i use this query to dump table into csv file :
$sql = "SELECT *
INTO OUTFILE 'result.csv'
FIELDS TERMINATED BY ';'
FROM tableName";
i get a result.csv file in the db folder of mysql
how can i save it at root of my site ?
In place of result.csv provide the path where you want it to be saved:
$sql = "SELECT *
INTO OUTFILE '/path/to/your/site/result.csv'
FIELDS TERMINATED BY ';'
FROM tableName";
this code can export mysql table into csv file , i've tested it with large table
<?php
// tested with success
$db_name = "db_name";
$db_password = "pass";
$db_link = mysql_connect("localhost", "root", $db_password);
mysql_select_db($db_name, $db_link);
mysql_query("SET NAMES UTF8");
$table = "table_name";
function assoc_query_2D($sql, $id_name = false){
$result = mysql_query($sql);
$arr = array();
$row = array();
if($result){
if($id_name == false){
while($row = mysql_fetch_assoc($result))
$arr[] = $row;
}else{
while($row = mysql_fetch_assoc($result)){
$id = $row['id'];
$arr[$id] = $row;
}
}
}else
return 0;
return $arr;
}
function query_whole_table($table, $value = '*'){
$sql = "SELECT $value FROM $table";
return assoc_query_2D($sql);
}
$export_str = "";
$result = query_whole_table($table);
foreach($result as $record){
$export_str .= implode(";",$record) . "\n";
}
// add time to fileName
$date = time();
// output the file
// we can set a header to send it directly to the browser
file_put_contents($date.'_'.$table."_export.csv", $export_str);
?>
Related
This is the code that is not working:
$query = "SELECT * FROM $table WHERE text_id > '$last_id'"; //SELECT NEW MESSAGES
$result = mysqli_query($connection,$query);
if ($result && mysqli_num_rows($result) > 0)
{
//THIS SHOULD NOT BE RUNNING
}
I've verified over and over in phpMyAdmin and the text_id in the table and $last_id are both the integer value '1'. That being said, the condition equates to true every time the code runs.
Am I messing this code up, or is my thinking improper?
Here is entire script:
<?php
session_start();
$alias = $_SESSION['username'];
$host = 'localhost';
$user = '*';
$pass = '*';
$database = 'vethergen_db_accounts';
$table = 'table_messages';
$last_id_table = 'table_chat_sync';
$connection = mysqli_connect($host, $user, $pass) or die ("Unable to connect!");
mysqli_select_db($connection,$database) or die ("Unable to select database!");
$last_id_query = "SELECT alias FROM $last_id_table WHERE alias = '$alias'";
$last_id_result = mysqli_query($connection,$last_id_query);
$last_id_rows = mysqli_fetch_array($last_id_result);
if ($last_id_rows['alias'] === $alias)
{
$last_id = $last_id_rows['last_id'];
$query = "SELECT * FROM $table WHERE text_id > '$last_id'"; //SELECT NEW MESSAGES
$result = mysqli_query($connection,$query);
if ($result && mysqli_num_rows($result) > 0)
{
while($row = mysqli_fetch_array($result))
{
if ($row['alias'] === "Vether")
{
echo '<p id = "chat_text">'.'<b>'.$row['alias'].'</b>'.': '.$row['text']."</p>";
echo '<p id = "time_stamp">'.$row['time'].'</p>';
echo '<p id = "chat_number">'.$row['text_id'].'</p>';
}
else
{
echo '<p id = "chat_text">'.'<b class = "bold_green">'.$row['alias'].'</b>'.': '.$row['text']."</p>";
echo '<p id = "time_stamp">'.$row['time'].'</p>';
echo '<p id = "chat_number">'.$row['text_id'].'</p>';
}
echo '<hr class = "chat_line"></hr>';
$last_row_id = $row['text_id'];
}
}
//UPDATE LAST SYNC ID
$update_query = "UPDATE $last_id_table SET last_id = '$last_row_id' WHERE alias = '$alias'";
mysqli_query($connection,$update_query);
}
else
{
$update_query = "INSERT INTO $last_id_table (alias, last_id) VALUES('$alias','-1')";
mysqli_query($connection,$update_query);
}
?>
You should change ;
WHERE text_id > '$last_id'
to
WHERE text_id > $last_id
text_id column is integer and can't be compared like string.
