I've two mysql tables, here is sql for them =>
I'm making dynamic menu with its sub menu . SO I've the situation that want to execute such a query
DELETE FROM artinfo WHERE descName=(SELECT for_sub_url FROM menu WHERE menu_id=" . $_POST['main_menu_titles'] . ")
where $_POST['main_menu_titles'] exists and is menu_id. I'm not writing php code too , because it works just fine and remarkable is that , this query executes when I am trying to execute it from mysql shell (of course using directly number of menu_id instead of $_POST['m_num'])
Any ideas whats going on, how to execute it from php script ? thanks :)
UPDATE
here is php script
if ($connection->query("DELETE FROM artinfo WHERE descName=(SELECT for_sub_url FROM menu WHERE menu_id=" . $_POST['main_menu_titles'] . ")") && $connection->query("DELETE FROM artinfo WHERE descName IS NULL AND cat_id=" . $_POST['main_menu_titles'] . "")){
$edit_res_fine = "DELETED";
}
If you say the query works just fine without $_POST, I would think the code in question is located in the form you submit to acquire $_POST['main_menu_titles']. To test the correct value is being sent, try echoing the value of $_POST['main_menu_titles'] right before the query.
Try this.
$query = "DELETE FROM artinfo WHERE descName = (SELECT for_sub_url FROM menu
WHERE menu_id = '" . $_POST['m_num'] . "')";
Related
I have a query which is not inserting if i use the where clause, without the where clause it inserts data. this is weird and I have never seen it happen before in WAMP
$key=substr(md5(rand(0, 1000000)), 0, 5);
$key1="INSERT INTO login(key_id) VALUES('$key')
WHERE (email_id = '" . mysql_real_escape_string($_POST['email_id']) . "')"
if(mysql_query($key1))
{
$message = 'User Added!.';
echo "<SCRIPT>
alert('$message');
location='forgotpassword.php';
</SCRIPT>";
}
If I echo $_POST['email_id'] it does return valid result
INSERT and WHERE do not mix.
when INSERTing, you are creating a new record.
WHERE is used with SELECTing DELETEing or UPDATEing, when you have to specify a filter which rows you want to SELECT, DELETE or UPDATE.
if you want to INSERT a row, do not use WHERE.
if you want to change a row, use
$key1="UPDATE login SET key_id = '$key' WHERE
(email_id = '" . mysql_real_escape_string($_POST['email_id']) . "')";
Insert is only used on creating new record and where clause is only used if want to set any condition it is used with like select,update,delete.
Try this it will help:-
$key1="update login set key_id ='$key' WHERE
(email_id = '" . mysql_real_escape_string($_POST['email_id']) . "')";
I know #Franz-Gleichmann is already explained very well, whats wrong in your code.
You need to use UPDATE for updating data modified code:
$key1 = "UPDATE login SET key_id = '$key' WHERE
(email_id = '" . mysql_real_escape_string($_POST['email_id']) . "')";
Now i am adding two more points:
Please use mysqli_* or PDO, because mysql_* is deprecated and not available in PHP 7.
You missed the termination semi colon on the same line, i hope this is typo error.
I've setup an EE template with PHP enabled and set the PHP Parsing Stage as Input. I would expect the following code to update the database correctly, but nothing happens:
<?php
$ids= "{last_segment}";
$userId = "{member_id}";
$sql = "UPDATE table SET column = '" . $ids . "' WHERE member_id = '" . $userId . "'";
$this->EE->db->query($sql);
?>
If I echo my query it looks correct, and in fact if I run it in PHPMyAdmin it works fine. Is there something I'm missing? Do I need to modify the PHP Parsing Stage?
Thanks in advance!
Looks like you may just need parentheses after "EE":
$this->ee()->db->query($sql);
Also, I'm not sure if you need $this...
http://ellislab.com/expressionengine/user-guide/development/usage/database.html
Hey I am currently trying to insert a global variable to a table. The other values I pass are variables too but they get sent correctly.
Here is my query. my error handling does not capture anything
$result = mysql_query("INSERT INTO IPmanagement (userId, NameUsed, EmailUsed, IPStatus, Ip) VALUES ('" .$masterUserId . "', '" . $Entry['LeadName'] . "', '" . $Entry['LeadEmail'] . "', '0', '" . $ip . "')") or die(ErrorException("Function 6", "Error when processing the current lead. your data is unaffected and if the proccess continues please contact an Admin.", mysql_error(),$_SERVER['REMOTE_ADDR'], CurrentPath(), $masterUserId));
my variable that is global defined before the function is
$masterUserId = "1";
I tried echoing the variable before it sends and it echos out correctly YET my table holds a value of 0.
here is a screenshot of how I have my table setup.
