Migrating a proprietary CMS database to a Joomla database - php

I'm currently trying to write a script to migrate the database from a proprietary CMS system to a Joomla 1.6 database.
My code is throwing an error at the last "die". (Sorry, I've taught myself PHP along the way, I know I don't use the proper terminology for everything.)
<?php
$username="root";
$password="";
$database="DATABASE";
mysql_connect(localhost,$username,$password);
#mysql_select_db($database) or die( "Unable to select database");
$query="SELECT * FROM post3";
$result=mysql_query($query);
$num=mysql_num_rows($result);
mysql_close();
$i=0;
while ($i < $num) {
$postid=mysql_result($result,$i,"postid");
echo "$postid <br/>";
$poster=mysql_result($result,$i,"poster");
echo "$poster <br/>";
$department=mysql_result($result,$i,"department");
if($department=="LIFE"){
$department="12";}
elseif ($department=="NEWS"){
$department="11";}
elseif ($department=="SPORTS"){
$department="13";}
echo "$department <br/>";
$milestone=mysql_result($result,$i,"milestone");
echo "$milestone <br/>";
$date= date('Y-m-d H:i:s', $milestone);
echo "$date <br/>";
$title=mysql_result($result,$i,"title");
echo "$title <br/>";
$preview=mysql_result($result,$i,"preview");
if (empty($preview)) {
$preview=$title;
}
echo "$preview<br/>";
$alias=str_replace(" ","-", $title);
echo "$alias <br/>";
$bodytext=mysql_result($result,$i,"body_text");
echo "$bodytext <br/>";
$edited=mysql_result($result,$i,"edited");
echo "$edited <br/>";
$pop=mysql_result($result,$i,"pop");
echo "$pop <br/>";
echo "$i Records Copied<br/>";
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("DATABASE", $con);
$sql="INSERT INTO conversion (id, title, alias, introtext, fulltext, state, sectionid, mask, catid, created, created_by, modified, modified_by, checked_out, checked_out_time, publish_up, publish_down, version, parentid, ordering, access, hits, featured, language)
VALUES
('$postid','$title','$alias','$preview','$bodytext','1','0','0','$department','$date','$poster','$date','$poster','0','0000-00-00 00:00:00','0000-00-00 00:00:00','0000-00-00 00:00:00','$edited','0','$i','1','$pop','0','*')";
if (!mysql_query($sql,$con))
{
die ("Query failed: " . mysql_error() . " Actual query: " . $sql);
}
echo "Success <br/>";
mysql_close($con);
$i++;
}
?>
It echos everything out fine, but throws this error:
Query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'fulltext, state, sectionid, mask, catid, created, created_by, modified, modified' at line 1
Any ideas? Thank you!


fulltext is a MySQL reserved keyword. If you want to use it as a column name, you need to use backtickts, as in:
`fulltext`


"fulltext" is a MySQL reserved word, so either enclose it in backticks (e.g. `fulltext`) or use a different name for the field.

Related

cant insert data into existing table in mysql database with php

I get the message that the new record was created but when I reload phpmyadmin the table is the same. Also I have retrieved information from the same DB,
from the same table, with SELECT command, so the connection works..(plainly said). I have no clue why is not updating. Please help. Thank you in advance.
<html>
<head>
</head>
<body>
<?php
define('DB_NAME', 'appointments');
define('DB_USER', 'root');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');
$link = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
$hos=$_POST['hos'];
echo $hos;
echo "<br/>";
$doc=$_POST['doc'];
echo $doc;
$date=$_POST['fdate'];
echo $date;
$time=$_POST['time'];
echo $time;
$pat=5;
echo $pat;
$sql = "INSERT INTO rantevou ('app_id','patient_id','date','time','hos','doc') VALUES ('4','$pat','$date','$time','$hos','$doc');";
if ($sql) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
mysqli_close($link);
?>
</body>
</html>

There are many mistake in your code
1. use of mysql_error()
you can't use mysql_error because you use mysqli for data base connection.second thing mysql is no more supported
Solution use mysqli_error($link);
2. use of $conn->error
You can't us of $conn->error beacuse you connect with mysqli procedure way not like object oriented way and you also not define a $conn instead you used $link
Solution use mysqli_error($link);
Correct Code
if(!mysqli_query($link, $sql)){
printf("Errormessage: %s\n", mysqli_error($link));
die;
}else{
echo "New record created successfully";
}
Why Data Not Inserted
because you declare variable $sql but you didn't executed that
the new record was created
You get this message all ways because your if condition check that variable have a value (not 0) and yes $sql have value
1.You must use prepare statement,if you don't wan't any sql injection in insert statement SQL INJECTION
2.'' single quote or "" apply only on a string not on id if your app_id is a int don't use ('' or "") quote instead of that convert '4' to int
3.handle error log https://stackoverflow.com/a/3531852/3234646
4.Please clear Concept use of Database Extension
http://php.net/manual/en/class.mysqli.php

