So I need to check an array in my query:
$query = "SELECT * FROM post WHERE ".$select." LIKE '%".$search."%' AND ID NOT IN '" .$Lastvar."'";
$Lastvar is my array. I have no idea where to go from here an any help would be appreciated.
EDIT: Here's my full query:
$Lastvar = array();
mysql_select_db('submisions', $dbconn);
$query = "SELECT * FROM post WHERE ".$select." LIKE '%".$search."%' AND ID NOT IN (" . join(", ", $Lastvar) . ")";
$result = mysql_query($query);
$num_rows = mysql_num_rows($result);
if ($num_rows == 0) {
echo 'No results were found';
exit;
}
If the ID is of integer type:
$query = "SELECT * FROM post WHERE ".$select." LIKE '%".$search."%'
AND ID NOT IN (" . join(", ", $Lastvar) . ")";
Do it like this:
$query = "SELECT * FROM post WHERE ".$select." LIKE '%".$search."%' AND ID NOT IN ('" .join("', '", $Lastvar).")";
Related
I'm working on a search query and i hit a little bump... So as you see in the code below, i'm adding values to a array to execute it later in the script, but it's not really working... So when i var_dumped all of this, it returned like it is supposed to but the :q was not changed to the value which was entered in the link.
$query = "SELECT * FROM articles";
$columnsQuery = [];
$values = [];
if(isset($_GET['q']) && !empty($_GET['q']))
{
$columnsQuery[] = " WHERE MATCH (title) AGAINST (':q' IN NATURAL LANGUAGE MODE)";
$values[":q"] = $_GET['q'];
}
$fullQuery = $query . implode(" ", $columnsQuery)
. " ORDER BY id DESC"
. " LIMIT {$paginator->getLimitSQL()}";
$getArticles = $db->prepare($fullQuery)->execute($values);
$query = "SELECT * FROM articles";
$columnsQuery = [];
$values = [];
if(isset($_GET['q']) && !empty($_GET['q']))
{
$columnsQuery[] = " WHERE MATCH (title) AGAINST (':q' IN NATURAL LANGUAGE MODE)";
$values["q"] = $_GET['q']; // TRY WITHOUT COLON
}
$fullQuery = $query . implode(" ", $columnsQuery)
. " ORDER BY id DESC"
. " LIMIT {$paginator->getLimitSQL()}";
$getArticles = $db->prepare($fullQuery)->execute($values);
You should not use colon in the place of $values["q"] = $_GET['q'];
$query = "SELECT * FROM articles";
$columnsQuery = [];
$values = [];
if(isset($_GET['q']) && !empty($_GET['q']))
{
$columnsQuery[] = " WHERE MATCH (title) AGAINST (':q' IN NATURAL LANGUAGE MODE)";
$values["q"] = $_GET['q']; // TRY WITHOUT COLON
}
$fullQuery = $query . implode(" ", $columnsQuery)
. " ORDER BY id DESC"
. " LIMIT {$paginator->getLimitSQL()}";
$getArticles = $db->prepare($fullQuery)->execute($values);
$query = "SELECT * FROM articles";
$values = array();
if(!empty($_GET['q'])) {
$query .= " WHERE MATCH (title) AGAINST (q IN NATURAL LANGUAGE MODE)";
$db->bindParam(':q', $_GET['q']);
}
$fullQuery = $query . " ORDER BY id DESC" . " LIMIT {$paginator->getLimitSQL()}"
$getArticles = $db->prepare($fullQuery)->execute();
So after a while i figured it out, You're not supposed to use parameters while binding in the query, and like #Poiz pointed out i shouldnt use colons in the array either
Thx to everyone who tried helping :)
I would like to create a new query based on another.
Example:
$query = "SELECT * FROM `table2` WHERE `field2` > 0 AND (`field3` LIKE '%".$keyword%."%' OR `field4` LIKE '%".$keyword."%' ** insert new parameters from another query here ** ) AND `field5` <= 0\"';
I tried below and didn't work. Wonder if I am getting it right.
$keyword = $_POST['keyword'];
$query = "SELECT * FROM `table1` WHERE `field` LIKE '%$keyword%'";
if ($result = $con->query($query)) {
$new_query = '\"SELECT * FROM `table2` WHERE `field2` > 0 AND (`field3` LIKE \'%\".$keyword%.\"%\' OR `field4` LIKE \'%\".$keyword.\"%\'';
while ($row = mysqli_fetch_assoc($result)) {
$keyword2 = $row['something'];
$new_query .= " OR `field2` LIKE '%" . $keyword2 . "%' OR `field4 LIKE '%" . $keyword2 . "%'";
}
$new_query .= ') AND `field5` <= 0\"';
}
if ($result = $con->query($new_query)){
.........etc
}
Appreciate if someone can help!!
