Applying a function to MySQL export to .txt - php

I'm exporting some data from MySQL which can be selected through checkboxes on a page to a .txt file.
Now I have a function to "black out" middle digits of the numbers from MySQL, this function is working on my page, there it looks like this:
<?php
$sql="SELECT * FROM table";
$result=mysql_query($sql);
// Count table rows
$count=mysql_num_rows($result);
?>
<?php function blankit($word) {
return substr($word, 0,2). str_repeat("X",strlen($word)-4) . substr($word, strlen($word)-2,strlen($word));
}
?>
<?php while($rows=mysql_fetch_array($result, MYSQL_ASSOC)) {
$code = ($rows['used'] == '') ? blankit($rows['code']) : $rows['code']; ?>
<tr class="first">
<td class="tc"><font face="Arial, Helvetica, sans-serif"><? echo $rows['id']; ?></font></td>
<td class="tc"><font face="Arial, Helvetica, sans-serif"><? echo $code; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $rows['date']; ?></font></td>
<td class="tc"><font face="Arial, Helvetica, sans-serif"><? echo $rows['ip']; ?></font></td>
<td class="tc"><font face="Arial, Helvetica, sans-serif"><? echo $setusedpscde; ?></font></td>
<td class="tc"><input name="checkbox[]" type="checkbox" class="checkbox" id="checkbox[]" value="<? echo $rows['id']; ?>"></td>
</tr>
<?php
}
?>
Now I want to apply this same function (blankit) when I export to the .txt file, my export code:
<?php
if ($_POST['exporttxt']) {
for($i=0;$i<count($_POST['checkbox']);$i++){
$export_id = $checkbox[$i];
$text = mysql_query("SELECT code FROM table WHERE id='$export_id'");
$text2 = mysql_fetch_assoc($text);
$text3 = $text2["code"];
$filename = "export";
$filedate = date("Y-m-d");
$fileext = ".txt";
$fileall = $filename.$filedate.$fileext;
ob_end_clean();
header("Content-Type: application/octet-stream");
header("Content-disposition: attachment;filename=\"$fileall\"");
header("Content-Type: application/force-download");
header("Content-Type: application/download");
header("Content-Description: File Transfer");
header("Content-Length: ".strlen($output).";\n");
echo chunk_split($text3, 16, "\n");
}
}
?>
I tried changing
$text3 = $text2["code"];
to
$text3 = ($text2['used'] == '') ? blankit($text2['code']) : $text2['code'];
But this X'ed out all the middle digits of every number, even if used was not =''
What do I have to change here ?


The problem is that for 1st query you selected all columns and in 2nd only the code column
$text = mysql_query("SELECT code FROM table WHERE id='$export_id'");
In that case, $text2['used'] == '' is always true as the value is null. You have to add 'used' column
$text = mysql_query("SELECT used, code FROM table WHERE id='$export_id'");