You forgot to execute the query, if ($sql) { merely evaluates the variable.
if (mysqli_query($link, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
Also, you need to use backticks for SQL-related variables, not single quotes:
$sql = "INSERT INTO rantevou (`app_id`,`patient_id`,`date`,`time`,`hos`,`doc`) VALUES ('4','$pat','$date','$time','$hos','$doc');";

You're not actually executing your query. If you add the line $result = mysqli_query($link, $sql); after declaring $sql you will execute the query.
You can then assess whether it worked using the same if, but change that line to be
if ($result) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($link);
}
In the above example, I have also changed your error reporting as it was referencing $conn, a variable you had not declared before. It now uses the same $link variable as the rest of your code.
Also, I would highly recommend escaping your data since you're inserting the contents of posted data. Escaping your data will help protect against SQL Injection. It's not comprehensively safe, but it's a good start.
To add in escaping, change each $var = $_POST['var'] line to read $var = mysqli_real_escape_string($link, $_POST['var']);
For example, $hos=$_POST['hos']; becomes $hos = mysqli_real_escape_string($link, $_POST['hos']);
This helps prevent moments like this wonderful example by XKCD

1) Remove single quotes (') from column name to backtick (`)
2) Execute your query. You didn't executed.
3) If app_id column is auto incremented and primary key. Then, no need to pass value. Leave it blank.
<?php
$sql = "INSERT INTO rantevou (`app_id`,`patient_id`,`date`,`time`,`hos`,`doc`) VALUES ('','$pat','$date','$time','$hos','$doc');";
$query = mysqli_query($link,$sql) ;
if ($query) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}

Instead of
"INSERT INTO rantevou ('app_id','patient_id','date','time','hos','doc') VALUES ('4','$pat','$date','$time','$hos','$doc');"
unquote the columns
"INSERT INTO rantevou (app_id, patient_id, date, time, hos, doc) VALUES ('4','$pat','$date','$time','$hos','$doc');"
or use backticks
"INSERT INTO rantevou (`app_id`, `patient_id`, `date`, `time`, `hos`, `doc`) VALUES ('4','$pat','$date','$time','$hos','$doc');"
you've forgot to execute your query
mysqli_execute($con, "INSERT INTO rantevou (`app_id`, `patient_id`, `date`, `time`, `hos`, `doc`) VALUES ('4','$pat','$date','$time','$hos','$doc')");

EDIT: What luweiqi said: the statement has yet to be executed!
It seems like you know what you are doing. Are you sure that the paramaters here:
$sql = "INSERT INTO rantevou (**'app_id','patient_id','date','time','hos','doc'**) VALUES ('4','$pat','$date','$time','$hos','$doc');";
if ($sql) {
exactly match your column titles in your database?
Another good way to check your statements, is to go to phpmyadmin and go to the SQL notepad and enter the query with the same structure and see what is being returned.
Your query may be returning a message, but a message saying that it has failed... which would still trigger your echo "New record created successfully";
This is how i've structured my most recent insert to DB:
<?php
// to get data from android app
$gardenID=$_POST["gardenID"];
$vID=$_POST["vID"];
$quantity = $_POST["quantity"];
$timePlanted = date("Y/m/d");
// establishes connection to database
require "init.php";
echo "here";
echo $timePlanted;
echo $quantity;
$query = "insert into garden_veg (gardenID, vID, quantity, timePlanted) values ('".$gardenID."','".$vID."',
'".$quantity."', '".$timePlanted."' );";
$result = mysqli_query($con,$query);
$response = array();
$code = "addItem_success"; //changed code
$message = "Item(s) added!";
array_push($response,array("code" => $code, "message"=>$message));
echo json_encode(array("server_response"=>$response));
mysqli_close($con);
?>

First of all, don't use single quotes for column names, either use nothing or use backticks.
Secondly, you forgot to execute the query.
Also, using OOP is better.
Please try:
$mysqli = new mysqli(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
and
$query = "INSERT INTO rantevou (app_id,patient_id,date,time,hos,doc) VALUES ('4','$pat','$date','$time','$hos','$doc');";
if ($mysqli->query($query)) echo "New record created";
else echo "Error: ".$mysqli->error;

how to combine query for multiple able to save data

can it be combine into 1 query?
this is the query that im trying to combine? or is there a better way to relate these to table?
$insert_row = $mysqli->query("INSERT INTO orderlist
(TransactionID,ItemName,ItemNumber, ItemAmount,ItemQTY)
VALUES ('$transactionID','$itemname','$itemnumber', $ItemTotalPrice,'$itemqty')");
$insert_row1 = $mysqli->query("INSERT INTO order
(BuyerName,BuyerEmail,TransactionID)
VALUES ('$buyerName','$buyerEmail','$transactionID')");
when i run these both only one query is functional, so what im trying to do is to make them both works.
im open to any suggestion

