hello i have a search engine for my site. i have two selection fields. i would like to give an example:
input_a: 3
input_b: 5
so the queries should look like:
if ( ($input_a == true) && ($input_b == false) ){
$filter_orders[] = " `col` LIKE '%$input_a%' ";
}
if ( ($input_a == false) && ($input_b == true) ){
$filter_orders[] = " `col` LIKE '%$input_b%' ";
}
if ( ($input_a == true) && ($input_b == true) ){
$filter_orders[] = " `col`= `col`>='%$input_a%' AND `col` = `col`<='%$input_b%' ";
now the problem is, that i dont know, if the last query is incorrect or not. the logic behind that will be that in case of my example the range between 3 and 5 should be found.
so 1,2 [3,4,5] 6,7,8...
if there is someone who could help me out i really would appreciate.
thanks a lot.
That should be
$filter_orders[] = " `col`>='%$input_a%' AND `col`<='%$input_b%' ";
EDIT:
You probably want the entire statement to look like this:
if ( (!empty($input_a) && is_int($input_a)) && (empty($input_b) || !is_int($input_b)) {
$filter_orders[] = " `col`='%$input_a%' ";
}
else if ( (empty($input_b) || !is_int($input_a)) && (!empty($input_b) && is_int($input_b)) ) {
$filter_orders[] = " `col`='%$input_b%' ";
}
else if ( !empty($input_a) && !empty($input_b) && is_int($input_a) && is_int($input_b) ) {
$filter_orders[] = " `col`>='%$input_a%' AND `col`<='%$input_b%' ";
}
Inserting the else if instead of just if helps makes sure other ifs arent executed if an earlier if is found toe be true.
Using the = instead of LIKE wille make sure that 3 == 3 and not 3 and 31 or 32
NO, sadly that is everything but correct. It should be something like this.
$filter_orders[] = " `col`>='%$input_a%' AND `col`<='%$input_b%' ";
Related
My if statements are not working despite the log file confirming that the values meet the conditions required.
As you will see below I have attempted to use both boolean and numerical values (as I have read that there are a few quirks with boolean statements in PHP.)
$lift = isset($p["lift"]) ? $p["lift"] : 0;
$parking = isset($p["parking"]) ? $p["parking"] : false;
// LIFT
if ( $lift === 1 && $home ) {
$query .= " AND `lift` == $lift";
}
// PARKING
if ( $parking === 1 && $home ) {
$query .= " AND `parking` != '';";
}
$log_file = "../../queries.log";
$error_message = "query: '$query' \n\n lift: ".$lift."\n home: ".$home."\n";
error_log($error_message, 3, $log_file);
I have tried both double and triple equal operators without success. I have tried both boolean and numerical values. The log statement prints the following:
'SELECT id, ref_crm, `type`, prov_name, prov_id, muni_name, muni_id, barrio, price_latest, photo,sqm,bed,bath,lift,parking,`year`,descr,
x(pt) as lat, y(pt) as lng, ref_cat FROM outlet WHERE prov_id = '06' AND `type` = 'Piso' AND price_latest >= 0 AND price_latest <= 500000 AND sqm >= 0 AND sqm <= 200'
lift: 1
home: true
As you can see, the string statements are not being attached to the query despite the two conditions both being met.
I have also tried removing the variables I've created ($lift and $home) and simply used $p["lift"] and $p["parking"] without success. The only way I am able to make this work is to specifically state $lift === 1 and $home === true (double or triple equal operators) above the conditions. This despite the log confirming that these variables already have those values set! I have also tried double and triple equal operators with $home and $p["home"]
Try echoing something out within your if statements.
Also please note:
https://www.php.net/manual/en/language.operators.comparison.php
Solution:
if (!empty($home) && $lift == 1) {
echo 'Lift works';
} else {
echo 'Lift is not 1';
}
if (!empty($home) && $parking == 1) {
echo 'Parking works';
} else {
echo 'Error: home parking is not 1';
}
I want the program to ignore zero totals. I'm trying to stop auto awards to non-participants with zero totals. I added the >= expression after the && operators. Is this correct for kills and networth?