Related

display unrelated data from 2 tables

Trying to get data to display from 2 different and basically unrelated tables. Don't want them joined, just discrete output to look like this in a select box:
Category: current category from table1 (this part works)
Entire list of categories from table 2 (correct number of empty option tags, no data showing)
DB connection code:
//DB CONNECTION//
$dbcnx = mysqli_connect("localhost", $DBASEUSER, $DBASEPASSWORD, $DBASE);
//Main Showcase
$sql = "SELECT * FROM `dprods`";
//////HEADER in main page
<?php
$ID=$_GET['ID'];
$CAT=$_GET['cat'];
?>
//////Main SECTION
<?php
require "db_conn.php";
$sql2 = "SELECT * FROM $DBTABLE WHERE ID=$ID";
$getinfo = mysqli_query($dbcnx, $sql2);
$row = mysqli_fetch_assoc($getinfo);
$PROD = $row['dtitle'];
$PRICE = $row['dprice'];
$PP = $row['dpplink'];
echo "<tr>
<td width=\"12%\">
<div align=\"right\"><b><font face=\"Arial, Helvetica, sans-serif\" size=2>Product
Category: </font></b></div>
</td>
<td colspan=2 width=\"88%\"><select name=\"dcat\"><option value=\"$CAT\">Current Category: $CAT</option>";
$dcat = "SELECT * FROM 'dcat'";
$getcat = mysqli_query($dbcnx, $dcat);
$row2 = mysqli_fetch_assoc($getcat);
while($row2 = mysqli_fetch_assoc($result))
{ echo " <option value=\"".$row2["dcategory"]."\">".$row2["dcategory"]."</option>";
}
echo "".$row["dprice"]."</select>
</tr>
<tr>
<td width=\"12%\"> </td>
<td width=\"24%\"> </td>
<td width=\"64%\"> </td>
</tr>
<tr>
<td width=\"12%\">
<div align=\"right\"><b><font face=\"Arial, Helvetica, sans-serif\" size=2>Product
Title: </font></b></div>
</td>
<td width=\"24%\"> <b><font face=\"Arial, Helvetica, sans-serif\" size=2>
<input type=\"text\" name=\"Title\" value=\"".$row["dtitle"]."\" size=35 maxlength=25>
</font></b><b><font face=\"Arial, Helvetica, sans-serif\" size=2> </font></b></td>
<td width=\"64%\"><b><font face=\"Arial, Helvetica, sans-serif\" size=2>Price</font></b>:
<b><font face=\"Arial, Helvetica, sans-serif\" size=2>
<input type=\"text\" name=\"Price\" value=\"".$row["dprice"]."\" maxlength=10 size=20>
</font></b></td>
</tr>
<tr>
<td width=\"12%\"> </td>
<td width=\"24%\"> </td>
<td width=\"64%\"> </td>
</tr>
<tr>
<td width=\"12%\">
<div align=\"right\"><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=2><b>PayPal
Link: </b></font></div>
</td>
<td colspan=2><font face=\"Arial, Helvetica, sans-serif\"><b>http://www.paypal.com</b>
</font>
<input type=\"text\" name=\"PP\" value=\"".$row["dpplink"]."\" size=50>
<font face=\"Arial, Helvetica, sans-serif\">Only put in what follows paypal.com</font></td>
</tr>
";
mysqli_close($dbcnx);
?>
Been working and researching this for hours and now I'm so horribly confused, lupus induced Swiss-cheese brain isn't helping. I think I'm very close, just unable to get the data from the 2nd table to display. Would appreciate any suggestions, but please keep it as simple as possible. Some of the complex code I've seen in my research confuses me even more. Thanks!

Try including getcat in your select query like this:
$dcat = "SELECT 'dcategory', 'getcat' FROM 'dcat'";
$getcat = mysqli_query($dbcnx, $dcat);
while($row2 = mysqli_fetch_assoc($getcat))
{
echo " <option value=\"".$row2["getcat"]."\">".$row2["getcat"]."</option>";
}
echo "</select>"
You could also use $dcat = "SELECT * FROM 'dcat'";, but the above is likely slightly more efficient.
Also, I don't see where $result was being set for this code while($row2 = mysqli_fetch_assoc($result))
It looks like $result isn't set, so it would obviously give you undesirable results.
You're also doing $row2 = mysqli_fetch_assoc($getcat); outside of the while loop, which will grab the first row before entering the loop. The loop would start at the second row.
Please look at http://php.net/manual/en/mysqli-result.fetch-assoc.php
Also, your script will be subject to SQL Injection, as mentioned in the comments. You will need to fix it so it is as safe as possible. Read the links in the comments and also make sure you're using prepared statements

adpro, your help was invaluable. I was more confused than I realized and your comments helped point that out to me. I went back & started from scratch with a clean query code that I could print out, mark up with colored hi-liters to follow the variables. Code now works as desired and I'm posting for anyone else who may need the clarification. I appreciate the input from everyone about the sql injection. My goal was to get the simple functionality working first before making it more complicated. Now I can add the protection to prevent sql injection.
<?php
require "db_conn.php";
$sql2 = "SELECT * FROM $DBTABLE WHERE ID=$ID";
$getinfo = mysqli_query($dbcnx, $sql2);
$row = mysqli_fetch_assoc($getinfo);
$PROD = $row['dtitle'];
$PRICE = $row['dprice'];
$PP = $row['dpplink'];
echo "<tr>
<td width=\"12%\">
<div align=\"right\"><b><font face=\"Arial, Helvetica, sans-serif\" size=2>Product
Category: </font></b></div>
</td>
<td colspan=2 width=\"88%\"><select name=\"dcat\"><option value=\"$CAT\">Current Category: $CAT</option>";
$sqlCAT = "SELECT * FROM dcat";
if($resultCAT = mysqli_query($dbcnx, $sqlCAT)){
if(mysqli_num_rows($resultCAT) > 0){
while($rowCAT = mysqli_fetch_array($resultCAT)){
echo "<option value=\"".$rowCAT['dcategory']."\">".$rowCAT['dcategory']."</option>";
}
// Free result set
mysqli_free_result($resultCAT);
} else{
echo "No records matching your query were found.";
}
} else{
echo "ERROR: Could not able to execute $sqlCAT. " . mysqli_error($dbcnx);
}
echo " </select>";
mysqli_close($dbcnx);
?>

