Hey guys i want to use two arrays in on mysql UPDATE query. So here is what i have:
For example:
$ergebnis:
Array ( [0] => 100 [1] => 200 [2] => 15 )
$Index:
Array ( [0] => 3 [1] => 8 [2] => 11 )
And this is what i tried:
UPDATE `lm_Artikel`
SET Bestand='".$ergebnis."'
WHERE `Index` = '".$Index."'
This query seems not to work. I don't know why i enabled php error reporting and there are no errors and when i run the query it doesn't change anything in my database. Can anyone see what i did wrong?
You need to do it for each element of your arrays, hence, you can use the foreach() function:
foreach($ergebnis as $key => $value){
$sql = "UPDATE lm_Artikel SET Bestand='".$value."' WHERE `Index` = '".$Index[$key]."'";
mysqli_query($sql);
}
P.S. There could well be a pure-sql alternative but I'm not too SQL-hot, so I'll leave it to someone who has more expertise.
Also, please note that it may be easier for you to set the index as the array keys:
$ergebnis = Array(3=>100, 8=>200, 11=>15);
And then the foreach() would look a little better:
foreach($ergebnis as $key => $value){
$sql = "UPDATE lm_Artikel SET Bestand='".$value."' WHERE `Index` = '".$key."'";
mysqli_query($sql);
}
Fellow,
it looks like that your database field is an int value so you can try doing it value by value, like this:
foreach( $Index as $key => $i ) :
$query = "UPDATE lm_Artikel SET Bestand=".$ergebnis[$key]." WHERE Index = " . $i;
mysqli_query($query);
endforeach;
Try it.
You are susceptible to SQL injections
You cannot use arrays in queries. A query is a string, arrays are not.
You either need to use a loop or use a CASE statement:
UPDATE `lm_Artikel`
SET `Bestandteil` = CASE `Index`
WHEN <insert id> THEN <insert value>
WHEN <insert other id> THEN <insert other value>
<etc>
END
$data_db = array( '3' => 100,
'8' => 200,
'11' => 15);
foreach($data_db as $key=>$value) {
$q = 'UPDATE lm_Artikel SET Bestand=' . $value . ' WHERE `Index` = ' . $key;
mysqli_query($sql);
}
Assuming these are value pairs, i.e. $ergebnis[0] is for $Index[0] and so forth.
foreach ($ergebnis as $key => $value) {
$sql = 'UPDATE lm_Artikel SET Bestand=' . (int)$value . ' WHERE `Index` = ' . (int)$Index[$key];
// execute query...
}
A few notes:
You are open to SQL Injection. I used (int) as a quick patch.
I would encourage you to look into Prepared Statements.
You should avoid naming your columns SQL keywords, e.g. Index.
Related
I have a list of serialized data that I unserialize and store into an array.
$employee_data = unserialize($entry, '63');
Which results in an expected output:
Array ( [0] =>
Array ( [First] => Joe
[Last] => Test
[Birth Date] => 01/01/2011
)
[1] =>
Array ( [First] => Mike
[Last] => Miller
[Birth Date] => 01/01/1980
)
)
Ive been trying, unsuccessfully, to insert these records into a table in MySQL using foreach() or something like:
$employee_array = array();
$k = 1;
for($n=0; $n<count($employee_data); $n++ ){
$employee_array['employee_first_name'.$k] = $employee_data[$n]['First'];
$employee_array['employee_last_name'.$k] = $employee_data[$n]['Last'];
$employee_array['employee_birthdate'.$k] = $employee_data[$n]['Birth Date'];
$SQL = "INSERT INTO employee_test (
employee_first_name,
employee_last_name,
employee_birthdate
)
VALUES (
'$employee_first_name.$k',
'$employee_last_name.$k',
'$employee_birthdate.$k'
)"
$k++;
};
Each employee in the array needs to be entered into a new row in the table, however the number of employees will vary from 1 to 10+
We've tried
foreach($employee_array as $key => $value)
with the same results.