The reason why your second query isn't working is because of the use of order and not escaping it; it is a MySQL reserved word:
https://dev.mysql.com/doc/refman/5.5/en/keywords.html
Sidenote: ORDER is used when performing a SELECT... ORDER BY...
https://dev.mysql.com/doc/refman/5.0/en/select.html
Checking for errors would have shown you the syntax error such as:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax near 'order
http://php.net/manual/en/mysqli.error.php
Therefore, wrap it in ticks:
$insert_row1 = $mysqli->query("INSERT INTO `order` ...
or rename your table to something other than a reserved word, say orders for example.
If you wish to combine both queries, you can use multi_query()
http://php.net/manual/en/mysqli.quickstart.multiple-statement.php
Example from the manual:
<?php
$mysqli = new mysqli("example.com", "user", "password", "database");
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
if (!$mysqli->query("DROP TABLE IF EXISTS test") || !$mysqli->query("CREATE TABLE test(id INT)")) {
echo "Table creation failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
$sql = "SELECT COUNT(*) AS _num FROM test; ";
$sql.= "INSERT INTO test(id) VALUES (1); ";
$sql.= "SELECT COUNT(*) AS _num FROM test; ";
if (!$mysqli->multi_query($sql)) {
echo "Multi query failed: (" . $mysqli->errno . ") " . $mysqli->error;
}
do {
if ($res = $mysqli->store_result()) {
var_dump($res->fetch_all(MYSQLI_ASSOC));
$res->free();
}
} while ($mysqli->more_results() && $mysqli->next_result());
?>
I also need to point out that your present code may be open to SQL injection since I do not know if you are escaping your data.
If not, then use prepared statements, or PDO with prepared statements, they're much safer.

try to add IF statement.
if ($insert_row = $mysqli->query("INSERT INTO orderlist(TransactionID,ItemName,ItemNumber, ItemAmount,ItemQTY)VALUES ('$transactionID','$itemname','$itemnumber', $ItemTotalPrice,'$itemqty')"));
{
$insert_row1 = $mysqli->query("INSERT INTO order (BuyerName,BuyerEmail,TransactionID) VALUES ('$buyerName','$buyerEmail','$transactionID')");
}

MySql Select Command returning null

I have a simple php code which enters value into MySql database and then retrieves it and displays it. However when retrieving it always return null and Empty Set is echoed everytime. Can someone please help.
I am using WAMP Server.
Database name is trial and name of table is People. It has 2 attributes: name and email id
Following is my code:
$con=mysqli_connect("localhost","root","");
if (mysqli_connect_errno())
echo "Failed to connect to MySQL: " . mysqli_connect_error();
mysqli_query($con,"INSERT INTO People VALUES ('xyz', 'abc#zzz.com')");
echo "Insertion Success";
$result = mysqli_query($con,"SELECT * FROM People");
if($result == null)
echo "Empty Set";
else
while($row = mysqli_fetch_array($result))
{
echo $row['name'] . " " . $row['emailid'];
echo "<br>";
}
mysqli_close($con);
?>

You should select a database after using mysqli_connect but before any queries are done:
$con=mysqli_connect("localhost","root","");
if (mysqli_connect_errno())
echo "Failed to connect to MySQL: " . mysqli_connect_error();
mysqli_select_db($con, "databasename");
//query processing here..

You should check if record is inserted change your code to
if( mysqli_query($con,"INSERT INTO People VALUES ('xyz', 'abc#zzz.com')") === FALSE){
echo mysqli_error();
}

first always check if you query executed write by executing it inside if():
if(!mysqli_query("your query"))
{
mysqli_error();
}
second i think your query is not executing because you cant name you table with a capital letter so it should be "people" not "People"

How to get the sum of time from database in PHP?