How to make a table with MySQL queries

I'm trying to make a table that shows the results from a query of MySQL, but I'm having a hard time to get it right...
I had the PHP code to show the content of the database table with this script;
<?php
// Grab the data from our people table
$sql = "SELECT * FROM people ORDER BY ID";
$result = mysql_query($sql) or die ("Could not access DB: " . mysql_error());
while ($row = mysql_fetch_assoc($result)) {
echo "<div class=\"picture\">";
echo "<p>";
// Note that we are building our src string using the filename from the database
echo "<img src=\"content/uploads/" . $row['filename']
. "\" alt=\"\" height=\"125\" width=\"200\" /><br />" . "<br />";
echo $row['fname'] . " " . "<br />" . "<br />";
echo "</p>";
echo "</div>";
}
?>
but that of course doesn't have tables which is pretty ugly as it displays everything underneath each other... so I tried to make a table for it and after a lot of research I found a script which should have displayed the content but I can't seem to implement it into my own code and ended up with the error:
Could not access DB: No database selected
Using this code:
<?php
$sql="SELECT * FROM people ORDER BY ID";
$result=mysql_query($sql) or die ("Could not access DB: " . mysql_error());
$num=mysql_numrows($result);mysql_close();?>
<table border="0" cellspacing="2" cellpadding="2">
<tr>
<td>
<font face="Arial, Helvetica, sans-serif">Value1</font>
</td>
<td>
<font face="Arial, Helvetica, sans-serif">Value2</font>
</td>
</tr>
<?php
$i=0;while ($i < $row) {$f1=mysql_fetch_assoc($result,$i,"field1");
$f2=mysql_fetch_assoc($result,$i,"field2");
$f3=mysql_fetch_assoc($result,$i,"field3");
$f4=mysql_fetch_assoc($result,$i,"field4");
$f5=mysql_fetch_assoc($result,$i,"field5");?>
<tr>
<td>
<font face="Arial, Helvetica, sans-serif"><?php echo $f1; ?></font>
</td>
<td>
<font face="Arial, Helvetica, sans-serif"><?php echo $f2; ?></font>
</td>
</tr>
<?php
$i++;}
?>

Not sure what is going on here
mysql_fetch_assoc($result,$i,"field1")
Mysql_fetch_assoc only accepts one argument
The correct way to use it is as demonstrated in the php man page
while ($row = mysql_fetch_assoc($result))
{?>
<tr>
<td>
<font face="Arial, Helvetica, sans-serif"><?php echo $row['value1']; ?></font>
</td>
<td>
<font face="Arial, Helvetica, sans-serif"><?php echo $row['value2']; ?></font>
</td>
</tr>
<?php
}
If you had errors and warnings turned on, then you would get helpful error messages telling you what was wrong with your code. It is always recommended to turn them on for development.