Here I have a php code that connects to a database, selects a row by id and creates an associative array from this row using a while loop. Do I have to write this code over and over again to create arrays from other rows by id? Maybe there is a chance to simplify this php code somehow? Please look at my code. BTW I am new in php...
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$db = '_erica';
$conn = new mysqli($dbhost, $dbuser, $dbpass,$db);
$sql1 = "SELECT * FROM pics WHERE id = 1;";
$sql2 = "SELECT * FROM pics WHERE id = 2;";
$sql3 = "SELECT * FROM pics WHERE id = 3;";
$sql4 = "SELECT * FROM pics WHERE id = 4;";
$sql5 = "SELECT * FROM pics WHERE id = 5;";
$sql6 = "SELECT * FROM pics WHERE id = 6;";
$result1 = $conn->query($sql1);
$result2 = $conn->query($sql2);
$result3 = $conn->query($sql3);
$result4 = $conn->query($sql4);
$result5 = $conn->query($sql5);
$result6 = $conn->query($sql6);
while($row1 = $result1->fetch_assoc()) {
$bcgrnd = $row1["link"];
}
while($row2 = $result2->fetch_assoc()) {
$recipes = $row2["link"];
}
while($row3 = $result3->fetch_assoc()) {
$header = $row3["link"];
}
while($row4 = $result4->fetch_assoc()) {
$menu = $row4["link"];
}
while($row5 = $result5->fetch_assoc()) {
$beauty = $row5["link"];
}
while($row6 = $result6->fetch_assoc()) {
$kids = $row6["link"];
}
?>
You can do this in one query:
$sql = "SELECT * FROM pics WHERE id IN (1,2,3,4,5,6);";
$result = $conn->query($sql);
And then you can loop over all results like this:
$data = array();
while ($row = $result->fetch_assoc()) {
$id = $row["id"];
$link = $row["link"];
$data[$id]["link"] = $link;
// add more fields if you want
}
To access for example the link of ID 1, just do:
$data[1]["link"];
You can write one or two simple functions for this. Moreover, please note that your code is vulnerable to SQL Injection. Here is an example how you can achieve this with some simple functions:
<?php
function DB() {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$db = '_erica';
return new mysqli($dbhost, $dbuser, $dbpass,$db);
}
function query($id) {
$query = "SELECT * FROM `pics` WHERE `id` = $id";
return DB()->query($query);
}
$result = query(1); // will fetch records for ID 1
while($row = $result->fetch_assoc()) {
$bcgrnd = $row["link"];
}
$result = query(2); // will fetch records for ID 2
while($row = $result->fetch_assoc()) {
$bcgrnd = $row["link"];
}
?>
By adapting this approach, you can fetch data for a specific ID. If you don't like this solution, consider using MySQL IN clause.
Try this.
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$db = '_erica';
$conn = new mysqli($dbhost, $dbuser, $dbpass,$db);
$sql = "SELECT * FROM pics WHERE id IN (1,2,3,4,5,6);";
$result = $conn->query($sql);
while($row = $result->fetch_assoc()) {
$bcgrnd[$row["id"]][] = $row["link"];
}
?>
Why not try a Query and Limit it to 6 results, it takes up less resources just pulling 6 results:
SELECT * FROM `pics` ORDER BY `[PRIMARY KEY]` LIMIT 6
MySQL in() function finds a match in the given arguments, you can use it
select pics where id IN(1,2,3,4,5,6)
I’ve included this code in my functions.php of current active theme and works perfectly (i.e: I upload the .mdb file on the server first and then read the tables from the file) on WINDOWS PLATFORM. It’s just as easy as we’re using MySQL DB.