$fetch_nor_killers = mysql_query("SELECT wk,bk,hk,dk,pk,mk, code, p, (wk+bk+hk+dk+pk+mk) as totalKills FROM r$round[round]_p WHERE status = '". normal ."' ORDER BY totalKills DESC LIMIT 3");
$killa_rank = 0;
while($killa = mysql_fetch_array($fetch_nor_killers))
{
$killa_rank++;
if($killa_rank == 1 && $killa['totalKills'] >= 1)
{
$killa_award = "freeopkiller1";
}
else
if($killa_rank == 2 && $killa['totalKills'] >= 1)
{
$killa_award = "freeopkiller2";
}
else
if($killa_rank == 3 && $killa['totalKills'] >= 1)
{
$killa_award = "freeopkiller3";
}
Same thing here with networth. Just trying to avoid awarding a inactivate user. #Jagrut
$fetch_top_subs = mysql_query("SELECT * FROM r$round[round]_p WHERE subscription != '". none ."' ORDER BY networth DESC LIMIT 3");
$sub_rank = 0;
while($sub = mysql_fetch_array($fetch_top_subs))
{
$sub_rank++;
if($sub_rank == 1 && $sub_rank['networth'] >= 1)
{
$sub_award = "first_sub";
}
else
if($sub_rank == 2 && $sub_rank['networth'] >= 1)
{
$sub_award = "second_sub";
}
About to test these.
First, i would like you to be more clear with the question. But from what i have understood, this can be the problem with your code:
You are using the $totalKills directly. You can either assign it to a variable and then use it or you need to use $killa for accessing $totalKills, i.e.
Use it as:
$anyVar = $killa['totalKills'];
and then use $anyVar for your operations or directly use $killa['totalKills'] in place of $totalKills.
Hope this helped.
We have a system on our website wherein you can have multiple accounts and earn points on each. Those points you can transfer between the accounts on this webpage that I've noticed an error on. Basically, if I have a certain combination of accounts, namely a first and second, it won't let me transfer, it'll just say "Please fill in with a number.". If I have a first and third or all three, it works fine. I've been looking through it for about two hours now and can't find what isn't working... any help would be IMMENSELY appreciated :D
<?php if($a == "exchange")
{
$GetUserInfo = mysql_query("SELECT * FROM members WHERE id = '$userid'") or die(mysql_error());
$GetUserInfo = mysql_fetch_object($GetUserInfo);
$cols = 1; //determines colspan
$status = 1;
$GetMultipleInfo = mysql_query("SELECT * FROM members WHERE id = '".$GetUserInfo->mult_uid."'") or die(mysql_error());
if(mysql_num_rows($GetMultipleInfo) != 0)
{
++$cols;
++$status;
}
$GetMultipleInfo = mysql_fetch_object($GetMultipleInfo);
$GetAdMultipleInfo = mysql_query("SELECT * FROM members WHERE id = '".$GetUserInfo->mult_admin."'") or die(mysql_error());
if(mysql_num_rows($GetAdMultipleInfo) != 0)
{
++$cols;
$status = ($status == 2 ? 4 : 3);
}
$GetAdMultipleInfo = mysql_fetch_object($GetAdMultipleInfo);
// Sparks Transfer
if (isset($_POST['spartrans']))
{
$order = $_POST['sparrecipients'];
if ($order == 'first')
{
$tpoints2 = $_POST['tpoints2'];
$tpoints3 = $_POST['tpoints3'];
$tpoints = $tpoints2 + $tpoints3;
if ($status == 2)
if ((!is_numeric($tpoints1)) || (!is_numeric($tpoints2)) || empty($tpoints1) || empty($tpoints2))
message("Please fill in with a number.","Enchanted Hogwarts","$PHP_SELF?a=exchange");
elseif ($status == 3)
if ((!is_numeric($tpoints1)) || (!is_numeric($tpoints3)) || empty($tpoints1) || empty($tpoints3))
message("Please fill in with a number.","Enchanted Hogwarts","$PHP_SELF?a=exchange");
elseif ($status == 4)