PHP displaying individual tables

At the moment my produces results from a database and then inserts all of the results into one HTML table.
Is there any way that it would be possible so that for each result returned it created an individual HTML table (opposed to all of the results going into one HTML table)
My code:
<table class=\"board\" width='100%' border='0' align='center' cellpadding='1' cellspacing='1'>
");
$type = $_GET["type"];
if ($type == "" || $type == "request") {
$get = mysql_query("SELECT * FROM request WHERE type='Request' AND deleted != 'yes' ORDER BY id DESC");
} else {
if ($type == "shoutout") {
$get = mysql_query("SELECT * FROM request WHERE type='Shoutout' AND deleted != 'yes' ORDER BY id DESC");
} else {
if ($type == "competition") {
$get = mysql_query("SELECT * FROM request WHERE type='Competition' AND deleted != 'yes' ORDER BY id DESC");
} else {
if($type == "all") {
$get = mysql_query("SELECT * FROM request WHERE deleted != 'yes' ORDER BY id DESC");
}
}
}
}
$num = #mysql_num_rows($get);
if ($num == 0) {
echo ("<div class=\"board\"><center><font color=\"red\">There aren't any requests in this category!<br />
Why not ask listeners to send in their requests?</font></center></div>");
} else {
while ($r = mysql_fetch_array($get)) {
echo "
<tr>
<td><font face=\"verdana\" size=\"1\"><b>User</b></td>
<td><font face=\"verdana\" size=\"1\"><b>$r[habboname]</b></td>
</tr>
<tr>
<td><font face=\"verdana\" size=\"1\"><b>Date</b></td>
<td><font face=\"verdana\" size=\"1\">$r[date]</td>
</tr>
<tr>
<td><font face=\"verdana\" size=\"1\"><b>IP</b></td>
<td><font face=\"verdana\" size=\"1\">$r[ip]</td>
</tr>
<tr>
<td><font face=\"verdana\" size=\"1\"><b>Message</b></td>
<td><font face=\"verdana\" size=\"1\">$r[message]</td>
</tr>
<tr>
<td><font face=\"verdana\" size=\"1\"><b>Type</b></td>
<td><font face=\"verdana\" size=\"1\">$r[type]</td>
</tr>
<tr>
<!-- <td><font face=\"verdana\" size=\"1\"><b>Refferer</b></td>
<td><font face=\"verdana\" size=\"1\">";
if($r[refferer] == 1){ echo "Site.com</td>"; } else { echo "Site1.com</td>"; }
echo "--></tr>
<tr>
<td><font face=\"verdana\" size=\"1\"><b>Commands</b></td>
<td><font face=\"verdana\" size=\"1\">Delete - Ban - <!--Alert-->Nominate LoTW</font></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
";
$id = htmlspecialchars($_GET['id']);
$delete = mysql_query("UPDATE request SET deleted = 'yes' WHERE id = '$id'");
}
echo ("</table></div>");
}
break;
case 'delete':

If you mean to create as many tables as there are returned rows, just put the opening <table> into the while's beginning and the closing </table> to the end of while. However, I don't understand why this would be desired. Do you really want to create many tables with just one row? It kind of defeats the purpose of a table. Make a list or use span's or anything else than tables instead.
while ($r = mysql_fetch_array($get)) {
echo "<table class=\"board\">
<tr>
<td><b>User</b></td>
<td><b>$r[habboname]</b></td>
</tr>
<tr>
<td><b>Date</b></td>
<td>$r[date]</td>
</tr>
<tr>
<td><b>IP</b></td>
<td>$r[ip]</td>
</tr>
<tr>
<td><b>Message</b></td>
<td>$r[message]</td>
</tr>
<tr>
<td><b>Type</b></td>
<td>$r[type]</td>
</tr>
<tr>
<!-- <td><b>Refferer</b></td>
<td>";
if($r[refferer] == 1){ echo "Site.com</td>"; } else { echo "Site1.com</td>"; }
echo "--></tr>
<tr>
<td><b>Commands</b></td>
<td>Delete - Ban - <!--Alert-->Nominate LoTW</font></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
</table>";
$id = htmlspecialchars($_GET['id']);
$delete = mysql_query("UPDATE request SET deleted = 'yes' WHERE id = '$id'");
}
echo "</div>"; //remove () after echo
Update. One another thing. Please don't use inline styling. You have table class="board" so you already probably know the power of CSS.
Second update. I removed <font ...> tags. Use CSS for example like this:
table.board{
width:100%;
border:0;
align:center;
cellpadding:1;
cellspacing:1;
}
table.board td{
font-family: Verdana, Geneva, Arial, sans-serif;
font-size: 1em;
}
CSS saves a lot of trouble when you want to change styling. And trust me, there will be a time when you want to change it (or your boss want's to bling-bling the site...).

ZZ-bb is absolutely right and as a hint try to put if/else construction in mysql - it will move faster or optimize it in php, like:
$get = mysql_query("SELECT * FROM request WHERE " . ($type == 'all' ? 'type = 1' : 'type = ucfirst($type)' ) . " AND deleted != 'yes' ORDER BY id DESC");