$dbName = $uploadfile;
$conn = odbc_connect("Driver={Microsoft Access Driver (*.mdb)};Dbq=$dbName", "", "");
if($conn != null){
//echo "";exit;
// reading all the tables (data) from mdb file uploaded
$cdc_trans = odbc_exec($conn, "SELECT * FROM axs_web_cdc_trans");
$dealers = odbc_exec($conn, "SELECT * FROM axs_web_dealers");
$web_item = odbc_exec($conn, "SELECT * FROM axs_web_item");
$parties = odbc_exec($conn, "SELECT * FROM axs_web_parties");
$trans = odbc_exec($conn, "SELECT * FROM axs_web_trans");
$voch = odbc_exec($conn, "SELECT * FROM axs_web_voch");
// insert for axs_web_cdc_trans
while($row = odbc_fetch_array($cdc_trans)){
//break;
$cdc_trans_date = $row['CDC_TRANS_DATE'];
$agent_code = $row['AGENT_CODE'];
$party_user_code = $row['PARTY_USER_CODE'];
$nature = $row['NATURE'];
$quantity = $row['CDC_QTY'];
$item = $row['TRANS_ITEM_SYMBOL'];
$us_qty = $row['UNSETTLED_QTY'];
$sql = "INSERT INTO axs_web_cdc_trans (CDC_TRANS_DATE,AGENT_CODE,PARTY_USER_CODE, NATURE, CDC_QTY,TRANS_ITEM_SYMBOL,UNSETTLED_QTY) VALUES ('$cdc_trans_date', '$agent_code', '$party_user_code', '$nature', '$quantity', '$item', '$us_qty')";
mysql_query($sql) or die("Error: ".mysql_error());
}
// insert for axs_web_dealers
while($row = odbc_fetch_array($dealers)){
//break;
$dealer_code = $row['DEALER_CODE'];
$dealer_name = $row['DEALER_NAME'];
$cnic = $row['DEALER_NIC_NO'];
$dealer_add = $row['DEALER_ADDRESS'];
$dealer_cell = $row['DEALER_MOBILE_NO'];
$dealer_email = $row['DEALER_EMAIL'];
$check_user = "SELECT * FROM axs_web_dealers WHERE DEALER_CODE = $dealer_code";
$chk_res = mysql_query($check_user) or die("Error: ".mysql_error());
if(mysql_fetch_array($chk_res) > 0)
continue;
else{
$sql = "INSERT INTO axs_web_dealers (DEALER_CODE, DEALER_NAME, DEALER_NIC_NO, DEALER_ADDRESS, DEALER_MOBILE_NO, DEALER_EMAIL) VALUES ('$dealer_code', '$dealer_name', '$cnic', '$dealer_add', '$dealer_cell', '$dealer_email')";
mysql_query($sql) or die("Error: ".mysql_error());
}
}
// insert for axs_web_item
while($row = odbc_fetch_array($web_item)){
//break;
$symbol = $row['ITEM_SYMBOL'];
$sym_name = addslashes($row['ITEM_NAME']);
$rate = $row['ITEM_RATE'];
$high_rate = $row['ITEM_HIGH_RATE'];
$low_rate = $row['ITEM_LOW_RATE'];
$vol_qty = $row['ITEM_VOL_QTY'];
$cdc = $row['CDC'];
$sql = "INSERT INTO axs_web_item (ITEM_SYMBOL,ITEM_NAME,ITEM_RATE, ITEM_HIGH_RATE, ITEM_LOW_RATE,ITEM_VOL_QTY,CDC) VALUES ('$symbol', '$sym_name', '$rate', '$high_rate', '$low_rate', '$vol_qty', '$cdc')";
mysql_query($sql) or die("Error: ".mysql_error());
}
// insert for axs_web_parties
while($row = odbc_fetch_array($parties)){
//break;
$party_user_code = $row['PARTY_USER_CODE'];//continue;
$party_name = $row['PARTY_NAME'];
$agent_code = $row['AGENT_CODE'];
$party_email = $row['PARTY_EMAIL'];
$party_add = addslashes($row['PARTY_ADDRESS']);
$party_cell = $row['PARTY_MOBILE_NO'];
$party_cnic = $row['PARTY_NIC_NO'];
$check_user = "SELECT * FROM axs_web_parties WHERE PARTY_USER_CODE = $party_user_code";
$chk_res = mysql_query($check_user) or die("Error: ".mysql_error());
