I am working in the confines of a CMS system, which defines certain fields which can be used to make forms for use within the application in PHP.
I am making use of the inputSmartSearch field, which is basically similar to Google suggest.
It allows me to define an SQL query, and then displays records that match as I type in my search.
For my smartsearch, I have chosen it to search through three fields in a different table, and to display those fields concatenated together.
I use define my field like so:
$theinput = new inputSmartSearch($db, "chooseguests", "Choose Guests");
The last parameter is the name of the SQL query to execute.
This works fine, and a guest can be located by searching his last or first name.
However, I have implemented this smartsearch what is meant to be the page to add a sales order.
In each sales order stored in the sales table, distinct from the guest table, I also want to have the firstname and lastname of the guest making the order.
The design of the sales order table has two separate fields for firstname and lastname.
Using smartsearch, I cannot find any way to tokenize the selected input and insert it back into the field.
If I have a smartsearch and can search by firstname or lastname it shows the result as just one fields, and I want it to save the firstname to the firstname field and the lastname to the lastname field.
Each form defined has an include file which defines the function for inserting a record and such, like so:
function prepareVariables($variables){
// if ($variables["webaddress"]=="http://")
// $variables["webaddress"] = NULL;
return $variables;
}
function updateRecord($variables, $modifiedby = NULL, $useUuid = false){
$variables = $this->prepareVariables($variables);
return parent::updateRecord($variables, $modifiedby, $useUuid);
}
function insertRecord($variables, $createdby = NULL, $overrideID = false, $replace = false, $useUuid = false){
$variables = $this->prepareVariables($variables);
return parent::insertRecord($variables, $createdby, $overrideID, $replace, $useUuid);
}
However, I am unsure of how I could modify the insert or update functions to do what I need them to do, or if that is even the correct approach.
Should I be looking for a complex sql query? hidden fields with the content autopopulated from the result of my inputSmartSearch? Something else?
Not sure what's possible with the setup you've got going, but... my first reaction would be to return from the db the names combined with tokens - like - ',' So Smith, John. Then, when getting ready to send back, to split those up ( based upon the known token ). Now where that goes what you've got there, I do not know.
You just need to set the starting value of the smart search manually using the values from the database. Then when the data is posted to the server you can parse and append to the array that is used to store the data in the database. At least that seems like it should work.
Related
I found this piece of code from an answer on Several drop down list input to one field table. It really seems like something I can use in my current project. The current project is about populating a table with two dropdown boxes (which are populated themselves with tables). However, I don't understand what personal changes I need to do in order to make it work. attributes? :attributes? Can someone make sense of it?
$levels = $_POST['level1'][0].",".$_POST['level1'][1];
//Now you have a string called $levels
// Which contains a comma seperated list, to insert into db / one field
//Insert into your table...change your table and field names to real values...
$sql = "INSERT INTO yourTable (attributes) VALUES (:attributes)";
$q = $db->prepare($sql);
$q->execute(array(':attributes'=>$levels));
?>
:attributes is a bound parameter in a PHP prepared statement which inserts a row into a table with an attributes field, setting just that field.
Example, I want the drop down value to be 1278|Toy Name
I would like to then separate via the | and spost the id "1278" in an id field
and "Toy 2" in a toy field.
I am actually using FormTools (formtools.org) for all of my forms and this is one thing I just can not get my head around.
A little background: This is for a client and needs to be this way. they need the ID submitted as well as the Toy Name into separate Db tables.
Any help would be greatly appreciated.
You could split the submitted value based on the | and use the retrieved values to insert into the database.
$toyInput = $_POST["toyInput"];
$toySplit = explode("|", $toyInput);
$toyID = $toySplit[0];
$toyName = $toySplit[1];
// Now insert $toyID and $toyName into your DB in separate fields.
Be aware that this has no validation, a user could easily put fake ID's, names, or a value with no "|" and cause your script to error out. Be sure to add extra checks for these cases!
You can also use list that assign values to a list of variables.
$toyInput = $_POST["toyInput"];
list($toyID, $toyName) = explode("|", $toyInput);
I have a small problem. I am working with some manual testers who are untrained in programming/database design. Our current process means that these manual testers need to insert data into our database at certain times whilst we build a GUI to facilitate this in the future.
In the interim, I would like to create a simple site. What I would like to do with the site is, simply, connect to our database, allow the manual tester to enter some keywords, and return any columns within tables that are close/related to the keywords provided. This would save a lot of time for our testers searching for colums in our (rather large) database.
