
}
}
}
This is the result incoming on the sql log
1372 Query UPDATE accounts SET hwID=':hwid' WHERE userID = ':userid'
I've also tried this as well as using the which also didn't work
$stmt->bindParam(":userid", $sessCheck['userid']);
$stmt->bindParam(":hwid", $sessCheck['hwid']);
Then I tried this too and it didn't work
$stmt = $db2->prepare("UPDATE accounts SET hwID='?' WHERE userID = '?';");
$stmt->bindParam(1, $sessCheck['hwid'], PDO::PARAM_STR);
$stmt->bindParam(2, $sessCheck['userid'], PDO::PARAM_INT);
Take the binded parameter names out of their single quotes.
so:
$sql2 = "UPDATE accounts SET hwID=:hwid WHERE userID = :userid;";
I am trying to find out which ids in an array are already registered or updated in the database. hOW can i customize my query to add array of ids $ids and make query to check for all the ids in the array if
1- They are Registered And their visibility is 1 and their update_time > :update_time
Here is the code
function GetOnlineContacts()
{
try {
$conn = $this->GetDBConnection();
$update_time = time() - 120;
$ids = array($_POST['ids']);
$statement = $conn->prepare('SELECT linkedInId FROM users WHERE update_time > :update_time AND visibility = 1');
$statement->bindParam(':update_time', $update_time, PDO::PARAM_STR);
$statement->execute();
$conn = null;
} catch(PDOException $e) {
throw $e;
}
}
Assuming your id field was named id, then try this
$ids = implode(",",$_POST['ids']);
$statement = $conn->prepare('SELECT linkedInId FROM users WHERE update_time > :update_time AND visibility = 1 AND id IN(:ids)');
$statement->bindParam(':update_time', $update_time, PDO::PARAM_STR);
$statement->bindParam(':ids', $ids, PDO::PARAM_STR);
Note, for this to work you will have to have those ids coming from your html form with name ids[]