Maybe ive been sat infront of the computer for too long but I cant seem to solve the following issue.
I am trying to select from a database based on a users id. I have hard coded it in and it works e.g.
$q = 'SELECT * FROM users WHERE id = 1 LIMIT 1';
but when I use $_GET['id'] i get an error
$q = 'SELECT * FROM users WHERE id = $_GET[id] LIMIT 1';
//mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given...
when I get this error the address bar shows
update.php?id=1
and when I simply echo $_GET['id'] that works. So why doesn't $_GET['id'] work in my query? Ive also tried setting it as a variable prior to inputting it straight into the query but that has also failed.
I would try $q = 'SELECT * FROM users WHERE id = '.$_GET[id].' LIMIT 1';
try
$q = 'SELECT * FROM users WHERE id = '.$_GET[id].' LIMIT 1';
Related
So I've been stuck on this for a while and I can't find anything on google for this specific thing.
I have this small snippet of code
$link = mysqli_connect("localhost", 'username','password',"database");
$sql = "SELECT * FROM `uploads` ORDER BY id DESC LIMIT 0, 1";
Which should select the latest table by order of id's right?
Well what I want to do is return this id. So if I have 5 items/rows I want to grab the latest (5 in this case) id of the table, and return it. With the eventual goal of using this returned id in javascript but that's a worry for later, right now I just want it in plaintext where the result should only be the id.
This is probably a duplicate question but I can't for the life of me find what I should google to get there
EDIT:
I guess I should clarify further. I know I'm able to do
$sql = "SELECT ID FROM `uploads` ORDER BY id DESC LIMIT 0, 1";
but whenever I try to actually retrieve it/print it its returned as a string instead of the ID.
EDIT 2: I, thanks to some comments, have managed to figure it out. Sorry for the badly worded everything, I'm new to this and as I said don't know how to word it.
SOLUTION:
After just throwing away the $sql thing I added:
$result = mysqli_query($link,"SELECT * FROM `uploads`");
Then I simply did
echo mysqli_num_rows($result);
To echo out the number of rows/what I called the "ID".
Sorry for all the confusion, thanks to those that tried to help. To the others there's no need to be rude.
If I understood your question correctly, you want to get the ID field only, so you have two options:
Option 1 (Recommended)
Given your code
$sql = "SELECT * FROM `uploads` ORDER BY id DESC LIMIT 0, 1";
Change it to:
$sql = "SELECT ID FROM `uploads` ORDER BY id DESC LIMIT 0, 1";
This way, your getting just that ID field you're after. Nothing else is returned from each row.
Option 2
Keep your sql query as it is, and get the ID field from each row in your results (it's an array, so you can retrieve only one field by using its index or name).
Of course, I assume there's an ID field in your table!
Just select the ID.
SELECT id
FROM uploads
ORDER BY id DESC
LIMIT 1;
Simply select what you want.
$sql = "SELECT id FROM `uploads` ORDER BY id DESC LIMIT 0, 1";
The * means you want to select every column there is. However, SQL gives you the possibility to select the specific columns you want. You could also do something like
$sql = "SELECT id, name, title, somethingelse FROM `uploads` ORDER BY id DESC LIMIT 0, 1";
and you'd receive these 4 fields as an array.
I modified the following query and am now getting this error.
Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result,
boolean given
I have read into what this error means and I know it is my query that is wrong. This worked perfectly before I changed the query. It was this before...
$query = mysqli_query($con, "SELECT * FROM users WHERE `group` = 3");
I changed it to...
$query = mysqli_query($con, "SELECT * FROM users WHERE `group` = 3, 4 ,5");
$array = array();
while ($row = mysqli_fetch_assoc($query)) {
What am I doing wrong in the new query?
your query has a mistake.
Try this:
$query = mysqli_query($con, "SELECT * FROM users WHERE `group` in (3, 4 ,5)");
The in serves the same function as an OR
Your query is indeed wrong, you cannot check a value like that.
If you want to check against multiple values, you can make use of the IN keyword.
"SELECT * FROM users WHERE `group` IN (3, 4 ,5)"
If you want to check of either one of the choice use IN instead:
$query = mysqli_query($con, "SELECT * FROM users WHERE `group` IN (3, 4 ,5)");
For comma separated value use IN
SELECT * FROM users WHERE `group` IN(3,4,5);
you may try this following also,may be you will get your result.
SELECT * FROM users WHERE group = 3 or group = 4 or group = 5;
Thanks.
I am having some difficulty running some SQL code.
What I am trying to do is, find a row that contains the correct username, and then get a value from that correct row.
This is my SQL in the php:
mysql_query("SELECT * FROM users WHERE joined='$username' GET name")
As you can see, it looks for a username in users and then once found, it must GET a value from the correct row.
How do I do that?
You need some additional PHP code (a call to mysql_fetch_array) to process the result resource returned by MySQL.