The actual results we're hoping for is the SQL Statement to be:
insert into employee_test(
employee_first_name,
employee_last_name,
employee_birthdate)
VALUES(
'Joe',
'Test',
'01/01/2011');
insert into employee_test(
employee_first_name,
employee_last_name,
employee_birthdate)
VALUES(
'Mike',
'Miller',
'01/01/1980');
Keep in mind that your sql statement is not escaped. For example, a name with an apostrophe like "0'neil" will break your sql. I would also familiarise yourself with php's foreach: https://www.php.net/manual/en/control-structures.foreach.php.
I'm not sure exactly what you're trying to accomplish by adding the index to the name and sql value, but I would do something like this:
foreach($employee_data as $key => $value){
// $employee_array is not necessary
$employee_array[$key]['employee_first_name'] = $value['First'];
$employee_array[$key]['employee_last_name'] = $value['Last'];
$employee_array[$key]['employee_birthdate'] = $value['Birth Date'];
// Needs escaping
$SQL = "INSERT INTO employee_test (
employee_first_name,
employee_last_name,
employee_birthdate
)
VALUES (
'{$value['First']}',
'{$value['Last']}',
'{$value['Birth Date']}'
)";
echo $SQL;
};
The first implementation wont work as your calling a variable rather than the key in your array.
'$employee_first_name.$k',
Should be
$employee_array['employee_first_name'.$k]
You are also creating the SQL statement every iteration of the for loop, so in this implementation only the last employee will save.
Also I don't see the reasoning in doing it that way anyway you may as well just use the employee_data array and the $k variable can also be made redundant.
$SQL = "";
for($n=0; $n<count($employee_data); $n++ ){
$SQL .= "INSERT INTO employee_test (
employee_first_name,
employee_last_name,
employee_birthdate
) VALUES (";
$SQL .= "'".$employee_data[$n]['First']."',";
$SQL .= "'".$employee_data[$n]['Last']."',";
$SQL .= "'".$employee_data[$n]['Birth Date']."'";
$SQL .= ");";
};
Ive not tested but it should give you an idea.
You will also have issues with the date formatted that way, Your database would likely require the date in yyyy/mm/dd format
Finally I would not recommend inserting values like this, look at the PDO library for placeholders.
I think I understand what you're trying to do here. You are using the = operator, effectively setting $SQL to a new value each time your loop iterates. If you adapt your code, you will be able to append to $SQL variable each time.
//I used this array for testing. Comment this out
$employee_data = array(
0 => array(
"first" => "test",
"last" => "tester",
"birth date" => "01/01/1970"
),
1 => array(
"first" => "bob",
"last" => "david",
"birth date" => "02/02/1972"
),
);
//Start SQL as a blank string
$SQL = "";
//Do your iteration
foreach( $employee_data as $key=>$value ){
$first = $value['first'];
$last = $value['last'];
$birthDate = $value['birth date'];
//append this query to the $SQL variable. Note I use `.=` instead of `=`
$SQL .= "INSERT INTO employee_test(
`employee_first_name`,
`employee_last_name`,
`employee_birthdate`)
VALUES(
'$first',
'$last',
'$birthDate'
);";
}
//output the query
echo $SQL;
There are much easier ways of doing this though. Look into prepared statements :)
I have a data array like:
$skill_set=$_POST['ckbox'];
When I print the skill set with print_r($skill_set); the results are:
Array ( [0] => core_UniversityEngScience [1] => core_CommercialPilot [2] => core_ATC [3] => core_5yrsExpinAerodromesOps [4] => core_5yrsExpinFltOps )
Now i want write a query like
Select * from tbl where core_UniversityEngScience='yes' AND core_CommercialPilot='yes' AND core_ATC='yes' AND core_5yrsExpinAerodromesOps='yes' AND core_5yrsExpinFltOps='no'
Hope you got my point what i want. Please help me.
Use the following kind of logic to capture the variables for your sql string:-
$core_UniversityEngScience = in_array("core_UniversityEngScience", $skill_set)?"yes":"no";
$xxx_checkbox = in_array("xxx_checkbox", $skill_set)?"yes":"no";
// similar way for other variables and then you can use them.
