This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
PHP/MySQL - Format date/time
I have input field (name:day1 and varchar) to enter date in my form. It attached with a jquery calendar and picks the date in the format "D, dd M, yy" (I WANT TO PICK LIKE THIS AND CANT CHANGE FORMAT). I want to convert and save into mysql date format into table. How is this possible?
$insert_query = 'insert into '.$this->tablename.'(
venue,
day1,
day2,
day3,
day4,
day5,
day6,
day7,
day8,
day9,
day10,
city,
contactperson,
)
values
(
"' . $this->SanitizeForSQL($formvars['venue']) . '",
"' . $this->SanitizeForSQL($formvars['day1']) . '",
"' . $this->SanitizeForSQL($formvars['day2']) . '",
"' . $this->SanitizeForSQL($formvars['day3']) . '",
"' . $this->SanitizeForSQL($formvars['day4']) . '",
"' . $this->SanitizeForSQL($formvars['day5']) . '",
"' . $this->SanitizeForSQL($formvars['day6']) . '",
"' . $this->SanitizeForSQL($formvars['day7']) . '",
"' . $this->SanitizeForSQL($formvars['day8']) . '",
"' . $this->SanitizeForSQL($formvars['day9']) . '",
"' . $this->SanitizeForSQL($formvars['day10']) . '",
"' . $this->SanitizeForSQL($formvars['city']) . '",
"' . $this->SanitizeForSQL($formvars['contactperson']) . '",
)';
day 1 to day 10 are the dates want to convert...
Try this on your date input:
$date = date('Y-m-d H:i:s', strtotime($_GET['date_input']));
As long as strtotime() picks up the right timestamp from your input, you should be ok. Don't forget to escape it as well.
or in the sql statement you can do that:
$insert_query = 'insert into '.$this->tablename.'(
venue,
day1,
day2,
day3,
(.......) )
values
("' . $this->SanitizeForSQL($formvars['venue']) . '",
STR_TO_DATE("' . $this->SanitizeForSQL($formvars['day1']) . '","%W, %d %M, %y"),
STR_TO_DATE("' . $this->SanitizeForSQL($formvars['day2']) . '","%W, %d %M, %y"),
STR_TO_DATE("' . $this->SanitizeForSQL($formvars['day1']) . '","%W, %d %M, %y"),
(.......) )';
The "%W, %d %M, %y" bit must be in the same format as the date you get from your calendar...
To check all date functions and dates format see these links:
http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html#function_date-format
http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html#function_str-to-date
I hope that helps...
Related
I hope someone could give me a quick answer to my question, since i'm not very good in PHP & MySQL.
I want to import a CSV File which includes 2 dates: 1-5-2017 and 31-5-2018.
When i import the csv trough mysql, the dates look like 0000-00-00
My code:
while (($column = fgetcsv($file, 10000, ";")) !== FALSE) {
$sqlInsert = "INSERT into employees (naam,functie,afdeling,contract,DID,DUD,manager,profiel)
values ('" . $column[0] . "','" . $column[1] . "','" . $column[2] . "','" . $column[3] . "','" . $column[4] . "', '" . $column[5] . "','" . $column[6] . "','" . $column[7] . "')";
$result = mysqli_query($conn, $sqlInsert);
Thanks
you didn't point out which column is the date field
in naam,functie,afdeling,contract,DID,DUD,manager,profiel
you can use the function strtotime and date to convert this date format
like below code
$column[2] = date('Y-m-d', strtotime($column[2]));
for example
// this will print 2017-05-01
echo date('Y-m-d', strtotime('1-5-2017'));
Use below code to convert date format
$date="1-5-2017";
$convertedDate=date("Y-m-d", strtotime($date));
Rather than this
STR_TO_DATE('15-06-2017', '%Y/%m/%d')
Try this
STR_TO_DATE('15-06-2017', '%Y-%m-%d')
This should work.Sample Sql query is mentioned below.