I wanted to get the sum of this column in my database and display it in home page. Here is the screen shot
http://bit.ly/1fJ7Cey
I use this code to save data on my Database
$timeanddate=$_POST['timeanddate'];
$time=$_POST['tst'];
$name=$_POST['name'];
$number=$_POST['number'];
$disposition=$_POST['disposition'];
$remarks=$_POST['remarks'];
$times=$_POST['timetoday'];
$dates=$_POST['datetoday'];
if(isset($_POST['submit']))
{
session_start();
$con=mysqli_connect("localhost","root","","hsncs_db");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO hsncs_tbl (id, name, number, call_disposition, remarks, time, date, time_duration, hsncs_user)
VALUES
('', '$_POST[name]', '$_POST[number]', '$_POST[disposition]', '$_POST[remarks]', '$_POST[timetoday]', '$_POST[datetoday]', '$_POST[tst]', '$_SESSION[fname]')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
mysqli_close($con);

If this column time is of data type "time" in mysql then your query would be
SELECT SEC_TO_TIME( SUM( TIME_TO_SEC( `time_duration` ) ) ) AS timeSum FROM hsncs_tbl;

Insert output data to database of an web page

i have a output page of the following php code..
include('../simple_html_dom.php');
// get DOM from URL or file
$html = file_get_html('http://www.wine-searcher.com/merchant/852');
$data=$html->find('td.firstcell');
echo "Country :". $data[0].'<br />';
echo "Email :".$data[2].'<br />';
echo "Postal Address :".$data[3].'<br />';
echo "Permanent Address :".$data[4].'<br />';
echo "Contact :".$data[10].'<br />';
the output value of the script is to be inserted in to the database like MySQL.
for that i try something like that..
<?php
// example of how to use basic selector to retrieve HTML contents
include('../simple_html_dom.php');
// get DOM from URL or file
$html = file_get_html('http://www.wine-searcher.com/merchant/852');
$data=$html->find('td.firstcell');
$con = mysql_connect("localhost","user","pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
// Create database
if (mysql_query("CREATE DATABASE nt_usawine",$con))
{
echo "Database created";
}
else
{
echo "Error creating database: " . mysql_error();
}
// Create table
mysql_select_db("nt_usawine", $con);
$sql = "CREATE TABLE Persons
(
FirstName varchar(15),
LastName varchar(15),
Age int
)";
// Execute query
mysql_query($sql,$con);
$foo= $data[2];
mysql_query("INSERT INTO Persons (FirstName, LastName, Age)
VALUES ('Peter', 'Griffin', $foo)");
mysql_close($con);
echo "Country :". $data[0].'<br />';
echo "Email :".$data[2].'<br />';
echo "Postal Address :".$data[3].'<br />';
echo "Permanent Address :".$data[4].'<br />';
echo "Contact :".$data[10].'<br />';
but still i cant get the table in the database with my data inserted. what is the right way to save the data ?

Have you tried to debug this by using mysql_error ?
$query = "INSERT INTO Persons (FirstName, LastName, Age)
VALUES ('Peter', 'Griffin', $foo)";
$result = mysql_query($query);
if (!$result) {
$message = 'There is an error : ' . mysql_error() . "\n";
$message .= 'The query was : ' . $query;
die($message);
}
If you have an SQL error this would be very usefull.
By the way have you seen the only once time you don't do mysql_query( [...], $con) it the once which should add datas ?
And is it normal that you create a database and a table each time ? (don't know what you really want to do)

The mysql_query(); function allows you to run a query. Using the INSERT syntax you can insert data.
Example:
mysql_query("INSERT INTO `table` (`column1`, `column2`) VALUES ('value1', 'value2')");
Currently, what I'm seeing you wish to insert the country, email, postal address, permanent address and contact even though you create a table that can hold the data firstname, lastname and age...
No offence, but if you're already stuck there, this is not the right place to post your question. You need to search some tutorials before you even consider asking. SQL queries are well documented and can be found all over the web.
Either way, I'm too kind to leave this question unanswered.
I advice to create your database and table in PhpMyAdmin, rather creating a new one in your script. It's rather inefficient.
<?php
// this is where you login to your database
$connection = mysql_connect('localhost', 'username', 'password') or die('Could not connect: ' . mysql_error());
// select your EXISTING database you created. Usually there's a single database linked to your website
mysql_select_db('database_name', $connection);
// inserting data into table
$success = mysql_query("INSERT INTO `table_name` (`country`, `email`, `postaladdr`, `permanentaddr`, `contact`) VALUES ('".mysql_real_escape_string($data[0])."', '".mysql_real_escape_string($data[2])."', '".mysql_real_escape_string($data[3])."', '".mysql_real_escape_string($data[4])."', '".mysql_real_escape_string($data[10])."')");
// check if insert was successful
if($success) {
echo 'data inserted';
} else {
echo 'Something went wrong: ' . mysql_error();
}
// closing database
mysql_close($connection);
?>
Now all you have to do is change the login data, change the database_name, create the actual table and change the table_name in the script.
This is one of the first things you learn when starting with running SQL queries, so I higly suggest to learn more: http://www.w3schools.com/php/php_mysql_intro.asp
If everything I said didn't make any sense, you should click the link above.

Categories