if(mysql_fetch_array($chk_res) > 0)
continue;
else{
$sql = "INSERT INTO axs_web_parties (PARTY_USER_CODE, PARTY_NAME, AGENT_CODE, PARTY_EMAIL, PARTY_ADDRESS, PARTY_MOBILE_NO, PARTY_NIC_NO) VALUES ('$party_user_code', '$party_name', '$agent_code', '$party_email', '$party_add', '$party_cell', '$party_cnic')";
mysql_query($sql) or die("Error: ".mysql_error());
}
}
// insert for axs_web_trans
while($row = odbc_fetch_array($trans)){
//break;
$agent_code = $row['AGENT_CODE'];
$party_usr_code = $row['PARTY_USER_CODE'];
$trade_date = $row['TRADE_DATE'];
$nature = $row['NATURE'];
$trans_qty= $row['TRANS_QTY'];
$trans_rate = $row['TRANS_RATE'];
$trans_item_symbol = $row['TRANS_ITEM_SYMBOL'];
$set_desc = $row['SET_DESC'];
$comm = $row['COMM'];
$trans_amt = $row['TRANS_AMT'];
$trans_posted = $row['TRANS_POSTED'];
$trade_desc = $row['TRADE_DESC'];
$comm_amt = $row['COMM_AMT'];
$cvt_wht_amt = $row['CVT_WHT_AMT'];
$fed_amt = $row['FED_AMT'];
$other_chrg_amt = $row['OTHER_CHRG_AMT'];
$sql = "INSERT INTO axs_web_trans (AGENT_CODE, PARTY_USER_CODE, TRADE_DATE, NATURE, TRANS_QTY, TRANS_RATE, TRANS_ITEM_SYMBOL, SET_DESC, COMM, TRANS_AMT, TRANS_POSTED, TRADE_DESC, COMM_AMT, CVT_WHT_AMT, FED_AMT, OTHER_CHRG_AMT) VALUES ('$agent_code', '$party_user_code', '$trade_date', '$nature', '$trans_qty', '$trans_rate', '$trans_item_symbol', '$set_desc', '$comm', '$trans_amt', '$trans_posted', '$trade_desc', '$comm_amt', '$cvt_wht_amt', '$fed_amt', '$other_chrg_amt')";
mysql_query($sql) or die("Error: ".mysql_error());
}
// insert for axs_web_voch
while($row = odbc_fetch_array($voch)){
//break;
$voch_no = $row['VOCH_NO'];
$voch_date = $row['VOCH_DATE'];
$agent_code = $row['AGENT_CODE'];
$party_user_code = $row['PARTY_USER_CODE'];
$narration= $row['NARRATION'];
$dr_amt = $row['DR_AMOUNT'];
$cr_amt = $row['CR_AMOUNT'];
$bal = $row['BALANCE'];
$index_no = $row['INDX_NO'];
$check_no = $row['CHEQUE_NO'];
$effect_code = $row['EFFECT_CODE'];
$sql = "INSERT INTO axs_web_voch (VOCH_NO, VOCH_DATE, AGENT_CODE, PARTY_USER_CODE, NARRATION, DR_AMOUNT, CR_AMOUNT, BALANCE, INDX_NO, CHEQUE_NO, EFFECT_CODE)
VALUES ('$voch_no', '$voch_date', '$agent_code', '$party_user_code', '$narration', '$dr_amt', '$cr_amt', '$bal', '$index_no', '$check_no', '$effect_code')";//exit;
mysql_query($sql) or die("Error: ".mysql_error());
}
}
}
?>
<form action="" method="post"
enctype="multipart/form-data">
<label for="file" style="margin-left: 18px;">Filename:</label>
<input type="file" name="file" id="file">
<br>
<input style="margin-left: 78px;" type="submit" name="submit" value="Uplaod DB">
</form>
<?php
}
?>
PHP INFO on WINDOWS:
https://www.dropbox.com/s/4qoqxu87ffwym84/PHP%20INFO%20on%20WINDOWS.png
The same code is not working on when I go to Linux ... odbc_connect() retuns NULL.
PHP INFO on LINUX:
https://www.dropbox.com/s/a3vo6pd5pn1h4ha/PHP%20INFO%20on%20Linux.png
I may be asking the obvious, but do you have a ODBC driver for MS Access installed on the Linux instance?
I must be missing something simple but I don't see it. The following code works great.
