When I pull each leadstatus individually (?leadstatus=New, ?leadstatus=Hot, etc.) they work, but when trying to get All, I can't seem to get it to work. The default on the page is New leads as you can see.
`$query = "SELECT * FROM contacts WHERE contacttype IN ('New','Buyer','Seller','Buyer / Seller','Investor') AND leadstatus = 'New' ORDER BY date DESC";
if(isset($_GET['leadstatus']) && in_array($_GET['leadstatus'], array('New', 'Hot', 'Warm', 'Cold', 'Rejected', 'Closed')))
{
$status = $_GET['leadstatus'];
$query = "SELECT * FROM contacts WHERE leadstatus = '".$status."' ORDER BY contacts.date DESC";
}`
Here are some of the strings I've tried with no luck:
?leadstatus=New&leadstatus=Hot&leadstatus=Warm&leadstatus=Rejected&leadstatus=Cold - Only pulls last listed, which is Cold
?leadstatus[]=New&leadstatus=[]Hot&leadstatus[]=Warm&leadstatus[]=Rejected&leadstatus[]=Cold - Returns default, which is New
?leadstatus=New&Hot&Warm&Rejected&Cold
Returns default, which is New
if(isset($_GET['leadstatus']) && $_GET['leadstatus'] == "all") {
$query = "SELECT * FROM contacts ORDER BY contacts.date DESC";
} else if (in_array($_GET['leadstatus'], array('New', 'Hot', 'Warm', 'Cold', 'Rejected', 'Closed'))) {
$status = $_GET['leadstatus'];
$query = "SELECT * FROM contacts WHERE leadstatus = '".$status."' ORDER BY contacts.date DESC";
}
Then, make leadstatus = all.
Try this:
if(isset($_GET['leadstatus']) && in_array($_GET['leadstatus'], array('New', 'Hot', 'Warm', 'Cold', 'Rejected', 'Closed')))
{
$status = $_GET['leadstatus'];
if(!empty($status)) {
$query = "SELECT * FROM contacts WHERE leadstatus = '".$status."' ORDER BY contacts.date DESC";
} else {
$query = "SELECT * FROM contacts ORDER BY contacts.date DESC";
}
}`
However, may I also suggest that you use a parameterized query? You are wide open to a SQL Injection attack here.
Something like this should match multiple conditions, allowing you to mix-and match several at a time, rather than 1 or all.
$status = join(',',$_GET['leadstatus']);
$query = "SELECT * FROM contacts WHERE leadstatus IN($status) ORDER BY contacts.date DESC";
Related
In php Page once we click on "Submit" button , in database we are saving order id, its working fine....
Requirement :
If payment is "Cash on delivery" , than i want to save order id in "awb_type : COD" row.... otherwise in "awb_type : PPD" row....
here is full code , track.php : https://pastebin.com/zLjpee7A , call.php : https://pastebin.com/4LkcxTYE
But orders are updating twice in table - one row in PPD & one in COD
Please let me know if you need more information....
Update 2 :
Now i tried below code, but whatever is payment_type , its saving only in awb_type column : PPD rows....
$sqlc = "select * from ecomexpress_awb WHERE status='unused' AND awb_type='COD' limit 1";
$resultc = $db_handle->runSelectQuery($sqlc);
$sqld = "select * from ecomexpress_awb WHERE status='unused' AND awb_type='PPD' limit 1";
$resultd = $db_handle->runSelectQuery($sqld);
$payment_type='';
$sqlg="SELECT * FROM do_order where payment_type='".$payment_type."'";
$resultg = $db_handle->runSelectQuery($sqlg);
if($payment_type=="Cash on delivery")
{
$awb = $resultc[0]['awb'];
$sqle = "update ecomexpress_awb set orderid = '".$order_id."',status='used' WHERE awb ='".$awb."' limit 1";
$resulte = $db_handle->runSelectQuery($sqle);
}
else
{
$awba = $resultd[0]['awb'];
$sqlf = "update ecomexpress_awb set orderid = '".$order_id."',status='used' WHERE awb ='".$awba."' limit 1";
$resultf = $db_handle->runSelectQuery($sqlf);
}
Before I did't binded the payment_type with order_id, below code worked for me :
if(isset($_POST['order_id']) && $_POST['order_id']!='')
{
$order_id = $_POST['order_id'];
$payment_type=$_POST['payment_type'];
$sqlg="SELECT * FROM do_order where payment_type='".$payment_type."'";
$resultg = $db_handle->runSelectQuery($sqlg);
if($payment_type=="Cash on delivery")
{
$sqlc = "select * from ecomexpress_awb WHERE status='unused' AND awb_type='COD' limit 1";
}
else
{
$sqlc = "select * from ecomexpress_awb WHERE status='unused' AND awb_type='PPD' limit 1";
}
$resultc = $db_handle->runSelectQuery($sqlc);
I want to order data by Id, how can i do this ?
if($_GET["grupid"]>0){
$DUZEN = array();
$sql = "SELECT * FROM siparis_ana WHERE grupid =".$_GET["grupid"];
$rsDuzen = mysql_query($sql, $conn) or die(mysql_error());
while ($r = mysql_fetch_assoc($rsDuzen)) {
$DUZEN[] = $r;
}
}
i can read all data with this code which have same group id. But data aline random.
You have to use mysql order clause in your query like order by id asc. Which you can use at the end of your query.
$sql = "SELECT * FROM siparis_ana WHERE grupid =".$_GET["grupid"]." order by id asc";
Your sql query should be like given below...
