I have the table name in the form as a hidden field, i have to do it this way for some reason but it's not working when i do the following:
// This is being processed from the previous page in a form
$table = mysql_real_escape_string($_POST['just_field']);
//Here i am using the $table value to use in place of a table name
$sql = "select `Field` from `$table` where `another_field` = '$id'
and `another_another_field` = '$something'";
$query = mysql_query($sql) or die ("Error: ".mysql_error());
while ($row = mysql_fetch_array($query)){
$somefield = $row['field'];
}
mysql_free_result($query);
How can i make it work so the $table is being read by the command...
No need for quotes around the table assignment.
$table = mysql_real_escape_string($_POST['just_field']);
try to include the connection string
$sql = "select `Field` from `$table` where `another_field` = '$id'
and `another_another_field` = '$something'";
$query = mysql_query($sql,$conn) or die ("Error: ".mysql_error());
while ($row = mysql_fetch_array($query)){
$somefield = $row['field'];
}
mysql_free_result($query);
if you are not using any framework
Does this work for you
$sql = "select `Field` from ".$table." where `another_field` = '$id'
and `another_another_field` = '$something'";
Your problem is case-sensitivity.
In your query:
select `Field` from `$table`....
^ Capital F
And the later
$somefield = $row['field'];
^ lower case f
An example
php > $cxn = mysql_connect( 'localhost', '****', '****' );
php > mysql_select_db( 'test' );
php > $res = mysql_query( 'select * from genres' );
php > $row = mysql_fetch_assoc( $res );
php > print_r( $row );
Array
(
[id] => 1
[name] => Pop //notice the field name is lower case
)
php > echo $row['name']; //this works
Pop // <- see
php > echo $row['Name']; //this doesn't
php > // <- look, nothing
Try printing the contents of $table before sending it through mysql_real_escape_string() to make sure it contains the value you think it does.
Related
This question already has answers here:
Passing an array to a query using a WHERE clause
(17 answers)
Closed 11 months ago.
I'm trying to query a MySQL database using an array but I'm having trouble!
I have a table called clients, I want to be able to select 'name' from all rows whose 'sector' column is equal to $sectorlink.
I then want to put all the names into an array so I can perform my next query: select all rows from another table whose 'client' column is equal to one of the names returned from the first query. I'm doing something wrong because it returns a fatal SQL error. I'm getting confused with all the variables!
$sectorlink and $connection are the only variables that are defined outside of this code
Any suggestions?
$query1 = "SELECT name FROM clients WHERE sector = '$sectorlink'";
$clientresult = mysql_query($query1, $connection) or trigger_error("SQL", E_USER_ERROR);
while($row = mysql_fetch_array($clientresult)){
foreach($row AS $key => $value){$temp[] = '"'.$value.'"';}
$thelist = implode(",",$temp);
$query = "SELECT count(*) FROM studies WHERE client IN ($row) ORDER BY (date) desc";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);
}
The second query should use $thelist not $row, and it should be outside of the while loop. The foreach loop is unnecessary when processing a single row. You can access the name in $row with a simple $row[0]. Something like this (untested):
$query1 = "SELECT name FROM clients WHERE sector = '$sectorlink'";
$clientresult = mysql_query($query1, $connection) or trigger_error("SQL", E_USER_ERROR);
while($row = mysql_fetch_array($clientresult)){
$temp[] = '"'.$row[0].'"';
}
$thelist = implode(",",$temp);
$query = "SELECT count(*) FROM studies WHERE client IN ($thelist) ORDER BY (date) desc";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);
Caution: Please be aware that your code is highly vulnerable to SQL injection attacks. It's fine for testing or internal development but if this code is going to be running the Fort Knox web site you're going to want to fix it up quite a bit. Just an FYI. :-)
Try This:
$query1 = "SELECT name FROM clients WHERE sector = '$sectorlink'";
$clientresult = mysql_query($query1, $connection) or trigger_error("SQL", E_USER_ERROR);
while($row = mysql_fetch_array($clientresult)){
$client = $row['name'];
$query = "SELECT * FROM studies WHERE client='$client' ORDER BY date DESC";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);
/* echo results here */
}
Couple of things. First you have an unnecessary loop there. Try:
while (list($name) = mysql_fetch_row($clientresult)) {
$temp[] = $name;
}
To build your temporary array.