<?php
$res = mysql_connect("localhost", "newuser", "");
mysql_select_db("supplydb");
function filter($data)
{
$data = trim(htmlentities(strip_tags($data)));
if (get_magic_quotes_gpc())
$data = stripslashes($data);
$data = mysql_real_escape_string($data);
return $data;
}
error_reporting(0);
require("../codebase/grid_connector.php");
$mask5 = filter($_GET["var1"]);
//Get Category ID
$cat = mysql_query("SELECT category FROM submissions WHERE submissions.submission_id='$mask5'");
$rows = mysql_fetch_array($cat, MYSQL_ASSOC);
$array = filter($rows['category']);
//Get Manufactuer ID
$man = mysql_query("SELECT manufacturer_id FROM submissions WHERE submissions.submission_id='$mask5'");
$arows = mysql_fetch_array($man, MYSQL_ASSOC);
$array1 = filter($arows['manufacturer_id']);
function formatting($row)
{
$data = $row->get_value("fda_approved");
if ($data == 1)
$row->set_value("fda_approved", Yes);
else
$row->set_value("fda_approved", No);
}
$gridConn = new GridConnector($res, "MySQL");
function myUpdate($action)
{
$data6 = $action->get_id();
$cat_id = mysql_query("SELECT category FROM submissions WHERE submissions.submission_id ='{$data6}'") or die("Error in query: $query. " . mysql_error());
$rows56 = mysql_fetch_array($cat_id, MYSQL_ASSOC);
$array = filter($rows56['category']);
$status = $action->get_value("approval_status");
$gridConn = new GridConnector($res, "MySQL");
mysql_query("UPDATE submissions SET approval_status='{$status}' WHERE submissions.submission_id='{$data6}'") or die("Error in query: $query. " . mysql_error());
$action->success;
}
$gridConn->event->attach("beforeUpdate", "myUpdate");
$gridConn->event->attach("beforeRender", "formatting");
$gridConn->render_sql("SELECT * FROM submissions JOIN products ON products.product_id = submissions.product_id and submissions.category='$array' and submissions.manufacturer_id='$array1' and submissions.approval_status='0'", "submission_id", "item_number,description,list_price,sugg_price,quantity_per_unit,fda_approved,gpo_contract_number, approval_status");
?>
This code does not
<?php
require("../site_globals/dbc_simple.php");
//$res = mysql_connect("localhost", "newuser", "");
//mysql_select_db("supplydb");
error_reporting(0);
require("../codebase/grid_connector.php");
$mask5 = filter($_GET["var1"]);
//Get Category ID
$cat = mysql_query("SELECT category FROM submissions WHERE submissions.submission_id='$mask5'");
$rows = mysql_fetch_array($cat, MYSQL_ASSOC);
$array = filter($rows['category']);
//Get Manufactuer ID
$man = mysql_query("SELECT manufacturer_id FROM submissions WHERE submissions.submission_id='$mask5'");
$arows = mysql_fetch_array($man, MYSQL_ASSOC);
$array1 = filter($arows['manufacturer_id']);
function formatting($row)
{
$data = $row->get_value("fda_approved");
if ($data == 1)
$row->set_value("fda_approved", Yes);
else
$row->set_value("fda_approved", No);
}
$gridConn = new GridConnector($res, "MySQL");
function myUpdate($action)
{
$data6 = $action->get_id();
$cat_id = mysql_query("SELECT category FROM submissions WHERE submissions.submission_id ='{$data6}'") or die("Error in query: $query. " . mysql_error());
$rows56 = mysql_fetch_array($cat_id, MYSQL_ASSOC);
$array = filter($rows56['category']);
$status = $action->get_value("approval_status");
$gridConn = new GridConnector($res, "MySQL");
mysql_query("UPDATE submissions SET approval_status='{$status}' WHERE submissions.submission_id='{$data6}'") or die("Error in query: $query. " . mysql_error());
$action->success;
}
$gridConn->event->attach("beforeUpdate", "myUpdate");
$gridConn->event->attach("beforeRender", "formatting");
$gridConn->render_sql("SELECT * FROM submissions JOIN products ON products.product_id = submissions.product_id and submissions.category='$array' and submissions.manufacturer_id='$array1' and submissions.approval_status='0'", "submission_id", "item_number,description,list_price,sugg_price,quantity_per_unit,fda_approved,gpo_contract_number, approval_status");
?>
The only difference is the include file at the top and all the include file is is:
<?php
$res = mysql_connect("localhost", "newuser", "");
mysql_select_db("supplydb");
?>
Im fairly new to php but this seems simple and I'm not sure what is getting lost in translation. This works fine on other pages by the way so it must have something to do with the $gridConn = new GridConnector($res, "MySQL"); but I dont know enough to see what. I'm using the DHTMLX javascript library. Could it have something to do with that? Ive tried everything here. Ideas?