$sql = "SELECT * FROM siparis_ana where grupid = " . $_GET['grupid'] . " ORDER BY id asc ";
sorry my English is weak ....
how can i search multi values from db SQL So that there was any.
i can search name && family together but
I want when the user searched name And family leave empty Return result correctly
how can i write this
if (isset($_POST['searchname']) || isset($_POST['searchfamily'])) {
$sql = "select * from myinfo WHERE name='{$_POST['searchname']}' && family='{$_POST['searchfamily']}' ORDER BY id DESC";
}
else {
$sql = "select * from myinfo ORDER BY id DESC";
}
Your 3 main issues here..
the first being WHERE name= now.. name is already used by mysql therefore you shouldn't use it however.. If you do use it run it like this:
WHERE `name`=
You should always backtick database tables and columns to make life easier in the long haul.
The second issue being you used && where it should be AND
the third is you shouldn't be placing your variables straight into your query as you're left open for SQL Injection.
Now I'm running on the assumption you're using $mysqli as your variable however, this may need adjusting to suit the correct variable you are using:
if (isset($_POST['searchname']) || isset($_POST['searchfamily'])) {
$searchName = $_POST['searchname'];
$family = $_POST['searchfamily'];
$sql = $mysqli->prepare("select * from `myinfo` WHERE `name` = ? OR `family`= ? ORDER BY `id` DESC");
$sql->execute([$searchName, $family]);
} else {
$sql = $mysqli->prepare("select * from `myinfo` ORDER BY `id` DESC");
$sql->execute();
}
If you want to search with both then you need to change your if also. And change && to and in your query
if (isset($_POST['searchname']) && isset($_POST['searchfamily'])) {
$sql = "select * from myinfo WHERE `name`='{$_POST['searchname']}' AND family='{$_POST['searchfamily']}' ORDER BY id DESC";
}
else {
$sql = "select * from myinfo ORDER BY id DESC";
}
Edit
As per your comment try this:
if (isset($_POST['searchname']) || isset($_POST['searchfamily'])) {
$where="";
if(isset($_POST['searchname']))
$where=" WHERE `name`='{$_POST['searchname']}'";
if(isset($_POST['searchfamily']))
{
if($where=="")
$where=" WHERE family='{$_POST['searchfamily']}'";
else
$where=" AND family='{$_POST['searchfamily']}'";
}
$sql = "select * from myinfo $where ORDER BY id DESC";
}
else {
$sql = "select * from myinfo ORDER BY id DESC";
}
I have now three different PHP pages that contain almost the same information so to be able to reduce this to one page I need to have a php variable inside the mysql query.
Today it is like this:
$query1 = "SELECT * FROM `Yrker` WHERE `Kategori` = '1' AND `Bruk` = '1' ORDER BY yearstart DESC, mndstart DESC";`
I need that the " AND Bruk = '1'" is removed from this query-line if i put ?nobruk=no in the adressbar. Is this possible and if so, how?
You don't want to (and can't) put an if inside your query; you want to use an if to create your query based on some condition. There are lots of ways to write this, one of which is
if (!empty($_GET['nobruk'])) {
$query1 = "SELECT ... WHERE `Kategori` = '1' ORDER BY ...";
}
else {
$query1 = "SELECT ... WHERE `Kategori` = '1' AND `Bruk` = '1' ORDER BY ...";
}
Another way, which is shorter and involves the ternary operator, is
$includeBruk = empty($_GET['nobruk']);
$query1 = "SELECT ... WHERE `Kategori` = '1' ".
($includeBruk ? "AND `Bruk` = '1' " : "").
"ORDER BY ...";
A simple if statement:
$query1 = "SELECT * FROM `Yrker` WHERE `Kategori` = '1'";
if ($_GET['nobruk']!='no') {
$query1.=" AND `Bruk` = '1'";
}
$query1.= " ORDER BY yearstart DESC, mndstart DESC";
Like this :
<?php
$query = ($_REQUEST['nobruk'] == "no") ? "SELECT * FROM `Yrker` WHERE `Kategori` = '1' ORDER BY yearstart DESC, mndstart DESC": "SELECT * FROM `Yrker` WHERE `Kategori` = '1' AND `Bruk` = '1' ORDER BY yearstart DESC, mndstart DESC";
echo $query;
?>
$query1 = "SELECT * FROM `Yrker` WHERE `Kategori`='1' ".($_GET['nobruk'] === 'no' ? "" : "AND `Bruk`='1' ")."ORDER BY yearstart DESC, mndstart DESC";
These links give me results for each when clicked, however how do I get 'All' to display all the 'Hot' 'Warm' and 'Cold' leads because 'All' is the default page?
<li>All</li>
<li>Appointments</li>
<li>Hot</li>
<li>Warm</li>
<li>Cold</li>
if(isset($_GET['contactstatus'])
&& in_array($_GET['contactstatus'], array('Hot', 'Warm', 'Cold')))
{
$status = $_GET['contactstatus'];
$query = "SELECT * FROM contacts WHERE contactstatus = '".$status."' ORDER BY contacts.firstname ASC";
}
if(isset($_GET['type'])
&& in_array($_GET['type'], array('Appointment')))
{
$todotype = $_GET['type'];
$query = "SELECT * FROM contacts,contacttodo,contactnotes WHERE contacts.ID = contacttodo.contacts_id = contactnotes.contacts_id AND contacttodo.type = '".$todotype."' ORDER BY contacts.firstname ASC";
}
UPDATE:
Got this to work by adding:
$query = "SELECT * FROM contacts WHERE contactstatus = 'Hot' OR contactstatus = 'Warm' OR contactstatus = 'Cold' ORDER BY contacts.contacttype ASC";
However, is this safe?
It's certainly 'safe', as long as you're never going to have any other contact statuses besides hot, warm, or cold.