Display MySQL table attributes via a foreign key relationship using PHP

I have two tables job which contains an attribute called employer_id_job that links it to the employer table. I am able to display the contents of job in a table using PHP by using the following code
<?php
$query = "SELECT * FROM job";
$result = mysql_query($query);
$num = mysql_numrows($result);
$count = 0;
while ($count < $num)
{
$title = mysql_result ($result, $count, "Title");
$date_posted = mysql_result ($result, $count, "Date_posted");
$application_deadline = mysql_result ($result, $count, "Application_deadline");
$description = mysql_result ($result, $count, "Description");
$years_of_experience = mysql_result ($result, $count, "Years_of_experience");
$education_level = mysql_result ($result, $count, "Education_level_required");
$contract = mysql_result ($result, $count, "Contract_type");
$company = mysql_result ($result, $count, "Company_name");
?>
<tr>
<td><font face = "Arial, Helvetica, sans-serif"><? echo $count + 1; ?></font></td>
<td><font face = "Arial, Helvetica, sans-serif"><? echo $title; ?></font></td>
<td><font face = "Arial, Helvetica, sans-serif"><? echo $company; ?></font></td>
<td><font face = "Arial, Helvetica, sans-serif"><? echo $description; ?></font></td>
<td><font face = "Arial, Helvetica, sans-serif"><? echo $date_posted; ?></font></td>
<td><font face = "Arial, Helvetica, sans-serif"><? echo $application_deadline; ?></font></td>
<td><font face = "Arial, Helvetica, sans-serif"><? echo $education_level; ?></font></td>
<td><font face = "Arial, Helvetica, sans-serif"><? echo $years_of_experience; ?></font></td>
<td><font face = "Arial, Helvetica, sans-serif"><? echo $contract; ?></font></td>
<?
$count ++;
}
?>
My method here breaks down when trying to assign a value to the $company variable, which is held in the employer table. It was my assumption that simply using the same notation as for the rest of my variables would cause the script to follow the foreign key to the employer table and grab the attributes there, but it hasn't done that.
How should I go about accessing the contents of a table related via a foreign key?

select * from job as j, company as c where j.company == c.company
I'm not sure what then name of your fields are so I made my best guess. This allows you to access both fields.

selected responses on form are not picked up on 2nd php page

I have a section of code that I'm stumped on how to handle. The Selected options on the drop down menues are not being picked up on the second PHP page. That is to say the variables error, error1 & error2 on the second page remain blank. I had the same issue with other variables, but was able to fix them with $_POST, but not sure how to handle this with the query.
This form worked great on our main server, but doesn't want to work on the PHP enabled Qnap. Here is the section of script for page 1. It pulls the information from a database. It is displayed correctly on the users screen. at the bottom is page 2
$result19 = mysql_query("SELECT * FROM struc order by number DESC limit 1");
$f = mysql_fetch_array($result19);
$i = 100;
$zx = 0;
for ($i =100; $i<=$f[number] ; $i +100){
$result11 = mysql_query("SELECT * FROM catagory where number = '$i' ORDER BY catagory");
$w = mysql_fetch_array($result11);
?>
<tr>
<td width="269" bgcolor="#284357"><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#FFFFFF"><b>
<?
echo "$w[catagory]";
?>
</b></font></td>
<td width="47" bgcolor="#284357">
<input type="radio" name="chk" value="<? echo $i; ?>">
</td>
<td width="398" bgcolor="#284357">
<select class=texta name="<? echo $i; ?>" onchange="changeRadio(document.forms[0].chk,this,<? echo $zx; ?>)">
<option>
<?
$result8 = mysql_query("SELECT * FROM struc where number = '$i' ORDER BY name ");
if ($h = mysql_fetch_array($result8)) {
do{
?>
<option>
<? echo $h[name]; ?>
</option>
<?php
}
while($h = mysql_fetch_array($result8));
}
?>
</select>
</td>
</tr>
<?
$zx = $zx + 1;
$i = $i + 100;
}
?>
Now the problem script on page 2
$result19 = mysql_query("SELECT * FROM struc order by number DESC limit 1");
$f = mysql_fetch_array($result19);
$n = 0;
for ($i = 100; $i <= $f[number] ; $i + 100)
{
if ($$i != "")
{
$y[$n] = $$i;
$n = $n + 1;
}
$i = $i + 100;
}
$error = $y[0];
$error1 = $y[1];
$error2 = $y[2];
<p><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#FFFFFF">1.
<? echo $error; ?>
<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#FFFFFF">
</font> </font></p>
<input type="hidden" name="error" value="<? echo $error; ?>">
<p><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#FFFFFF">2.
<? echo $error1; ?>
</font></p>
<input type="hidden" name="error1" value="<? echo $error1; ?>">
<p><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#FFFFFF">3.
<? echo $error2; ?>
</font></p>
<input type="hidden" name="error2" value="<? echo $error2; ?>">

I'm guessing that's not the whole page,
anyways I see on the first page tag opens twice, but closes only once
I'd check the HTML you get, it might hold the answer

Categories