Im getting: XML Parsing Error: XML or text declaration not at start of entity Location
Problem is not in the database connection itself, it works correctly and generates data, but result xml corrupted, because some output was started before connector's code.
Check ../site_globals/dbc_simple.php - probably it have some whitespaces|newlines after closing "?>" tag - delete them and it will fix the problem.
Such whitespaces|newlines will not cause harm for HTML pages, but for XML data any extra char at start of document can cause a problem.
This is my code to pull information from my sql database and then I want to delete the .txt files in each directory, but I can't seem to figure out why it won't delete the files.
<?php
session_start();
$user = $_SESSION['SESS_USERNAME'];
$id = array();
$id = $_POST['selected'];
//Include database connection details
require_once('config_order.php');
//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db(DB_DATABASE);
if (!$db) {
die("Unable to select database");
}
//Create query
$query = mysql_query("SELECT * FROM `PropertyInfo` WHERE `order_number` = '$id[0]'");
// display query results
while ($row = mysql_fetch_array($query)) {
$c_name = $row['clientname'];
$sitestreet = $row['sitestreet'];
$inspector = $row['inspector'];
}
mysql_close($link);
$client_name = str_replace(" ", "_", $c_name);
$site_street = str_replace(" ", "_", $sitestreet);
$client_name = "{$client_name}.txt";
$site_street = "{$site_street}.txt";
$client_path = "/var/www/vhosts/default/htdocs/Members/$user/$inspector/Orders/Clients";
$inspection_path = "/var/www/vhosts/default/htdocs/Members/$user/$inspector/Orders/Inspections";
if (unlink($client_path . "/" . $client_name)) {
echo 'File Deleted';
} else {
echo 'File could not be deleted';
}
?>
I think this is because your while loop is overwriting the $c_name, $sitestreet and $inspector variables. This means you will only ever delete the last file.
Is this what you were trying to do? (Edited Again...)
$query = mysql_query("SELECT * FROM `PropertyInfo` WHERE `order_number` IN (".mysql_real_escape_string(implode(',',$id)).")");
while ($row = mysql_fetch_array($query)) {
$inspector = $row['inspector'];
$client_name = str_replace(" ", "_", $row['clientname']).'.txt';
$site_street = str_replace(" ", "_", $row['sitestreet']).'.txt';
$client_path = "/var/www/vhosts/default/htdocs/Members/$user/$inspector/Orders/Clients";
$inspection_path = "/var/www/vhosts/default/htdocs/Members/$user/$inspector/Orders/Inspections";
if (!file_exists($client_path.'/'.$client_name)) {
echo "File $client_path/$client_name does not exist!\n";
} else echo (unlink($client_path.'/'.$client_name)) ? "File $client_path/$client_name was deleted\n" : "File $client_path/$client_name could not be deleted\n";
}
mysql_close($link);
Try some extra debugging:
$realpath = $client_path . '/' . $client_name;
if (file_exists($realpath)) {
if (is_writable($realpath)) {
if (unlink($realpath)) {
echo "$realpath deleted";
} else {
echo "Unable to delete $realpath";
}
} else {
echo "$realpath is not writable";
}
} else {
echo "$realpath does not exist";
}
On first glance, this is a problem, if $_POST['selected'] is not an array:
$id = array();
$id = $_POST['selected'];
...
$query = mysql_query("SELECT * FROM `PropertyInfo` WHERE `order_number` = '$id[0]'");
You are instantiating $id as an empty array, then overwriting it with $_POST['selected'], so $id[0] is the first character of the string $id.
For example, if $_POST['selected'] is 12345:
"SELECT * FROM `PropertyInfo` WHERE `order_number` = '$id[0]'"
is equivalent to:
"SELECT * FROM `PropertyInfo` WHERE `order_number` = '1'"
Either don't try to access it with an index or do $id[] = $_POST['selected']; to add the element onto the $id array instead.
Whether that is an array or not, you do need to either sanitize that input before you insert it into the query or use prepared statements, though!