Try this
$new_query = "SELECT * FROM table2 WHERE field2 > 0 AND (field3 LIKE '%$keyword%' OR field4 LIKE '%$keyword%' ";
...
$new_query .= " OR `field2` LIKE '%$keyword2%' OR `field4 LIKE '%$keyword2%'";
...
$new_query .= ') AND `field5` <= 0';
var_dump($new_query); // have a look at the query you have created
This query is not returning any result as there seems to be an issue with the sql.
$sql = "select region_description from $DB_Table where region_id='".$region_id."' and region_status =(1)";
$res = mysql_query($sql,$con) or die(mysql_error());
$result = "( ";
$row = mysql_fetch_array($res);
$result .= "\"" . $row["region_description"] . "\"";
while($row = mysql_fetch_array($res))
{
echo "<br /> In!";
$result .= " , \"" . $row["region_description"] . "\"";
}
$result .= " )";
mysql_close($con);
if ($result)
{
return $result;
}
else
{
return 0;
}
region_id is passed as 1.
I do have a record in the DB that fits the query criteria but no rows are returned when executed. I beleive the issue is in this part ,
region_id='".$region_id."'
so on using the gettype function in my php it turns out that the datatype of region_id is string not int and thus the failure of the query to function as my datatype in my tableis int. what would be the way to get parameter passed to be considered as an int in php. url below
GetRegions.php?region_id=1
Thanks
Try it like this:
$sql = "SELECT region_description FROM $DB_Table WHERE region_id = $region_id AND region_status = 1"
The region_id column seems to be an integer type, don't compare it by using single quotes.
Try dropping the ; at the end of your query.
First of all - your code is very messy. You mix variables inside string with escaping string, integers should be passed without '. Try with:
$sql = 'SELECT region_description FROM ' . $DB_Table . ' WHERE region_id = ' . $region_id . ' AND region_status = 1';
Also ; should be removed.
try this
$sql = "select region_description from $DB_Table where region_id=$region_id AND region_status = 1";
When you are comparing the field of type integer, you should not use single quote
Good Luck
Update 1
Use this.. It will work
$sql = "select region_description from " .$DB_Table. " where region_id=" .$region_id. " AND region_status = 1";
You do not need the single quotes around the region id i.e.
$sql = "SELECT region_description FROM $DB_Table WHERE region_id = $region_id AND region_status = 1"
I have a simple query in PHP but I can't get Like to work.
Here is the code:
$var = $_GET['q'];
$trimmed = trim($var);
$query = "SELECT * FROM vm_regiony WHERE nazev LIKE "%$trimmed%" order by id LIMIT 10";
$result = mysql_query($query);
if(mysql_num_rows($result)==0){
echo "nothing";
echo "<br />";
echo $trimmed;
}else{
while($rene=mysql_fetch_array($result)){
$jmeno = $rene['nazev'];
echo '<a id="hled" onclick="javascript:vybrat()">'.$jmeno.'</a>';
For one you need to use single quotes there
$query = "SELECT * FROM vm_regiony WHERE nazev LIKE '%$trimmed%' order by id LIMIT 10";
$query = "SELECT * FROM vm_regiony
WHERE nazev LIKE '%' . $trimmed . '%'
ORDER BY id LIMIT 10";
I have a search engine type website. It takes the users input, stores the query as $q, explodes the query and searches the database. It then displays the results with the name and web address of each result.
For example, if i searched for "computer programming"... Stack Overflow, stackoverflow.com would be my result. However, it displays twice. (once for computer, and once for programming.)
I tried to solve this with the array_unique function, and it does not work.
any help would be appreciated.
// trim whitespace
$trimmed = trim($q);
// seperate key-phrases
$trimmed_array = explode(" ", $trimmed);
// remove duplicates
$clean_array = array_unique($trimmed_array);
//query dataabase
foreach ($clean_array as $trimm){
$query = mysql_query("SELECT * FROM forumlist WHERE `keys` LIKE '%" . mysql_real_escape_string($trimm) . "%' ORDER BY rating DESC, total_ratings DESC") or die(mysql_error());
Thank you!
//query dataabase
$query = 'SELECT * FROM forumlist ';
$where = array();
foreach ($clean_array as $trimm){
$where[] = " `keys` LIKE '%" . mysql_real_escape_string($trimm) . "%' ";
}
if(!empty($where)){
$query .= " WHERE ". implode(' OR ', $where);
}
$query .= " ORDER BY rating DESC, total_ratings DESC";
$result = mysql_query($query) or die(mysql_error());