I was wondering if anyone could help me with this minor problem.
I want to select something from the database, where the number is not more than a set number.
This is what i have (snippet):
$Level = "1"; //Retrieved from the DB, just keeping it simple.
#$Query = mysql_query("SELECT * FROM users,store WHERE users.ID = '$ID' AND store.LevelReq <='users.Level'");
The problem with this, it doesn't display anything that equals $level.
(Item ... Level: 0) - Displays
(Item ... Level: 1) - Doesn't display.
So what i'd like is the equivalent of php's !>1 (not more than 1) but in MYSQL format if possible, however this doesn't work.
You should remember that 'not more than' is always the same as 'lower than and equal to', so you should use field <= value. (So in your case: field <= 1.)
I assume that Level is a field of the table users, if it is true, then you have a quote problem in you query, and query with the PHP var, try:
$Query = #mysql_query("SELECT * FROM users,store WHERE users.ID = '{$ID}' AND store.LevelReq <= {$Level}");
tables and columns are escaped separately, therefor, instead of 'users.Level', try user.'level'. (table.column)
$Level = "1"; //Retrieved from the DB, just keeping it simple.
#$Query = mysql_query("SELECT * FROM users,store WHERE users.ID = '$ID' AND store.LevelReq <= users.'Level'");
You are comparing store.LevelReq to the string "users.Level", not the column users.Level. Remove the quotes around users.Level, and everything should be well!
Are you sure you shouldn't use backticks instead of single quotes? Like this:
$Level = "1"; //Retrieved from the DB, just keeping it simple.
#$Query = mysql_query("SELECT * FROM users,store WHERE users.ID = '$ID' AND store.LevelReq <=`users`.`Level`");
Related
How do I make it pick all results that are not equal to the $var , here's my code.
$opti=mysql_query("SELECT * FROM table1 WHERE imageid=$image_id");
while ($vari = mysql_fetch_array($opti)) {
$var = $vari['tagid'];
$options=mysql_query("SELECT * FROM table WHERE id!=$var");
while ($taghe1 = mysql_fetch_array($options)) {
$tagname = $taghe1['name'];
echo "".$tagname.", ";
} }
Try:
$options=mysql_query("SELECT * FROM table WHERE id<>{$var}");
You can probably see from the answer you accepted that adding the quotes solved your problem. Another way to do this is to just use one query. I will show an example using mysqli instead of the deprecated mysql, but the same query should work in mysql if you must use it. I added a couple of other suggestions that aren't really addressing your question, but make me feel better about my answer.
// Please be sure to escape $image_id before using it like this
$unused_tags = mysqli_query($db, "SELECT `name` FROM `table` AS t
LEFT JOIN (SELECT tagid FROM table1 WHERE imageid=$image_id) AS t1
ON t.id = t1.tagid WHERE t1.tagid IS NULL;");
while ($tag = mysqli_fetch_array($unused_tags)) {
$tags[] = htmlspecialchars($tag['name']); // escape your output
}
echo implode(", ", $tags); // doing it this way eliminates the trailing comma
You could use this:
$options=mysql_query("SELECT * FROM table WHERE id not in ('$var')");
You could have multiple values here, e.g.
$options=mysql_query("SELECT * FROM table WHERE id not in ('$var1', '$var2', '$var3')");
I have ids separated like 2,3,12,22,23,24, because of adding and deleting items.
So I want to reorder them starting in 1 and set each item sequentially then set auto_increment to the last of them + 1.
I've read similar questions, but no one said why they want this, well I need this because if the ids reach the limit number (255) I won't be able to add more items in the table, and it's ridiculous because there will be like just 30 items in it.
This is probably either easy or I'm missing something, please help me.
As stated in the comments, here's my workaround for your situation (forgive the ugly hacky way to return array key 0.
This is also assuming you're using MySQLi and have already connected to the database
<?php
$query = mysqli_query($con, "SELECT `t1`.`id` + 1 FROM `grpgusers` AS `t1` WHERE NOT EXISTS (SELECT * FROM `grpgusers` AS `t2` WHERE `t2`.`id` = `t1`.`id` + 1) LIMIT 1");
$getID = mysqli_data_seek($query, 0);
$temp = mysql_fetch_array($query);
$id = $temp[0];
Then, on your insert query, add in the new $id.
