So i'm selecting some data by username from my url, but my problem is that my usernames isn't unique so if there is same usernames it creates me errors, nu my url looks like this:
http://adress.com/user/messages/bob
So in this case i would select data where username is bob, but if there is two bob users i would get errors, so i what i would like to do is select data by user id, but then i would have to replace username with id, like this:
http://adress.com/user/messages/321
So my question is how can i keep username insted of numbers but select data by id?
Btw, i'm using php and mysql
It sounds like you're doing this for vanity URL's, so keep the username, but also use the ID field... i.e.
http://adress.com/user/messages/321/bob
Related
I have a database where I'm getting a random row from a table depending on a few variables. I'm trying to make it so it adds their username in this format (Admin, Jerry, Ben) once they view the advertisement (My project - clients view ads for Bitcoin). I want to make it so that once they view it , it adds their name in to a row called users_viewed_add (example is above). I need it to only get random rows based on if their username does not exist in the row users_viewed_add atoll so they can't view the ad more than once.
At the moment, I'm trying to do:
$query_second = mysqli_query($con, "SELECT * FROM business_advertisments WHERE ($users_credits >= amount_per_click) AND (users_viewed_add) NOT LIKE '$username' AND users_name != '$username' ORDER BY RAND() LIMIT 1");
As you can see, the AND (users_viewed_add) NOT LIKE '$username' is not working for me as it's reading the text as a whole word. The problem is that I'm using comma's to seperate the usernames of the clients who have viewed the ad. Is there any work around for this ? I know the method to check a block of text but it wouldn't work in a SQL statement I'm pretty sure.
You can do:
AND CONCAT(',', users_viewed_add, ',') NOT LIKE '%,$username,%'
But you probably want to make a separated many to many table, and use user id instead of user name.
If you want to use multiple values in your LIKE comparison, you can use:
AND users_viewed_add NOT LIKE ALL ('$username')
This will check that none of the $username values exists in the users_viewed_add field. You may need to format your variable properly so the SQL works.
I found the answer from this post: How do I add multiple "NOT LIKE '%?%' in the WHERE clause of sqlite3 in python code?
The correct SQL syntax to check a word doesn't exist in a row is:
AND users_viewed_add NOT REGEXP '[$username]'
I am trying to restrict users records display. Basically i am developing a CRM where a user logs in and enters (orders, quotes...) his data and submits to database. So when a user logs in i want to display only those records which he has entered not others data. For this I take user's session id and stores it infront of his records,
While displaying i am doing like this
"SELECT * FROM orders WHERE user_id='".$_SESIION['userID']."';
But i have to do this 'WHERE' for all display function . Instead of that is there any other way i can do this i mean without repetitive WHEREstatement?
Please suggest
Your question: is there any other way i can do this i mean without repetitive WHEREstatement?
My answer is: There is no!
Help for prepare: https://www.w3schools.com/php/php_mysql_prepared_statements.asp
The database could be like this, for example:
table users
id_user email password etc.
Table articles
id_article title_article body_article id_user etc
When you query
select * from article where id_users = ?
Use prepere
insert into articles (............, id_user, ....) values (?, ?, ? etc)
All tables, like this one article, can have field id_user, it goes in table with query input ...., by session and prepere protection against SQL injections. And when user select anything, he will have only what he has injected.
I'm trying to keep only unique values at username (field inside table professionals, using MySql at the moment).
I got a edit profile page where the user can change his username and other values.
EXAMPLE:
Actual info (not edited):
Name: John;
Tel: 1234567890;
Username: john;
Password:****;
New info (edited):
Name: Jonathan;
Tel: 1234567890;
Username: john;
Password:****;
As you can see the user only changed the name, so I'm inserting all data again in database, but if I verify the username of course it says there is already one at DB.
I need some kind of solution for this, without changing a lot the whole code.
Thanks
What is the need for inserting the whole data once again in the table. Try updating the table.
UPDATE table_name SET column1=value1,column2=value2,... WHERE some_column=some_value;
And in your case like
UPDATE table_name SET Name='Jonathan' where Username = 'john'
Really thanks for the answer #Jeff ! I wasn't thinking about the user ID, I can just make a query like this: SELECT * FROM professionals WHERE username = "test" AND id_professional != 3 and after that just verify if there are rows or not.
I'm currently trying to retrieve values from a database.
New Users are given a UNIQUE ID once they register on my website:
Keys are stored into my database with a link such as:
website.com/file.php?id=4&key=123abcd123
What I was planning on having was the website pulling the keys ONLY related to the ID of the user.
Lets say User 4 inputs a key into the database, I want to have a universal .php file that will retrieve HIS codes (codes with the ID of 4) ONLY.
I'm sorry if this doesn't really make sense, English isn't my first language.
For finding particular record in mysql query pass the id value in the place of 4 below.
SELECT * FROM tablename WHERE UserID = '4'
if you want to get particular value then use like this
$query = "SELECT * FROM tablename WHERE UserID = '".$_SESSION['ID']."'";
Refference
If you use SQL, it is easy to search for all keys for a user:
select cdkey
from YourTable
where UserID = 1
Note that anyone can edit a URL. So unless you take additional measures, any user could ask for the cdkeys of any other user, just by modifying the id parameter in the URL.
I have a mysql table which has data from all flight bookings on my booking system. When a user books a flight, the details of that booking are stored in that table along with their username.
Now, I'm making a page where all of the user's previous flights are shown in a HTML table, and everything works except the code which filters results to those only from that user.
This is the (part of) code I'm using;
$query_string = "SELECT name, seats, departure, destination, class, username, miles, timestamp FROM $tablename WHERE username IN ('$username')";
The username field is where the user who booked the flight's username is stored, and the $username variable contains the current logged in user's username. What I'm trying to do is only show the fields where $username matches username (hence only showing bookings for the current user).
When I use the above code without WHERE username IN ('$username'), it displays all the data, but when I add the above code, it displays nothing when there are matches.
If anyone could help fix my code I would greatly appreciate it.
Thanks!
You're using IN incorrectly. IN compares comma-separated lists of strings or values. This can be literal:
WHERE username IN ('user1', 'user2', 'user3')
OR it can come from a subquery:
WHERE username IN (SELECT username FROM users)
If you want an exact match, your WHERE clause should be
WHERE username = '$username'
If that still doesn't work, you MUST verify that you're sending your database the correct query.
echo $query_string;