Follow the answer by nandal (which is a good "help" answer as a start) and set all the variables and the full query becomes:
$sql = "Select * from tbl where core_UniversityEngScience='$core_UniversityEngScience' AND core_CommercialPilot='$core_CommercialPilot' AND core_ATC='$core_ATC' AND core_5yrsExpinAerodromesOps='$core_5yrsExpinAerodromesOps' AND core_5yrsExpinFltOps='$core_5yrsExpinFltOps'";
<?php
//Just copy & paste below code & enjoyed
//suppose that your skill_test array is look like below
$skill_test = array (0 => 'core_UniversityEngScience', 1 => 'core_CommercialPilot' ,2 => 'core_ATC' ,3=> 'core_5yrsExpinAerodromesOps' , 4 => 'core_5yrsExpinFltOps' );
$var = 'yes';
$condtion = [];
foreach($skill_test as $row){
if($row == 'core_5yrsExpinFltOps'){
$var = 'no';
}
$condtion[]= " `$row` = '$var'";
}
if(!empty($condtion)){
$condtion = implode(' AND ', $condtion);
$sql = "Select * from tbl where $condtion";
die($sql);
}
?>
I'm trying to convert an array (key/value) to be an SQL statement.
I'm using MYSQLi like such:
if(!$result = $mysqli->query($sql)){throw new Exception("SQL Failed ".__file__." on line ".__line__.":\n".$sql);}
I have an array like such:
Array
(
[database] => Array
(
[cms_network] => Array
(
[network_id] => 61
[network_name] =>
[network_server_mac_address] => 00:1b:eb:21:38:f4
[network_description] => network
[network_thermostat_reporting_rate] => 5
[network_server_reporting_rate] => 5
[network_data_poll_rate] => 5
[network_created_by] => 38
[network_modified_by] => 1
[network_network_id] => 8012
[network_language] => en
[network_hotel_id] => 68
[network_channel] => 0
[network_deleted] => 0
[network_reported_network_id] => 8012
[network_rooms] => 4
)
)
)
How can I convert [cms_network] to look like this:
$sql = "UPDATE cms_network set network_id='61', network_name='',
network_server_mac_address = '00:1b:eb:21:38:f4', .... WHERE network_id='61'"
I'm more interested in knowing how to concatenate the key=>value pair of the array to be key='value' in my select statement.
Thanks for the help!
If you use the VALUES syntax, you could do it in one fell swoop.
mysql_query("
UPDATE MyTable
( . implode(',', array_keys($array['database']['cms_network'])) . ")
VALUES ('" . implode("','", $array['database']['cms_network']) . "')
");
This, of course, assumes that the data is already escaped.
EDIT: Tidier version that's easier to read and maintain:
$fields = implode(',', array_keys($array['database']['cms_network']));
$values = implode("','", $array['database']['cms_network']);
mysql_query("UPDATE MyTable ($fields) VALUES ('$values')");
I suggest you populate an array with formatted key/value pairs, then implode them at the end. This is an easy way to add the required , between each key/value:
$fields = array();
foreach($array['database']['cms_network'] as $key => $value) {
// add formatted key/value pair to fields array
// e.g. format: network_id = '26'
$fields[] = $key . " = '" . $value . "'";
}
$fields = implode(', ', $fields);
// build your query
$query = "UPDATE cms_network SET " . $fields . " WHERE network_id = " . $array['database']['cms_network']['network_id'] . " LIMIT 1";
// process it...
This will (SQL wise) be inserting every value as a string, which is obviously incorrect with integer columns etc. It should still work anyway, but if not you'll need to put in a conditional statement for whether to wrap the value in quotes or not, like this:
foreach(...) {
if(is_numeric($value))
$fields[] = $key . ' = ' . $value;
else
$fields[] = $key . " = '$value'";
}
Although this should probably relate to your database column type rather than the PHP variable type. Up to you, they should work fine with quotes around integers.