INSERT INTO `table1` (`col1`, `col2`, `col3`, `col4`) VALUES ('1', '1', '1',STR_TO_DATE('15-06-2017','%Y-%m-%d'))
I have 2 tables (artist, cd) and I'm trying to use the result of the first query which returns an artID and make it equal to the artID in the 2nd table(cd) where artID is a foreign key but I'm not sure how to do it. Any help would be appreciated.
$strqueryID="SELECT artID FROM artist WHERE artName= '" . $_POST["category"] . "' ";
$resultsID=mysql_query ($strqueryID) or die(mysql_error());
$strqueryCD="INSERT INTO cd SET cdTitle='" . $_POST['title'] . "', artID='" . ??? . "' cdPrice='" . $_POST['price'] . "', cdGenre='" . $_POST['genre'] . "', cdNumTracks='" . $_POST['tracks'] . "'";
$resultsCD=mysql_query ($strqueryCD) or die(mysql_error());
You can use one single query, like this:
$strqueryCD="
INSERT INTO cd (cdTitle, artID, cdPrice, cdGenre, cdNumTracks)
VALUES(
'" . $_POST['title'] . "',
(SELECT artID FROM artist WHERE artName= '" . $_POST["category"] . "'),
'" . $_POST['price'] . "',
'" . $_POST['genre'] . "',
'" . $_POST['tracks'] . "')
";
also, google 'sqlinjection' before you continue
So, first thing's first - you shouldn't be using mysql_* functions now in 2017. I mean, really - they're actually even removed in later versions of PHP (7.0+). Refer to this StackOverflow post for more information.
Now, for your question at hand. Given the fact that you've searched for (and found) a given artID, you'll first have to get the actual "rows" from the $resultsID variable. In this example, we'll do it in a typical while loop:
while ($row = mysql_fetch_assoc($resultsID)) {
$strqueryCD="INSERT INTO cd SET cdTitle='" . $_POST['title'] . "', artID='" . $row['artID'] . "' cdPrice='" . $_POST['price'] . "', cdGenre='" . $_POST['genre'] . "', cdNumTracks='" . $_POST['tracks'] . "'";
$resultsCD=mysql_query ($strqueryCD) or die(mysql_error());
}
That should now loop over the artIDs that you've found in your first query and use them in the subsequent insert(s).
--
Disclaimer: I've disregarded the fact that user input is being passed straight into the query itself, as it's just too much "out of scope" for this post.
I am looking to update one of the table. After I update, all the duplicate data is getting inserted again. Especially, the cloneSQL part of the code. I tried using DISTINCT, NOT EXISTS but no luck.
if(DB_num_rows($checkResult) > 0){
$cloneSQL = "UPDATE DISTINCT pricematrixdiscount SET
discount='" . $vals[3] . "'
WHERE debtorno='" . $_POST['cloneTo'] . "',
product_line='" . $vals[1] . "',
salestype='" . $vals[2] . "' ";
}
else {
$cloneSQL = "INSERT into pricematrixdiscount
(debtorno,
product_line,
salestype,
discount) VALUES
('" . $_POST['cloneTo'] . "',
'" . $vals[1] . "',
'" . $vals[2] . "',
'" . $vals[3] . "')";
How can I insert only distinct values on the pricematricdiscount table without the duplicates being inserted?
I am trying to insert the current date into MySQL database in this format: (12/31/2013 10:26:12 PM). I've tried to make a simple code to change the format, but all I get is a syntax error
$sql = "INSERT INTO Students
VALUES
('','" . $info[$i]['firstname'] . "', '" . $info[$i]['lastname'] . "',
'" . $info[$i]['sex'] . "', '" . $info[$i]['major'] . "',
'" . $info[$i]['favorite'] . "', '" . $info[$i]['GPA']
"TO_CHAR(SYSDATE(),'dd/mm/yyyy')";
Tell me please what shall I do with it.
