If i've database my_table (id,word) as following
and i've some posted text called $name then i want to know if $name have any word like words i've stored in my database my_table (id,word)
so i'm using this code
$name = "Hello lovely world"; // no bad words
$sql = "SELECT * FROM my_table";
$result = mysql_query($sql);
$commentArray = explode(" ", $name);
$counter = count($commentArray);
$check = 0;
while ($row = mysql_fetch_assoc($result)) {
for ($i == 0; $i < $counter; $i++) {
if (strcasecmp($commentArray[$i], $row['word'])) {
$check = 1;
}
}
}
if ($check == 1) {
echo "banned";
exit;
}
else {
echo "passed";
}
however it always results in echo "banned"; even if i $name is clear of any bad words i've stored in my_table so there might be something wrong here !
anyhelp
strcasecmp returns 0 when it matches (PHP manual), so you should edit your code:
if (strcasecmp($commentArray[$i], $row['word']) == 0)
Furthermore, you have a syntax error in your for loop. It should be for ($i = 0; ...
You have a syntax error.
for ($i = 0...
And not
for ($i == 0...
Also, you should indent your code properly, it looks better and it'll help you later on.
The thing is strcasecmp returns 0 if the strings are equal. You ought to change it to if (strcasecmp($var1, $var2) == 0).
As a starting point, I'd suggest storing only lowercased words in the table, lowercasing the input text first, and then replacing the whole strcasecmp loop with an in_array($row['word'], $commentArray);. And break; after the first match.
But this entire approach doesn't scale - you're selecting all the entries in the table. If your table grows beyond a certain size, that will be a serious bottleneck and you'll need to look into matching on the DB side.
Related
Hello everyone and thanks for the time you will spend on this question.
Problem
I am trying to convert my search query into 1's and 0's to check for a match inside my database.
Basically, I fill my form input with this query: SF12345
The code checks for each chars if it's numeric. If it is, it outputs a 1 if not it outputs a 0. So my code (SO's code :) ) so far will output 0011111. So far, so good:
$s = "SF12345";
for ($i = 0; $i < strlen($s); $i++){
$char = $s[$i];
if (is_numeric($char)) {
echo "1";
} else {
echo "0";
}
}
Question
How do I "implode" or "regroup" all these echo's to use as one variable inside my search query below
$dbConn->query("SELECT * FROM products WHERE code = '".$s.'");
I want it to look like this
$dbConn->query("SELECT * FROM products WHERE code = '0011111'");
If anyone has any idea on how to approach or solve this issue, you'll make one (very) happy man.
If it is important to know why I want to convert it to 1's and 0's I'll be glad to explain.
Thank you very much, all help is much appreciated.
You could append to a string in PHP with the concatenating assignment operator .=. (See https://www.php.net/manual/en/language.operators.string.php for more information). Then you could do this:
$s = "SF12345";
$output = ""; // This will store the result.
for ($i = 0;$i < strlen($s);$i++)
{
$char = $s[$i];
if (is_numeric($char))
{
$output .= "1";
}
else
{
$output .= "0";
}
}
i need to write a search engine. And i had occurred some prbolems with it.
so for now my query looks like this.
SELECT * FROM umowy WHERE keywords LIKE ('%propanek%' OR '%seba%')
And i making this, with this example of code. (two words for now)
$szukaj = $_POST['szukaj'];
$szukaj_trim = trim($szukaj);
$szukaj_array = explode(" ",$szukaj_trim);
$szukaj_length = count($szukaj_array);
if ($szukaj_length === 1 ) {
$constr = "('%${szukaj_array[0]}%')";
}
else{
for($i = 0; $i <= $szukaj_length; $i++){
if($i == 0){
$constr = $constr."('%${szukaj_array[${i}]}%'";
}
if($i > 0 && $i < ($szukaj_length-1)){
$constr = $constr." OR '%${szukaj_array[${i}]}%'";
}
if ($i == ($szukaj_length-1)) {
$constr = $constr." OR '%${szukaj_array[${i}]}%')";
}
}
}
$query="SELECT * FROM umowy WHERE keywords LIKE $constr";
Is there way to reduce a result output by adding more words in search input?
Now it's working like "more words, more content to show". But i need something opposite, more words, the more accurate result is.
(sorry for my not perfect english)
I am trying the use refine tools for a search on my website. The bit i'm stuck with is search by start letter. For example i could use a wildcard '%X%' but his would return anything that contained the letter 'x'.
I read on few sites that SUBSTRING can be used in mysql queries
http://dev.mysql.com/
http://www.kirupa.com/
https://stackoverflow.com/questions/6302027
This is what I have so far but returns nothing. There is data in the database that should return with the query.