How could I create a site like this? I think it could be useful for a lot of people, so I have decided to post the question up here to gather the thoughts of StackOverflow.
At the moment, I am thinking a simple PHP page with a textbox, which allows the user to enter some data, separated by commas. Explode the data based on commas, hold it in an array. Connect to my database, then use the Information Schema View to retrieve column information.
My main problem is - what is the most effective way to use the Information Schema View to retrieve columns related to the keywords entered by the users ? How can I ensure the columns returned are the most suitable?
Any input here would be greatly appreciated. Thanks a lot.
Tl;dr is the bolded part, for busy people :)
I think you could achieve this with a simple form and some ajax calls using on key up.
Here is a simple example in which the list will update each time the user enters a letter in the column name they are searching for.
Index.html
<!DOCTYPE html>
<html lang="en">
<head>
<script type="text/javascript">
$(document).ready(function() {
$("#faq_search_input").keyup(function()
{
var faq_search_input = $(this).val();
var dataString = 'keyword='+ faq_search_input;
if(faq_search_input.length>1)
{
$.ajax({
type: "GET",
url: "ajax-search.php",
data: dataString,
success: function(server_response)
{
document.getElementById("searchresultdata").style.display = "block";
$('#searchresultdata').html(server_response).show();
}
});
}return false;
});
});
</script>
</head>
<body>
<div class="searchholder">
<input name="query" class="quicksearch" type="text" id="faq_search_input" />
<div id="searchresultdata" class="searchresults" style="display:none;"> </div>
</div>
</body>
</html>
next we need a script to carry out our search
ajax-search.php
//you must define your database settings
define("DB_HOST", "FOO");
define("DB_USERNAME", "BAR");
define("DB_PASSWORD", "YOUR PASSWORD");
define("DB_NAME", "DATABASE NAME");
if(isset($_GET['keyword']))
{
$search = new mysqli(DB_HOST, DB_USERNAME, DB_PASSWORD, DB_NAME);
if ($search->connect_errno)
{
echo "Failed to connect to MySQL: (" . $search->connect_errno . ") " . $search->connect_error;
$search->close();
}
$keyword = trim($_GET['keyword']) ;
$query ="SELECT COLUMN_NAME FROM ".DB_NAME.".INFORMATION_SCHEMA.COLUMNS WHERE COLUMN_NAME LIKE '%".$keyword."%'";
$values = $search->query($query);
if($values->num_rows != 0)
{
while($row = $values->fetch_assoc())
{
echo $row['COLUMN_NAME']."<br>";
}
}
else
{
echo 'No Results for :"'.$_GET['keyword'].'"';
}
}
As the user types out a column name all of the column name like this will be returned and updated on the fly, without page reload. Hope this helps
You should do something like this:
Form:
<form action="search.php" method="post">
<textarea name="words"></textarea>
<input type="submit">
</form>
search.php
<?php
// You will need a DB user with enough permissions
$link = mysqli_connect($server,$user,$pass);
mysqli_select_db($link,$database_name);
print "<table>";
// Comma separated
$words = explode(",",$_POST['words']);
foreach ($words as $word)
{
$sql = "SELECT COLUMN_NAME FROM ".$database_name.".INFORMATION_SCHEMA.COLUMNS
WHERE COLUMN_NAME LIKE '%".$word."%'";
$res = mysqli_query($link,$sql);
while ($row = mysqli_fetch_assoc($res))
{
print "<tr><td>".$row['COLUMN_NAME']."</td></tr>";
}
}
print "</table>";
?>
I can see why you are asking this interesting question. If the tester enters a list of keywords, and you use the information schema view to obtain a list of matching columns, then there is a danger that there will be a lot of false matches that could waste time or cause the tester to enter incorrect information into your system. You want to know how to determine which columns are the best matches to the tester's query. But you want to keep it simple because this is just a temporary workaround, it's not your main application.
The answer is to supplement search results using a reputation-based system. Here is a very simple one that should work well for your application.
First, create two simple tables to store rating information for the tables and columns in your database. Here is the starting structure.