Second, the parts of the IN clause are strings, so when you implode, you'll need to enclose each value in quotes:
$thelist = "'". implode("','", $temp) . "'";
Lastly, in your query you are passing $row to the IN clause, you should be passing $thelist:
$query = "SELECT count(*) FROM studies WHERE client IN ($thelist) ORDER BY date desc";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);
So altogether:
$query1 = "SELECT name FROM clients WHERE sector = '$sectorlink'";
$clientresult = mysql_query($query1, $connection) or trigger_error("SQL", E_USER_ERROR);
while (list($name) = mysql_fetch_row($clientresult)) {
$temp[] = $name;
}
$thelist = "'". implode("','", $temp) . "'";
$query = "SELECT count(*) FROM studies WHERE client IN ($thelist) ORDER BY date desc";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);
I expect you'd be better off doing this in one query with a join:
$query = "SELECT COUNT(*) FROM `studies` INNER JOIN `clients` on studies.client = clients.name WHERE clients.sector = '$sectorlink' ORDER BY studies.date DESC";
$result = mysql_query($query, $connection) or trigger_error("SQL", E_USER_ERROR);
I am pulling everything from a database table and displaying specific data in php.
So far all my code is working, I'm able to display in php everything but I'm trying to make another php file to only display specific data. For example I want it to find everything in the movieview table and only display all row data that has a playcount of equal or greater than 1 and to display it by title ascending which is
$SQL = "select * from movieview WHERE playCount>=1 Order By c00 Asc";
$result = mysql_query($SQL);
while ( $db_field = mysql_fetch_assoc($result) ) {
$imdb = $db_field['c09'];
$run = $db_field['c11'];
$row = mysql_fetch_assoc($run);
$sum = $row['value_sum'];
Now I want to echo $sum; to add up all values of c11 from all the results that matched playcount of equal or greater then 1. The reason I haven't tried the SQL sum is because below I am displaying more columns which i believe is the reason for select *
edit: if i do the following:
$db_handle = mysql_connect($server, $username, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) {
$SQL = "select * from movieview WHERE playCount>=1 Order By c00 Asc";
$result = mysql_query($SQL);
while ( $db_field = mysql_fetch_assoc($result) ) {
$imdb = $db_field['c09'];
$run = $db_field['c11'];
echo $run;
it does display the times of all the items with a playcount of 1 or more which is good. now im just just wish to make a total of all those $run values in 1 sum and echo that. i also have extra tables that are called in the php file, just a note, like mid, idb, and c00.
now, if i do :
$db_handle = mysql_connect($server, $username, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) {
$SQL = "select SUM(c11) AS totalrun from movieview WHERE playCount>=1 Order By c00 Asc ";
$result = mysql_query($SQL);
while ( $db_field = mysql_fetch_assoc($result) ) {
$imdb = $db_field['c09'];
$run = $db_field['totalrun'];
i am able to echo the totals, yey!, but i cant call on the other columns listed above.
If i understood well your question, you can do this:
$counter=0;
while ( $db_field = mysql_fetch_assoc($result) ) {
$imdb = $db_field['c09'];
$run = $db_field['c11'];
$row = mysql_fetch_assoc($run);
$sum = $row['value_sum'];
$counter .= $row['c11'];
}
echo $counter;
If you just keep on adding the total run it should work , If I have understood it correctly
$db_handle = mysql_connect($server, $username, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) {
$SQL = "select * from movieview WHERE playCount>=1 Order By c00 Asc";
$result = mysql_query($SQL);
$run=0;
while ( $db_field = mysql_fetch_assoc($result) ) {
$imdb = $db_field['c09'];
$run = $run + $db_field['c11'];
}
echo $run;
i was able to do it by creating another sql query. not sure how proper it is but it works. the only thing missing is that each result is only counted 1x so if a playcount of 2 or more is only seen as 1. will work on that later unless you can reply with a fix :D
while ( $db_field = mysql_fetch_array($result) ) {
$run = $db_field['SUM(c11)'];
I'm using the code below to query the database.