public function refineUsersFollowers($user_id,$q){
if($this->databaseConnection()){
// get the users followers
$state = array(1,2);
$stmt = $this->db_connection->prepare("SELECT * FROM friends WHERE id_2 = :1 AND Friend_Request_State = :2 OR id_2 = :3 AND Friend_Request_State = :4");
$stmt->bindParam(':1', $user_id);
$stmt->bindParam(':2', $state[0]);
$stmt->bindParam(':3', $user_id);
$stmt->bindParam(':4', $state[1]);
$stmt->execute();
// format the SQL OR statements
$sql = '';
$ids = [];
while($rows = $stmt->fetch(\PDO::FETCH_ASSOC)){
array_push($ids,$rows['id_1']);
}
for($x = 0; $x < count($ids); $x++){
if(count($ids) == 1){
//if there is one result
$sql.= ' user_id = :'.$x." AND SUBSTRING('first_name',0,1) = :".$x.$x;
}else if($x == (count($ids) - 1)){
// last entry
$sql.= ' user_id = :'.$x." AND SUBSTRING('first_name',0,1) = :".$x.$x;
}else{
//continue loop
$sql.= ' user_id = :'.$x." AND SUBSTRING('first_name',0,1) = :".$x.$x." OR";
}
}
$stmt = $this->db_connection->prepare("SELECT * FROM account WHERE ".$sql);
for($x = 0; $x < count($ids); $x++){
$stmt->bindParam(':'.$x,$ids[$x]);
$insert = $x.$x.'';
$stmt->bindParam(':'.$insert,$q);
}
$stmt->execute();
$results = $stmt->fetch(\PDO::FETCH_ASSOC);
print_r($results);
// check for followers that start with letter
}
}
The first part of the function is fine, this gets an array of id's which is then placed together as an SQL string. Is the SQL not returning results because SUBSTRING is not supported in this way?
If so is there a way of producing a query like this or would it be easier to pull every result from the database then check them in a different function?
You have two issues with this expression:
SUBSTRING('first_name', 0, 1) = :".$x.$x;
First, substr() in SQL (in general) starts counting with 1 and not 0. So, the first argument should be 1.
Second, you have the first argument in single quotes. So, at best, this would return the letter 'f'. Here is a simple rule: Only use single quotes for string and date constants. Never use single quotes to refer to column names.
There are several way to write what you want. Here are three:
SUBSTRING(first_name, 1, 1) = $x
LEFT(first_name, 1) = $x
first_name like '$x%'
You query can be greatly simplified with the LIKE operator. This:
"AND SUBSTRING('first_name',0,1) = :".$x.$x;
can become this:
"AND first_name LIKE '".$x.$x."%'";
I'm not sure what the $x.$x is for, so I just left it in for illustrative purposes.
Please help me solve this problem:
if($_POST["keyword"]) {
$keyword = $_POST["keyword"];
$keyword = trim($keyword);
$keyword_array = explode(" ",$keyword);
$numberofwords = (integer)count($keyword_array);
require("server.php");
$link = open_koneksi();
$tbl_name = "author";
$query = "SELECT COUNT(*) as num FROM $tbl_name WHERE " ;
for ($x = 0; $x<= $numberofwords; $x++) {
$query .= "author LIKE '%$keyword_array[$x]%'";
if ( $x < $numberofwords ) {
$query .= " AND ";
}
}
echo("<SCRIPT>document.location.href='?p=result';</SCRIPT>");
}
If the code in the program segment is executed, there will be a warning as follows:
Notice: Undefined offset: 1 in C:\xampp\htdocs\bijang\result.php on line 111
Location of faults refer to this code:
$query .= "author LIKE '%$keyword_array[$x]%'";
How do I fix this?
Your problem is probably this:
for ($x = 0; $x<= $numberofwords; $x++) {
##
You are counting indexes 0 till 1, because the previous count() gave you 1. But that's the total number of indexes, the last index is still 0.
Change it into:
for ($x = 0; $x < $numberofwords; $x++) {
#
Better yet, just use an foreach:
foreach ($keyword_array as $x => $kw) {
That counts the indexes in $x implicitly.
You probably still have to change your last entry detection for the AND fillers. (Commonly you first make an array of substrings, then implode() with the filler " AND ".)
YadaYada: Also take care about unfiltered input. Use the database escaping function for text strings. It's heaps easier to use PDO and prepared statements though.
Cause the $keyword_array array don't have the $x key.
turns out, to overcome, just one word:
error_reporting(0);
the question, whether the notice was included as part of the error?
Is it possible to write multiple conditions in a while loop? If not, what is an alternative? I tried it and was returned with an error relating the line of code that sets up the conditions for the while loop. Here is an example of what I mean.
$s = 1;
while ($result_row = mysql_fetch_assoc($query) && $s < 5)
{
echo $result_row['id'];
$s++;
}
That is possible, but because = has lower precedence than && you need parentheses to ensure that your statement is interpreted correctly:
while (($result_row = mysql_fetch_assoc($query)) && ($s < 5))
The parentheses around $s < 5 are not required here, but I've included them for clarity.
However it would be easier just to modify your query to only return 5 rows, by adding LIMIT 5.
SELECT ...
FROM yourtable
ORDER BY ...
LIMIT 5
You could try:
$s=1
while ($result_row = mysql_fetch_assoc($query))
{
echo $result_row['id'];
$s++;
if($s>5){
break;
}
}
http://php.net/manual/en/control-structures.break.php
while i see nothing wrong in that. the other way round is to do something like this.
$s = 1;
while ($result_row = mysql_fetch_assoc($query))
{
if($s < 5) {
//enter the condition
}
$s++;
}
The value of $result_row is probably being set to the Boolean condition of whether mysql_fetch_assoc($query) returns something true-ish and $s is less than 5. So trying to read $result_row as a dictionary no longer works.
You can use parenthesis to specify exactly how things get parsed:
while (($result_row = mysql_fetch_assoc($query)) && ($s < 5))
This way, $result_row gets set to mysql_fetch_assoc($query), which is what you want, and the loop continues as long as the logical value of that assignment returns something true-ish, as well as s is less than 5.