Just try this
$sql = "INSERT INTO Students VALUES ('','" . $info[$i]['firstname'] . "', '" . $info[$i]['lastname'] . "', '" . $info[$i]['sex'] . "', '" . $info[$i]['major'] . "', '" . $info[$i]['favorite'] . "', '" . $info[$i]['GPA'] . gmdate('m/d/Y g:i:s A').")";
or try this one
$sql = "INSERT INTO Students VALUES ('','" . $info[$i]['firstname'] . "', '" . $info[$i]['lastname'] . "', '" . $info[$i]['sex'] . "', '" . $info[$i]['major'] . "', '" . $info[$i]['favorite'] . "', '" . $info[$i]['GPA'] ."', '" . gmdate('m/d/Y g:i:s A').")";
You can also change gmdate with date
Have A nice day
USE
DATE_FORMAT(NOW(),'%m/%d/%Y %h:%i:%s %p') ;
i think some error in query also check:
$sql = "INSERT INTO Students
VALUES
('','" . $info[$i]['firstname'] . "', '" . $info[$i]['lastname'] . "',
'" . $info[$i]['sex'] . "', '" . $info[$i]['major'] . "','" . $info[$i]['favorite'] . "', '" . $info[$i]['GPA'] ."',DATE_FORMAT(NOW(),'%m/%d/%Y %h:%i:%s %p') )";
it should work.
check link:
http://www.w3schools.com/sql/func_date_format.asp
I have a pre-constructed array created from some test data as I have not yet set up a post form. The array looks like this:
$ud = array('name' => 'name', 'username' => 'username', 'password' => 'password', 'location' => 'london', 'platform' => 'mobile', 'developer_or_designer' => 'developer', 'tags' => 'hello', 'paypal_email' => 'email#email.com', 'developer_or_client' => 'developer', 'email' => 'email#email.com');
foreach ($ud as $key => $value) {
$value = mysql_real_escape_string($value);
}
From this array, I then try to insert the data via a MySQL query into my database:
$query = mysql_query("INSERT INTO `Developers` (`Name`,`Email`,`Username`,`Password`,`Location`,`Platform`,`Developer_or_Designer`,`Tags`, `Paypal_Email`) VALUES (" . $ud['name'] . ", " . $ud['email'] . ", " . $ud['username'] . ", " .$ud['password'] . ", " . $ud['location'] . ", " . $ud['platform'] . ", " . $ud['developer_or_designer'] . ", " . $ud['tags'] . ", " . $ud['paypal_email'] . ")") or die(mysql_error());
However, it dies with the following error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '#email.com, username, password, london, mobile, developer, hello, email#email.com)' at line 1
Please can you tell me where I am going wrong?
You need quotes around each value in parenthases
Two things:
As Jeff notes, you need to put quotes around the strings.
Before putting quotes around them, you need to pass each string through mysql_real_escape_sring().
$query = mysql_query("INSERT INTO `Developers` (`Name`,`Email`,`Username`,`Password`,`Location`,`Platform`,`Developer_or_Designer`,`Tags`, `Paypal_Email`) VALUES ('" . $ud['name'] . "', '" . $ud['email'] . "', '" . $ud['username'] . "', '" .$ud['password'] . "', '" . $ud['location'] . "', '" . $ud['platform'] . "', '" . $ud['developer_or_designer'] . "', '" . $ud['tags'] . "', '" . $ud['paypal_email'] . "')") or die(mysql_error());
try it:)
From the sounds of the column names those are varchar column types so you need to wrap your values with quotes:
$query = mysql_query("INSERT INTO `Developers` (`Name`,`Email`,`Username`,`Password`,`Location`,`Platform`,`Developer_or_Designer`,`Tags`, `Paypal_Email`) VALUES ('" . $ud['name'] . "', '" . $ud['email'] . "', '" . $ud['username'] . "', '" .$ud['password'] . "', '" . $ud['location'] . "', '" . $ud['platform'] . "', '" . $ud['developer_or_designer'] . "', '" . $ud['tags'] . "', '" . $ud['paypal_email'] . "')") or die(mysql_error());
Also if the values are coming from user input you should run each value through mysql_real_escape_string to help prevent against SQL injection attacks
See this:
VALUES (" . $ud['name'] . ",
Nedd that:
VALUES ('" . $ud['name'] . "',
And for other columns too (if is not numberic)