mysql_query ("SELECT * FROM _$symbol ORDER BY date DESC;");
$_10day = mysql_query ("SELECT AVG(close) FROM _$symbol limit 10;");
$_21day = mysql_query ("SELECT AVG(close) FROM _$symbol limit 21;");
$_50day = mysql_query ("SELECT AVG(close) FROM _$symbol limit 50;");
echo "$_10day\n";
echo "$_21day\n";
echo "$_50day\n";
mysql_query ("INSERT INTO _$symbol(_10day) VALUE ('$_10day');");
echo mysql_errno($sql) . ": " . mysql_error($sql). "\n";
I need to get the average of close from the database, and I'm using the AVG()function, then insert the return value into the database. The queries work in mysql however they do not work through the script. It does enter a value into the database, but it always enters 0. What am I doing wrong?
EDIT--solution found
$get10 = mysql_query ("SELECT AVG( close ) AS CloseAverage from ( SELECT close FROM _$symbol ORDER BY date DESC limit 10 ) sub1 ;");
$row = mysql_fetch_assoc($get10);
$_10day = $row['CloseAverage'];
if (!mysql_query ("UPDATE _$symbol SET _10day = $_10day, _21day = $_21day, _50day = $_50day, _100day = $_100day, _120day = $_120day, _150day = $_150day, _200day = $_200day, _240day = $_240day, _20dayVol = $_20dayVol, _50dayVol = $_50dayVol where date = '$date';"))
{
echo "Update query failed";
}
I was querying it incorrectly apparently it needed to be selected as a sub query, solution is above, it is working now.
Here's an example on how to manage multiple result-rows:
function connect()
{
$db = mysql_connect("localhost","username","password") or die("your error msg");
mysql_select_db("database_name");
return $db;
}
$db = connect();
$query = "SELECT value1 FROM my_table";
$result = mysql_query($query, $db);
while($row = mysql_fetch_array($result, MYSQL_ASSOC)){
// This one will loop through the data in your output//
$outputValue = $row['value1'];
}
For inserting data:
// Continued from the state above //
$query = "INSERT INTO table_name (column1) VALUES (value1)";
$result = mysql_query($query, $db) or die(mysql_error());
$_10day is a mysql result, not a value. You can't just put a result into a query string and expect it to work.
You need to get the result data first, eg;
while($row = mysql_fetch_assoc($_10day)) {
$10day = $row['AVG(close)'];
}
Then you can execute your insert query;
mysql_query ("INSERT INTO _$symbol (_10day) VALUES ('$10day')");
Hope this helps.
I have dropdown menus wich contains name of players and opposition team. When user picks team for opposition to play against he clicks the submit button and isset function is triggered where the data from the dropdown menus will be captured and uploaded to the database.
It is simple enough but I've got what I guess is a syntax error. I get the message in the title when page is opened. I've been trying to fix this with no luck. If someone can point me in the right direction it would be greatly appreciated.
if ( isset($_POST['submit']) ) {
$player_ids = array_map('intval', $_REQUEST['players']);
$opponents_id = $_REQUEST['players'];
var_dump($opponents_id);
$query = 'SELECT `name`, `position`
FROM `player_info`
WHERE `player_id` IN (' . implode(',', $player_ids) . ')';
$return_names = mysql_query($query) or die(mysql_error());
while ( $row = mysql_fetch_assoc($return_names) )
{
$selected[] = $row['name'];
$position[] = $row['position'];
}
$query = ("SELECT `fixture_id`
FROM `fixtures`
WHERE `fixture_id` = $opponents_id");
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_array($query))
{
$fixture_id[] = $row['fixture_id'];
}
$query = ("SELECT `fixture_id`
^ See Here
FROM `fixtures`
WHERE `fixture_id` = $opponents_id");
$result = mysql_query($qury)
^ See here
You have mistakenly typed wrong variable in mysql_query.