if ((!is_numeric($tpoints1)) || (!is_numeric($tpoints2)) || (!is_numeric($tpoints3)) || empty($tpoints1) || empty($tpoints2) || empty($tpoints3))
message("Please fill in with a number.","Enchanted Hogwarts","$PHP_SELF?a=exchange");
if ($tpoints2 > $GetMultipleInfo->tpoints)
message("" . getName($GetMultipleInfo->id) . " does not have enough sparks.","Enchanted Hogwarts","$PHP_SELF?a=exchange");
if ($tpoints3 > $GetAdMultipleInfo->tpoints)
message("" . getName($GetAdMultipleInfo->id) . " does not have enough sparks.","Enchanted Hogwarts","$PHP_SELF?a=exchange");
if ($GetUserInfo->mult_uid != 0)
mysql_query("UPDATE members SET tpoints = GREATEST(tpoints - $tpoints2,0) WHERE id = '".$GetMultipleInfo->id."'") or die(mysql_error());
if ($GetUserInfo->mult_admin != 0)
mysql_query("UPDATE members SET tpoints = GREATEST(tpoints - $tpoints3,0) WHERE id = '".$GetAdMultipleInfo->id."'") or die(mysql_error());
mysql_query("UPDATE members SET tpoints = GREATEST(tpoints + $tpoints,0) WHERE id = '$userid'") or die(mysql_error());
message("Successfully transferred $tpoints Sparks to ".getName($userid).".","Enchanted Hogwarts","$PHP_SELF?a=exchange");
}
}
}
?>
In your code here you are establishing a couple of variables.
if ($order == 'first')
{
$tpoints2 = $_POST['tpoints2'];
$tpoints3 = $_POST['tpoints3'];
$tpoints = $tpoints2 + $tpoints3;
But then here you are checking the values of different variables. $tpoints1 was never established.
if ((!is_numeric($tpoints1)) || (!is_numeric($tpoints2)) || empty($tpoints1) || empty($tpoints2))
message("Please fill in with a number.","Enchanted Hogwarts","$PHP_SELF?a=exchange");
EDIT: That is probably not correct. You probably have register_globals on which would be setting that variable automatically. Not recommended but not the question you asked.
Bottom line you need to figure out which branch of your code is being executed. My guess based on your description is that it is the $order == first branch and then $status == 3. But without actually submitting the form and knowing which selections were made it is impossible for me to tell. And the fact that all the error messages are the same "Please fill in with a number." is not very helpful.
I personally would take this time to refactor some of your code. If I don't understand something I break it apart into smaller chunks until I do. Otherwise you will always be sifting through this page every time something is wrong trying to figure it out.
Every selection of $order validates the values of $tpoints1, $tpoints2, and $tpoints3 exactly the same way. Start by moving that into a function and go from there.
$sql = 'SELECT * FROM `phpbb_profile_fields_data`';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
if ($row['pf_kp_em_no_bonethr'] == '1') {
echo " Was 1";
} else if ($row['pf_kp_em_no_bonethr'] == '2') {
echo "Was 2";
} else {
echo "Was Neither 1 or 2";
}
}
$db->sql_freeresult($result);
I am curios, In my example I am checking the field for either a value of 1 or 2 but how do I check it for a value of NULL. Would it be any of the following three:
if ($row['pf_kp_em_no_bonethr'] == '')
if ($row['pf_kp_em_no_bonethr'] == '-1')
if ($row['pf_kp_em_no_bonethr'] == 'NULL')
Normally I would just try it out but I am not at home and wont be for the foreseeable future it has been bugging me. I am pretty sure it's not the second but I have seen -1 used for a null value in other languages. So can someone verify how I would indeed check for a NULL value please.