Click for Larger Image
Any idea what is going on. I am rather stumped and tried writing this same code different ways and it still gives me same issue. Also $masterUserId will always be an int value
Edit: also would like to mention the variable is different .php that contains the varaiable and database login information. It is being included at the top. (don't know if that is relevant)
Because you are not inserting IP STATUS.Which is not null
\
You should either set this to null or enter some value to it.
If you are using query in a function than use like this
function (){
//than define
$globat $masterUserId;
// use the global defination
// than use this variable with global value
}
Do not use mysql_*. Replace them with mysqli_* or PDO::.
Did you try to echo the mysql_query()? Do this. Replace mysql_query("..."); with die("..."); and put it in the phpMyAdmin and try executing.
And in your table, I see that IP Status is a NOT NULL. So that might throw an exception. Use a default value in the table.
And yeah, what do you get the result as in mysql_error()?
Why ''' or "' in query?
I have cleaned up query with PHP function sprintf and using NULL for EntryID(Autoincrement)
$query = sprintf("INSERT INTO IPmanagement (EntryID,userId, NameUsed, EmailUsed, IPStatus, Ip) VALUES (NULL,%s,%s,%s,'0',%s)",
$masterUserId , $Entry['LeadName'] , $Entry['LeadEmail'] , $ip ));
$result = mysql_query($query);
You should also use MySQLi or PDO
I have a self calling php form that is supposed to update the database, then display the changes. This is the general idea of what the code looks like:
IF($condition)
mysqli_multi_query($dbc,$multiple_update_query_str);
$result = mysqli_query($dbc,$select_query);
while($row = mysqli_fetch_array($result))
echo $row[0] . " " . $row[1] . " " . $row[2] . "<br>";
The first time, when the $condition is false, the select query works perfectly. Then when the $condition is true, the update occurs on the database, but the select query fails.
My first thought was that php server was getting ahead of the mySQL server, so I used sleep(5) before exiting the if statement, but the select still failed.
I even wrote a very basic php file that was almost exactly this code. It had the same problem. Is there something I am missing?
before you can use mysqli_query you must retrieve all the results of the multy_query to unlock the link connection
try:
if($condition){
mysqli_multi_query($dbc,$multiple_update_query_str);
while(mysqli_next_result($dbc)){;}
}
I am having trouble with an SQL query that I have inserted into a piece of PHP code to retrieve some data. The query itself works perfectly within SQL, but when I use it within my PHP script it says "Error in Query" then recites the entire SQL statement. If I copy and paste the SQL statement from the error message directly into MySQL it runs with no errors.
From my research I believe I am missing an apostrophe somewhere, so PHP may be confusing the clauses, but I am not experienced enough to know where to insert them.
The query is using a variable called $userid which is specified earlier in the PHP script.
$sql= <<<END
SELECT sum(final_price)
FROM (
SELECT Table_A.rated_user_id, Table_B.seller, Table_B.final_price
FROM Table_A
INNER JOIN Table_B ON Table_A.id=Table_B.id
) AS total_bought
WHERE seller != $userid
AND rated_user_id = $userid
UNION ALL
SELECT sum(final_price)
FROM (
SELECT Table_A.rated_user_id, Table_C.seller, Table_C.final_price
FROM Table_A
INNER JOIN Table_C ON Table_A.id=Table_C.id
) AS total_bought
WHERE seller != $userid
AND rated_user_id = $userid
END;
After this section the script then goes on to define the output and echo the necessary pieces as per usual. I'm happy with the last part of the code as it works elsewhere, but the problem I am having appears to be within the section above.
Can anyone spot the error?
Edited to add the following additional information:
All of the fields are numerical values, none are text. I have tried putting '$userid' but this only makes the error display the ' ' around this value within the error results. The issue remains the same. Adding parenthasis has also not helped. I had done a bit of trial and erorr before posting my question.
If it helps, the last part of the code bieng used is as follows:
$result = mysql_query($sql);
if (!$res) {
die('Error: ' . mysql_error() . ' in query ' . $sql);
}
$total_bought = 0;
while ($row = mysql_fetch_array($result)) {
$total_bought += $row[0];
}
$total_bought = number_format($total_bought, 0);
echo '<b>Your purchases: ' . $total_bought . '</b>';
echo "<b> gold</b>";
You're checking !$res, it should be !$result:
$result = mysql_query($sql);
if (!$result) {
die('Error: ' . mysql_error() . ' in query ' . $sql);
}
I suppose, you're echo()ing the query somewhere and copy-pasting it from the browser. Could it be that the $userid contains xml tags? They wouldn't be displayed in the browser, you would have to view the page source to spot them.
you should test with $userid quoted, and parentheses around the two statements.
I'm assuming that rated_user_id is a numeric field, but what type is seller? If it's a character field, then $userid would have to be quoted as streetpc suggests.
Another thing to check is that you have at least one space after the end of your lines for each line of the query. That has tripped me up before. Sometimes when going from your editor/IDE to the database tool those problems are silently taken care of.