TEST_SEARCH_TABLES:
TABLE_ID
TABLE_NAME
RATING
TEST_SEARCH_COLUMNS:
COLUMN_ID
TABLE_ID
COLUMN_NAME
RATING
Populate TEST_SEARCH_TABLES with the name of every table in your database. Populate TEST_SEARCH_COLUMNS with the name of every column, and link it to the corresponding table. Initialize all the RATING columns to 1000.0 - you will be using the Elo Rating System to supplement your rankings because it is simple, easy to implement and it works great.
When the user enters a list of keywords, don't use Information Schema View. Instead, search the TEST_SEARCH_COLUMNS table for any columns that have any of those keywords. Assign each column a WEIGHT based on the number of hits. (For example, if the search is "customer,amount,income" then a column CUSTOMER_ID would have a weight of 1. A column CUSTOMER_INCOME would have a weight of 2, and CUSTOMER_INCOME_AMOUNT would have a weight of 3.) Calculate the WEIGHT of each table as the sum of the weights of its columns.
Now for each table and column returned by your search, multiply the WEIGHT times the RATING to determine the SEARCH VALUE. Give the tester a list of matching tables in descending order of search value. Within each table, also list the columns in descending order of their search value.
Every time a table or column appears in a search, use the Elo Rating System to give it a WIN against an opponent rated 1000.0. Every time a user selects a column to work with, give both that column and its table a win against an opponent rated 1500.0. In this way, the most useful and successful tables and columns will organically float to the top of your search lists over time.
A side benefit to this approach (using tables instead of information schema view) is that this approach is more extensible. As an enhancement, you could put DESCRIPTION and COMMENTS columns on the TEST_SEARCH_TABLES and TEST_SEARCH_COLUMNS tables, and also search those columns for keyword matches as well.
Here is another optional enhancement - you could put a (+) and (-) button next to each table and column and give it a win against a 2000-rated opponent if the user clicks (+) and a loss against a zero-rated opponent if the user clicks (-). That will allow your testers to vote for columns they find important and to vote against columns that are always getting in the way.
I'm not sure if I fully understood your issue
Take a look at this:
http://php.net/manual/en/function.mysql-list-tables.php
you can get all the tables on a database , store them in an array then filter them using your keywords
I think this could be done in the following steps without any PHP programming and even without need in any web-server.
Write SQL-script which makes everything to retrieve data you need.
Modify script to add columns to result set with simple html-formatting to make you result record like the following:
'<tr><td>', 'resultcolumn1', '</td><td>', 'resultcolumn2','</td></tr>'
Run this script using sqlcmd with output option to file. Give resulting file .html extension.
Place sqlcmd call inside cmd file. After calling sqlcmd call web browser with resulting html file name as parameter. This will display your results to tester.
So, your testers only run cmd file with some parameters and get html page with results. Of course you need to form correct html head and body tags, but this is not a problem.
Now about your main question about how you can be sure the columns returned are the most suitable. I think the most reliable from the most simple ways is to create thesaurus table which contains synonyms for your column names. (This could be done by testers themselves). So you can search your column names from Information Schema View using LIKE in INFORMATION_SCHEMA.COLUMNS as well as in thesaurus table.
Not sure if you want spend time on writing and supporting your solution. For php/mysql I would use http://www.phpmyadmin.net/home_page/index.php or if users can access db directly
http://dev.mysql.com/downloads/gui-tools/5.0.html
Might take some time to tech them how to use it, but will save a lot of problems in a long run.
Another thing, you can create *.sql files that would populate db automatically.
query.sql
CREATE TABLE "example" (
"id" INT NOT NULL AUTO_INCREMENT,
"name" VARCHAR(30),
"age" INT
);
INSERT INTO "example" VALUES
('1', 'a', 1),
('2', 'b', 2);
than you can run it from command line:
mysql -u USER -pPASSWORD database_name < filename.sql
Use mysql_connect method if you use mysql and enter data like:
INSERT INTO tablename
and stuff just read about it.
I'm writing sql code which gets the name of the columns its supposed to look up of a table from custom php code.
Part of this has to do with location i.e. country ,state, zip, etc. I have it so that on the php code, the user fills out the fields that correspond to these on their tables. However, it is possible that while these are all possibilities they may not have every piece, like the zip code.
If I the php doesn't get anything for the zip column name it throws off the entire code. Null columns are ok with me, but I'm struggling finding a way to make a placeholder for the column. Is there a sql placeholder I can tell the php variable to become if the user enters nothing and is therefore null?