if ($row['pf_kp_em_no_bonethr'] === NULL)
Something like this should work.
if (is_null($row['pf_kp_em_no_bonethr'])) {
echo "Is NULL";
}
MySQL will return NULL values to PHP as actual PHP NULL. In this situation, what you need is:
// Notice lack of quotes around NULL
// And use === to distinguish type properly between integer 0 and NULL
if ($row['pf_kp_em_no_bonethr'] === NULL)
However, it would be more appropriate to check it in the query if NULL values are what you need to work with in PHP.
$sql = 'SELECT * FROM `phpbb_profile_fields_data` WHERE pf_kp_em_no_bonethr IS NULL';
Or to find all three values:
$sql = 'SELECT * FROM `phpbb_profile_fields_data`
WHERE pf_kp_em_no_bonethr IS NULL
OR pf_kp_em_no_bonethr IN (1,2)
';
I'd recommend to be very carfull with this one: I have seen
<?php
$field=$row['fieldname'];
if ($field===null) {
//Do something
}
?>
fail intermittently, especially on windows. This is why I prefer
SELECT
IFNULL(fieldname,'some_safe_value') AS fieldname
...
FROM
...
and the resulting trivial null-check.
Use is_null or === NULL.
if(is_null($row['pf_kp_em_no_bonethr'])){
}
or
if($row['pf_kp_em_no_bonethr'] === NULL){
}
I am fetching values from a form something like this
$value = mysql_real_escape_string($_POST['id']);
$value1 = mysql_real_escape_string($_POST['name']);
$value2 = mysql_real_escape_string($_POST['age']);
And I am using a mysql syntax like this to store information in DB
$sql = "UPDATE table SET name='$value1',age='$value2' WHERE id ='$value'";
I want the above mentioned UPDATE syntax to work only if the values are not NULL or not left blank.
For example if the name form is left blank and some value has been given for age than only age should be updated and not name..
How can I do this?
if(isset($_POST['id']) && isset($_POST['name']) && isset($_POST['age']))
{
$value = mysql_real_escape_string($_POST['id']);
$value1 = mysql_real_escape_string($_POST['name']);
$value2 = mysql_real_escape_string($_POST['age']);
$sql=" UPDATE table SET name='$value1',age='$value2' WHERE id ='$value'";
}
See: isset()
At a very basic level, you could check for non-null values using isset.
For example:
if(isset($_POST['id']) && isset($_POST['name']) && isset($_POST['age'])) {
// Do the insert...
}
However, I suspect you'll probably want to carry out some proper validation to ensure that the age is valid, etc. (Perhaps via if(intval($value2) !== 0) if that makes sense.)
Also, I'd really recommend not allowing the user to arbitrarily update database records. (POSTs are very easy to spoof, and the user could simply change the form 'id' value.)
You can use empty() to check if the values are null or blank.
if ( !empty( $value) && !empty( $value1 ) && !empty( $value2 ) ) {
// Do query
}
You should also check $_POST elements using isset() to ensure the values exists before using them:
if ( isset( $_POST['id'] ) ) {
$value = mysql_real_escape_string($_POST['id']);
}
if ((isset($_POST['id']) && ($_POST['id'] !== '')) &&
(isset($_POST['name']) && ($_POST['name'] !== '')) &&
(isset($_POST['age']) && ($_POST['age'] !== ''))) {
... everything ok ... do data base stuff
} else {
die("Not correct");
}
Try this:
//$value1 = 'joey';
$value2 = 123;
$sql = "UPDATE table SET ";
$sql .= !empty($value1) ? " name='{$value1}'," : null;
$sql .= !empty($value2) ? " age='{$value2}'," : null;
$sql = substr($sql, 0, -1);
$sql .= " WHERE id ='{$value}'";
echo $sql;
It should only update the variable that is not empty. Also do the escaping like others mentioned above.