For example:
mysqli_query($con, "INSERT INTOitems(name,etc.) VALUES ('{escaped postdata}', 'etc.')");
Should then be changed to:
mysqli_query($con, "INSERT INTOitems(id,name,etc.) VALUES (".$id.", '{escaped postdata}', 'etc.')");
I am trying to do a query in PHP PDO where it will grab a simple result. So like in my query I need it to find the row where the column group is 'Admin' and show what ever is in the group column. I know that we already know what it should be [Should be admin] but just need to get the query to work. Its only grabbing 1 row from my table, so will I need forsearch?
If I change WHERE group = 'Admin' to WHERE id = '1' it works fine. But I need it so it can be where group = 'admin'
$sql2 = "SELECT * FROM groups WHERE group = 'Admin'";
$stm2 = $dbh->prepare($sql2);
$stm2->execute();
$users2 = $stm2->fetchAll();
foreach ($users2 as $row2) {
print ' '. $row2["group"] .' ';
}
Thanks
group is a reserved word in MySQL, that's why it's not working. In general it's a bad idea to use reserved words for your column and table names.
Try using backticks around group in your query to get around this, so:
$sql2 = "SELECT * FROM groups WHERE `group` = 'Admin'";
Also you should really use placeholders for values, because you're already using prepared statement it's a small change.
Edit: just to clarify my last remark about the placeholders. I mean something like this:
$sql2 = "SELECT * FROM groups WHERE `group` = ?";
$stm2->execute(array('Admin'));
try to use wildcard in your WHERE Clause:
$sql2 = "SELECT * FROM groups WHERE group LIKE '%Admin%'";
Since the value in your table is not really Admin but Administrator then using LIKE and wildcard would search the records which contains admin.
For the user I am testing with, their org_id column value is "student_life"
I am trying to have this function display whatever rows have the student_life column = 1. (so yes there is a column student_life which is a boolean, and then I also have a separate column named org_id and in this case has the value student_life)
I am pretty sure there is a syntax error but I cannot figure it out.
function org_id_users_table()
{
$org_id = mysql_real_escape_string($_POST["org_id"]);
$sql = $this->query("SELECT * FROM ".DBTBLE." WHERE '$org_id' = '1'");
$result = $sql['sql'];
$num_rows = $sql['num_rows'];
$this->create_table($result, $num_rows);
}
(when I replace $org_id in the "$sql=..." line with student_life the code works.
You're quoting the column name, which makes MySQL think it's a string.
$sql = $this->query("SELECT * FROM ".DBTBLE." WHERE $org_id = '1'");
Edit:
Based on your comments, I think what you actually want is this:
$sql = $this->query("SELECT * FROM ".DBTBLE." WHERE org_id = '$org_id'");
Change quotes.
$sql = $this->query("SELECT * FROM ".DBTBLE." WHERE `$org_id` = '1'");
P.S. Why shouldn't I use mysql_* functions in PHP?
Where is this coming from? $_POST["org_id"]
Do you have a form on the page posting that? Or are you just trying to get that from the database? If so, wouldn't you need another query to obtain that first?
$row_MyFirstQuery['org_id']
Otherwise if it is $_POST["org_id"], wouldn't it be single quotes not double? $_POST['org_id']
Alright, so basically the most simple query ever... I've done this a million times...
SELECT *
FROM purchased_items
WHERE uid = '$uid'
if $uid == 123 It works fine and returns all data in rows where uid is 123
if $uid == 351565051447743 It returns empty...
I'm positive 351565051447743 is a possible uid in some rows, i literally copied and pasted it into the table.
$uid is a string, and is being passed as a string.
This is something i've done a million times, and i've never had this simple query not work.
Any ideas why this is not working?
You're probably getting an E{some_power} representation as a string from the double.
What I mean is
$query1 = "SELECT * FROM purchased_items WHERE uid = '$uid'";
Produces:
SELECT * FROM purchased_items WHERE uid = '3.5156505144774E+14'
One way to fix it is:
$query = sprintf("SELECT * FROM purchased_items WHERE uid = '%d'", $uid);
Not sure if sql supports E format so this may or may not be the issue.
http://viper-7.com/v6MhVe
dit: Quick workaround
$format = (is_numeric($uid)) ? '%d' : '%s';
$query2 = sprintf("SELECT * FROM purchased_items WHERE uid = '{$format}'", $uid);;
What is the datatype of uid on your table? How about casting uid to another datatype?
SELECT *
FROM purchased_items
WHERE CAST(uid AS VARCHAR(25)) = '$uid'
Alright, so if you use AMFPHP apparently when you use the browser for testing it doesn't matter if you 'cast' the value as a string in the query. You need to pass it with quotes in the string in the browser interface.