$addressColumn = $_POST["address"];
$stateColumn = $_POST["state"];
$zipColumn = $_POST["zip"];
$cityColumn = $_POST["city"];
$countryColumn = $_POST["country"];
$database = $_POST["database"];
if one of these is not posted on the html page, then the code breaks. suggestions? I can change the value if null to something else if anyone knows of a placeholder value that sql will accept and then as I fetch rows will place null below it
I think that working starting from column names is not a good idea. SQL doesn't concept like stree or ZIP but only stings and number or date.
I suggest you to create a class with all your table columns as properties, putting the business logic in the right place (the PHP), so the method "query" (the one who query the DB) can validate/operate/manage the status of your object.
The PHP that draw the for can get all infos from the class (eg: *get_object_vars* ) instead of DB.
If you're worried from mapping your DB into class you can look at ActiveRecords.
I'm trying to figure out how and which is best for storing and getting multiple entries into and from a database. Either using explode, split, or preg_split. What I need to achieve is a user using a text field in a form to either send multiple messages to different users or sharing data with multiple users by enter their IDs like "101,102,103" and the PHP code to be smart enough to grab each ID by picking them each after the ",". I know this is asking a lot, but I need help from people more skilled in this area. I need to know how to make the PHP code grab IDs and be able to use functions with them. Like grabbing "101,102,103" from a database cell and grabbing different stored information in the database using the IDs grabbed from that one string.
How can I achieve this? Example will be very helpful.
Thanks
If I understand your question correctly, if you're dealing with comma delimited strings of ID numbers, it would probably be simplest to keep them in this format. The reason is because you could use it in your SQL statement when querying the database.
I'm assuming that you want to run a SELECT query to grab the users whose IDs have been entered, correct? You'd want to use a SELECT ... WHERE IN ... type of statement, like this:
// Get the ids the user submitted
$ids = $_POST['ids'];
// perform some sanitizing of $ids here to make sure
// you're not vulnerable to an SQL injection
$sql = "SELECT * FROM users WHERE ID IN ($ids)";
// execute your SQL statement
Alternatively, you could use explode to create an array of each individual ID, and then loop through so you could do some checking on each value to make sure it's correct, before using implode to concatenate them back together into a string that you can use in your SELECT ... WHERE IN ... statement.
Edit: Sorry, forgot to add: in terms of storing the list of user ids in the database, you could consider either storing the comma delimited list as a string against a message id, but that has drawbacks (difficult to do JOINS on other tables if you needed to). Alternatively, the better option would be to create a lookup type table, which basically consists of two columns: messageid, userid. You could then store each individual userid against the messageid e.g.
messageid | userid
1 | 1
1 | 3
1 | 5
The benefit of this approach is that you can then use this table to join other tables (maybe you have a separate message table that stores details of the message itself).
Under this method, you'd create a new entry in the message table, get the id back, then explode the userids string into its separate parts, and finally create your INSERT statement to insert the data using the individual ids and the message id. You'd need to work out other mechanisms to handle any editing of the list of userids for a message, and deletion as well.
Hope that made sense!
Well, considering the three functions you suggested :
explode() will work fine if you have a simple pattern that's always the same.
For instance, always ', ', but never ','
split() uses POSIX regex -- which are deprecated -- and should not be used anymore.
preg_split() uses a regex as pattern ; and, so, will accept more situations than explode().
Then : do not store several values in a single database column : it'll be impossible to do any kind of useful work with that !
Create a different table to store those data, with a single value per row -- having several rows corresponding to one line in the first table.
I think your problem is more with SQL than with PHP.
Technically you could store ids into a single MySQL field, in a 'set' field and query against it by using IN or FIND_IN_SET in your conditions. The lookups are actually super fast, but this is not considered best practice and creates a de-normalized database.
What is nest practice, and normalized, is to create separate relationship tables. So, using your example of messages, you would probably have a 'users' table, a 'messages' table, and a 'users_messages' table for relating messages between users. The 'messages' table would contain the message information and maybe a 'user_id' field for the original sender (since there can only be one), and the 'users_messages' table would simply contain a 'user_id' and 'message_id' field, containing rows linking messages to the various users they belong to. Then you just need to use JOIN queries to retrieve the data, so if you were retrieving a user's inbox, a query would look something like this:
SELECT
messages.*
FROM
messages
LEFT JOIN users_messages ON users_messages.message_id = messages.message_id
WHERE
users_messages.user_id = '(some user id)'