$result = mysql_query("SELECT name FROM users WHERE joined='$username'");
$row = mysql_fetch_array($result);
echo $row['name'];
mysql_query("SELECT `name` FROM users WHERE joined='$username' ")
Just select the right column in your 'select clause' like above.
Edit: If you are just starting out though, you might want to follow a tutorial like this one which should take you through a nice step by step (and more importantly up to date functions) that will get you started.
mysql_query("SELECT name FROM users WHERE joined='$username'")
$q = mysql_query("SELECT * FROM users WHERE joined='$username'");
$r = mysql_fetch_array($q);
$name = $r['user_name']; // replace user_name with the column name of your table
mysql_query("SELECT name FROM users WHERE joined='$username' ")
Read documentation : http://dev.mysql.com/doc/refman/5.0/en/select.html
Alright, so basically the most simple query ever... I've done this a million times...
SELECT *
FROM purchased_items
WHERE uid = '$uid'
if $uid == 123 It works fine and returns all data in rows where uid is 123
if $uid == 351565051447743 It returns empty...
I'm positive 351565051447743 is a possible uid in some rows, i literally copied and pasted it into the table.
$uid is a string, and is being passed as a string.
This is something i've done a million times, and i've never had this simple query not work.
Any ideas why this is not working?
You're probably getting an E{some_power} representation as a string from the double.
What I mean is
$query1 = "SELECT * FROM purchased_items WHERE uid = '$uid'";
Produces:
SELECT * FROM purchased_items WHERE uid = '3.5156505144774E+14'
One way to fix it is:
$query = sprintf("SELECT * FROM purchased_items WHERE uid = '%d'", $uid);
Not sure if sql supports E format so this may or may not be the issue.
http://viper-7.com/v6MhVe
dit: Quick workaround
$format = (is_numeric($uid)) ? '%d' : '%s';
$query2 = sprintf("SELECT * FROM purchased_items WHERE uid = '{$format}'", $uid);;
What is the datatype of uid on your table? How about casting uid to another datatype?
SELECT *
FROM purchased_items
WHERE CAST(uid AS VARCHAR(25)) = '$uid'
Alright, so if you use AMFPHP apparently when you use the browser for testing it doesn't matter if you 'cast' the value as a string in the query. You need to pass it with quotes in the string in the browser interface.
If you don't want to get a full summary of what I'm trying to do skip to (Problem starts here)
I'm setting up my new site and came across a problem.
What I'm basically trying to do is to assign ads to specific countries. So for example if your from the UK you would be shown ads that we have in our UK inventory.
So I gathered some data from Google on how to detect a user's country based on their IP.
I've made a function which does this perfectly.
$ip_address= $_SERVER['REMOTE_ADDR'];
function ip_location($ip){
$parts = explode('.', $ip);
$numeric_ip = $parts[3] + (256 * $parts[2]) + (256 * 256 * $parts[1]) + (256 * 256 * 256 * $parts[0]);
$sql = "SELECT country FROM iptocountry WHERE lower_bound <= $numeric_ip AND upper_bound >= $numeric_ip LIMIT 1";
$result = mysql_query($sql);
$country = mysql_result($result, 0);
return $country;
}
$country = ip_location($ip_address);
echo $country; // Always echos the correct country
(Problem Starts here)
So this function works fine. After making this function I created a MYSQL query which uses the data from that function to select an ad to show a user.
Here is where the problem starts.
When I type this query:
$sql = "SELECT * FROM `nuevo__htmlad` WHERE `country` = 'united kingdom' AND `active` = 1 ORDER BY RAND() LIMIT 1";
using country = 'united kingdom' it works fine but when I put country = '$country'
Nothing works it never displays an ad.
Can anyone help me understand why this query doesn't work when I place the PHP variable inside it. This actually is the first time something this simple has troubled me so much.
Any help would be appreciated.
I avoid this by using a PDO driver for working with databases. This allows me to use parameters and makes it easy to reuse sql statements. Check out this article for more information.
All of the code in the answers provided here contains SQL Injection vulnerabilities. You MUST escape the user input.
http://en.wikipedia.org/wiki/SQL_injection
After asking a few questions in the comments, it turned out that the $country variable contained and additional empty space.
OP fixed it using substr_replace ($country , '' , -1). I would personaly choose trim():
$sql = "SELECT * FROM `nuevo__htmlad` WHERE `country` = '".trim($country)."' AND `active` = 1 ORDER BY RAND() LIMIT 1";
$sql= "SELECT * FROM nuevo__htmlad WHERE country='$country' AND active=1 ORDER BY RAND() LIMIT 1";
or this try this one also
$sql= "SELECT * FROM nuevo__htmlad WHERE country='$country' AND active=1 LIMIT 1 ORDER BY RAND()";
try this one:
I always use this style since country is a string
$sql= "SELECT * FROM nuevo__htmlad WHERE country='".$country."' AND active=1 ORDER BY RAND() LIMIT 1";