I believe this is the problem: $qury
$result = mysql_query($qury) or die(mysql_error());
Change to:
$result = mysql_query($query) or die(mysql_error());
I have a query that gets 5 lines of data like this example below
$query = "SELECT ref,user,id FROM table LIMIT 0, 5";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result))
{
$ref = $row['ref'];
}
I want to run a query inside each results like this below
$query = "SELECT ref,user,id FROM table LIMIT 0, 5";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result))
{
$ref = $row['ref'];
$query = "SELECT domain,title FROM anothertable WHERE domain = '$ref'";
$result = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($result) )
{
$title = $row['title'];
} else {
$title = "No Title";
}
echo "$ref - $tile";
}
but for some reason it's only display the first line when I add the query inside it. I can seem to make it run all 5 queries.
SELECT
t1.ref,
t1.user,
t1.id,
t2.domain,
t2.title
FROM
table AS t1
LEFT JOIN anothertable AS t2 ON
t2.domain = t1.ref
LIMIT
0, 5
The problem is that inside the while-cycle you use the same variable $result, which then gets overridden. Use another variable name for the $result in the while cycle.
You change the value of your $query in your while loop.
Change the variable name to something different.
Ex:
$query = "SELECT ref,user,id FROM table LIMIT 0, 5";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result))
{
$ref = $row['ref'];
$qry = "SELECT domain,title FROM anothertable WHERE domain = '$ref'";
$rslt = mysql_query($qry) or die(mysql_error());
if (mysql_num_rows($rslt) )
{
$title = $row['title'];
} else {
$title = "No Title";
}
echo "$ref - $tile";
}
Use the following :
$query = "SELECT ref,user,id FROM table LIMIT 0, 5";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result))
{
$ref = $row['ref'];
$query_domain = "SELECT domain,title FROM anothertable WHERE domain = '$ref'";
$result_domain = mysql_query($query_domain) or die(mysql_error());
if (mysql_num_rows($result_domain) )
{
$row_domain = mysql_fetch_row($result_domain);
$title = $row_domain['title'];
} else {
$title = "No Title";
}
echo "$ref - $title";
}
This is a logical problem. It happens that way, because you are same variable names outside and inside the loop.
Explanation:
$query = "SELECT ref,user,id FROM table LIMIT 0, 5";
$result = mysql_query($query) or die(mysql_error());
// Now $results hold the result of the first query
while($row = mysql_fetch_array($result))
{
$ref = $row['ref'];
//Using same $query does not affect that much
$query = "SELECT domain,title FROM anothertable WHERE domain = '$ref'";
//But here you are overriding the previous result set of first query with a new result set
$result = mysql_query($query) or die(mysql_error());
//^ Due to this, next time the loop continues, the $result on whose basis it would loop will already be modified
//..............
Solution 1:
Avoid using same variable names for inner result set
$query = "SELECT ref,user,id FROM table LIMIT 0, 5";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result))
{
$ref = $row['ref'];
$query = "SELECT domain,title FROM anothertable WHERE domain = '$ref'";
$sub_result = mysql_query($query) or die(mysql_error());
// ^ Change this variable so that it does not overrides previous result set
Solution 2:
Avoid the double query situation. Use joins to get the data in one query call. (Note: You should always try to optimize your query so that you will minimize the number of your queries on the server.)
SELECT
ref,user,id
FROM
table t
INNER JOIN
anothertable t2 on t.ref t2.domain
LIMIT 0, 5
Learn about SQL joins:
SELECT table.ref, table.user, table.id, anothertable.title
FROM table LEFT JOIN anothertable ON anothertable.domain = table.ref
LIMIT 5
You're changing the value of $result in your loop. Change your second query to use a different variable.
it is not give proper result because you have used same name twice, use different name like this edit.
$query = "SELECT ref,user,id FROM table LIMIT 0, 5";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result))
{
$ref = $row['ref'];
$query1 = "SELECT domain,title FROM anothertable WHERE domain = '$ref'";
$result1 = mysql_query($query1) or die(mysql_error());
if (mysql_num_rows($result1) )
{
$title = $row['title'];
} else {
$title = "No Title";
}
echo "$ref - $tile";
}