This should work.
$update_query = "UPDATE `cms_network` SET ";
$count = 0;
foreach($array['database']['cms_network'] as $key => $value) {
if ($count != 0) {
$update_query = $update_query.",".$key."=".$value;
} else {
$update_query = $update_query.$key."=".$value;
}
$count++;
}
$update_query = $update_query." WHERE ".cms_network."=".$array['database']['cms_network'];
mysql_query($update_query);
I made a post array when i print it,I am getting following output.
Array
(
[name] => gowtham
[content] => Nice Website
)
where Key of array is a column name in my database and value is value in database.
i want to update my database using these values,but these values in post array changes basing on html form.
i made a string using implode.
$query ="UPDATE ".$_SESSION['table']." SET ".implode(' = ',$array);
but my output is
UPDATE testimonials SET gowtham = Nice Website
i want output as
UPDATE testimonials SET name = gowtham , content = Nice Website
Please help me
This approach is very insecure. I would recommend using a db class that handles this stuff for you....I use the following : http://www.imavex.com/php-pdo-wrapper-class/
try this way
$cols=array_keys($yourarray);
$cols=array_values($yourarray);
$colnames = "`".implode("`, `", $cols)."`";
$colvals = "`".implode("', '", $vals)."`";
$query="update tablename set ($colnames) values ($colvals)";
Something like this
$update = '';
$i = 0;
foreach ( $_POST as $key => $value ) {
$update = $key . ' = "' . $value . '"' . ( $i == count( $_POST ) ? ', ' : '' );
$i++;
}
$query ='UPDATE ' . $_SESSION['table'] . ' SET ' . $update;
Worth noting you may need to unset the submit button before you run the loop and if you need to update by an id you need to skip that in the loop and for the where clause separately, in a if statement would probably be easiest.
Also worth mentioning your should try and use PDO's or mysqli because the mysql_* functions in PHP are depreciated as of version 5.5.
PS - I know I didnt sanitise any of the data but you should!
I have a array like this
$outputs:
269 => string ' SUN: 2.495' (length=13)
510 => string ' SUN: 1.416' (length=13)
Another Array like this
$filenames:
0 => string 'Hi35
' (length=5)
1 => string 'He_41
' (length=6)
And to update the respective values i tried writing a code like
foreach($outputs as $key => $value){
$sql = "UPDATE Store SET D='".$value."' WHERE `Index` = '".$filenames[$key]."'";
mysql_query($sql);
}
But then there is no $filenames[$key] value, because the key value for $outputs starts with 269. This is only one case, the key value could be anything.
I also tried the other way around. i.e.
I combined both the array first
$arr3 = array_combine($outputs, $filenames);
And then tried to Put the combined array in SQL query like
foreach($arr3 as $key => $value){
$sql = "UPDATE Store SET D='".$key."' WHERE `Index` = '".$value."'";
mysql_query($sql);
}
BUT this dint work.. A help from your side will really be appreciated...
You can do something like this
$outputs = array(
'269' => 'SUN: 2.495',
'510' => 'SUN: 1.416'
);
$filenames = array(
'0' => 'Hi35',
'1' => 'He_41'
);
$array_complete = array_combine($filenames, $outputs);
foreach($array_complete as $key => $val)
{
echo "UPDATE Store SET D='".$val."' WHERE `Index` = '".$key."'" . '<br>';
}
This will output
UPDATE Store SET D='SUN: 2.495' WHERE `Index` = 'Hi35'
UPDATE Store SET D='SUN: 1.416' WHERE `Index` = 'He_41'
Then I would like to remember you that mysql_ functions are deprecated so i would advise you to switch to mysqli or PDO
Your code doesn't look good at all mate, but here is a hack for that:
$num_outputs = count($outputs);
$index = 0;
foreach($outputs as $key => $value) {
$sql = "UPDATE Store SET D='".$value."' WHERE `Index` = '".$index."'";
mysqli_query($sql);
$index++;
}