So I've been working on this website a long time but the problem is most of it is MYSQL, which of course isnt very secure, so now I'm trying to update all the PHP to PDO, so far I've only managed to get the connect.php working (in the first code below). My main issue is wthin the 2nd code below, on my reviews page I'm having a hard time fetching ALL the reviews from database including (cid,uid,username,date,message & rating) and then ORDER BY DESC, I have used multiple guides but they all seem to show a different way of doing it...
<?php
$host = 'localhost';
$dbuser = 'B99';
$dbpwd = 'testpass';
$dbname = 'admin';
//set DSN//
$dsn = 'mysql:host=' . $host .';dbname=' . $dbname;
//Create PDO instance//
//Attempt MySQL server connection.//
$pdo = new PDO($dsn, $dbuser, $dbpwd);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
?>
and the FetchAll code here:
<?php
include("/var/www/vhosts/myweb.co.uk/httpdocs/PHP/connect.php");
$sql = $pdo->query("SELECT * FROM `reviews` ORDER BY `cid` DESC");
$stmt = $pdo->prepare($sql);
$stmt->execute(['cid']);
$reviews = $stmt->fetchAll();
foreach ($reviews as $fetch) {
?>
<div class="eachreview" style="background-color:royalblue;">
<?php echo $fetch['rating']; ?>
<?php echo $fetch['uid']; ?>
<?php echo $fetch['message']; ?>
<?php echo date("d/m/Y" ,strtotime($fetch['date'])); ?>
</div>
<?php
}
?>
UPDATED CODE Kinda working but displaying 1/1/1970 and no other data
<?php
include("/var/www/vhosts/myweb.co.uk/httpdocs/PHP/connect.php");
$stmt = $dbh->prepare("SELECT * FROM `reviews` WHERE cid = :cid");
$stmt->execute(array(':cid' => "cid"));
$fetch = $stmt->fetchAll();
{
?>
THIS CODE BELOW WORKS! :)
<?php
include("/var/www/vhosts/my-web.co.uk/httpdocs/PHP/connect.php");
$stmt = "SELECT * FROM `reviews`";
$result = $dbh->query($stmt);
foreach ($result as $fetch) {
?>
<?php echo $fetch['message']; ?>
Related
I have tried to show the whole table data in MySQL. Rows are (User_id, first_name, last_name, and dept). There is no result when I refresh the page.
<?php
$servername = "fdb19.awardspace.net";
$username = "2598428_db";
$password = "password";
$dbname = "2598428_db";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql="SELECT * From users";
$result = $conn->query($sql);
while($res = mysqli_fetch_array( $result )) {
echo $res['AverageSatisfactionScore'];
}
?>
Your echo is false.
You need to display a valid column name like :
echo $res['id'] or echo $res['dept'].
just try to print the total count of your result set by
echo mysqli_num_rows( $result );
it will print total number of records in the result
Also try to print whole row by
print_r($res);
insted of using
echo $res['AverageSatisfactionScore'];
I have created my own table on my wordpress database and created the filter search form. Now, my problem is that, I dont know how to connect my database to my search filter form in wordpress.
Here is the process, I send the keyword from index.php to result.php, and it shows nothing, just a blank page.
Here's my code:
<?php
define('WP_USE_THEMES', false);
global $wpdb;
$destination = $_POST["destination"];
echo "Welcome test" . $destination;
$sql = "SELECT * FROM rates WHERE location = '" . $destination ."';";
echo $sql;
echo "search this";
foreach ( $wpdb->get_results($sql) as $result ) {
echo "search for". $result->location;
}
?>
wp-content/themes/Your-Theme-Name/result.php
<?php
/*
* Template Name: MyResultPage
*/
/* You can also use require_once('wp-load.php'); */
get_header();
global $wpdb;
$destination = $_POST["destination"];
$table = $wpdb->prefix . "rates";
$sql = "SELECT * FROM `". $table . "` WHERE location = '". $destination. "'" ;
$result = $wpdb->get_results($sql);
foreach($result as $res) {
echo "search for". $res->location;
}
?>
Then, you create a new page in your wordpress admin and set the template to result.php template name: MyResultPage (for example).
you should either include wp-config.php file in the header of the file which will include all the relevant files in your page.
Can you plz check below code and it output.
i added one page in root directory of WordPress and make one page and add this code.
test.php
<?php
define('WP_USE_THEMES', false);
require_once('wp-load.php');
global $wpdb;
$result = $wpdb->get_results(("SELECT * FROM {$wpdb->prefix}posts WHERE post_type = 'page'"), ARRAY_A);
foreach( $result as $key => $val )
{
echo '<p>Title - '.$val['post_name'].'</p>';
echo '<p>ID - '.$val['ID'].'</p>';
}
?>
Now here is out put of this page it shows all page title and id.
Output:
<p>Title - sample-page</p>
<p>ID - 2</p>
<p>Title - sample-page1</p>
<p>ID - 3</p>
I'm having issues with working with mysql's FIND_IN_SET and pdo. This is my code:
$statement = $conn->prepare("SELECT * FROM `artistInfo` WHERE FIND_IN_SET(':array', artistServices)");
$statement->execute(array(':array' => '2'));
while($row = $statement->fetch()){
echo $row['id'];
echo "<br />";
}
This doesn't produce any results. Am I doing something wrong? Thanks!
$statement = $conn->prepare("SELECT * FROM `artistInfo` WHERE FIND_IN_SET(':array', artistServices)");
$statement->execute(array(:array => '2'));
while($row = $statement->fetch()){
echo $row['id'];
echo "<br />";
}
The single quotes surrounding :array is why I wasn't getting any results
I cannot display in my distinct query in mysql please help.
<?php
mysql_connect("localhost","root","123");
mysql_select_db("sarangani");
$result = mysql_query("SELECT DISTINCT year(posted) AS year FROM news ORDER BY posted");
while($row = mysql_fetch_array($result)) {
echo "$row[year]";
}
?>
If you're sure the query should deliver a result, you need to use the proper way to echo out the result:
while ($row = mysql_fetch_array($result)) {
echo $row['year']; // So don't put it inside double quotes
}
Here is the entire code guys. I am trying to create a simple user authentication system.
Here is the entire code guys. I am trying to create a simple user authentication system.
Here is the entire code guys. I am trying to create a simple user authentication system.
Here is the entire code guys. I am trying to create a simple user authentication system.
<?php
if (!isset($_POST['username']) OR !isset($_POST['password']) OR empty($_POST['username']) OR empty($_POST['password'])) {
echo "Please login:";
echo '<form method="POST">';
echo 'Username: <input type="text" name="username">';
echo 'Password: <input type="password" name="password"></br>';
echo '<input type="submit" value="Login">';
echo '</form>';
}
else {
$username = $_POST['username'];
$password = md5($_POST['password']);
try {
$pdo = new PDO('mysql:host=localhost;dbname=userauth', 'norman101', 'beecher123');
}
catch(PDOException $e) {
echo 'ERROR:' . $e->getMessage();
}
$sql = "SELECT * FROM userinfo WHERE username=?, AND password=?";
$pds = $pdo->prepare($sql);
$pds->execute(array($username, $password));
$row = $pds->fetch(PDO::FETCH_ASSOC);
print_r($row);
}
?>
I think you are missing the AND operator:
$sql = "SELECT * FROM userinfo WHERE username=? AND password=?";
try this
$pds= $pdo->prepare("SELECT * FROM userinfo WHERE username=:username AND password=:password");
$pds->execute(array(':username' => $username, ':password' => $password));
$row = $pds->fetchAll(PDO::FETCH_ASSOC);