We Keep Coding

PDO query works but prepared statement does not [duplicate]

This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
Closed 2 months ago.
I have the written the following code which works fine and shows me the nickname:
$stmt2 = $pdo->query("SELECT nick FROM users WHERE ID=12");
$nn = $stmt2->fetch();
echo $nn["0"];
now I tried to do it as a prepared statement, so I can use different ID numbers. But it does not work, it display nothing.
$stmt3 = $pdo->prepare("SELECT nick FROM users WHERE ID=?");
$stmt3->execute(12);
$nn3 = $stmt3->fetch;
echo $nn3["0"];
I tried looking if I did something wrong but i simply can not see what is wrong the prepared statement.

You need to pass an array as the argument to the execute method when using a prepared statement. The argument should contain the values that you want to bind to the placeholders in the prepared statement. In your case, you need to pass an array containing the value of the ID you want to use as the parameter in the query.
$stmt3->execute([12]);
You are missing the () after fetch when trying to retrieve the result from the prepared statement. The fetch method returns a row from the result set as an array, so you need to call it like a function to retrieve the result.
$nn3 = $stmt3->fetch();
When accessing an element in the array returned by fetch, you need to use the key of the element, not its index. In this case, you can use the key "nick" to access the nickname.
echo $nn3["nick"];
Here's the corrected code:
$stmt3 = $pdo->prepare("SELECT nick FROM users WHERE ID=?");
$stmt3->execute([12]);
$nn3 = $stmt3->fetch();
echo $nn3["nick"];

Issues when getting ID from DB [duplicate]

This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 2 years ago.
I hope you all have a good day.
Actually I'm deploying a query to get a complete array of data. But the fact is that I need an Id, first of all, I guess, I must get the last Id first, then I can apply a mathematic operation to get its value + 1. The fact is that I've been trying different sentences and queries with no result.
This is my code:
function obtener_Id(){
global $mysqli;
$resultado_oId = $mysqli ->query("SELECT TOP 1 'id' FROM 'pacient' ORDER BY RowID DESC ")
$id_sacada = mysqli_fetch_assoc($resultado_oId);
$id_enLaMano = $id_sacada['id'];
return $id_enLaMano;
//$id_dinamica = $id_enLaMano + 1;
//return $id_dinamica;
}
As you can see guys, I've commented on the last two lines, cause I´m looking to get at least a value (The result from a query) But Idk if that is correct. Looking on the Internet I've seen relative posts which are solved just to apply the query that we can view under global declarations...
I've tried that on phpMyAdmin with no results and a bunch of errors...
You guys know the correct way to get the max value in the Id column? Or even if I'm doing badly correct me.
A lot of hugs and Luck!
Mizar ^^

I would suggest putting the serial number in a table. Read the serial no before insert, (lock the table, if required) insert the data, then increase the serial no by 1 and update the serial no table with increased value.

SET mysql variable with list of mails [duplicate]

This question already has answers here:
How to pass a variable to a IN clause?
(4 answers)
Closed 5 years ago.
I need to define a list of variables to use in multiple MySQL queries.
The variable will be a list of mails. I have tried to define it in different ways but it always gives me error in the construction.
SET #listamails='mail1#gmail.com,mail2#gmail.com';
Select * from user WHERE mail IN (#listamails);
Any ideas?
Thank you

You cannot pass in a list to IN using a single variable. The simplest solution in MySQL is find_in_set():
Select u.*
from user u
where find_in_set(mail, #listamails) > 0;
However, this cannot take advantage of an index. For that, you might want to use dynamic SQL.

Try this
SET #listamails='mail1#gmail.com','mail2#gmail.com';
Select * from user WHERE mail IN (#listamails);

SQL Server IN statement with wildcard [duplicate]

This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Is there a combination of “LIKE” and “IN” in SQL?
The first where clause below runs fine for me but it does not pick up contacts that might have 45211-1234 or 45213-4321
SELECT * FROM contacts
WHERE zipcode IN ('45211','45213')
I thought I could change the where clause to the below to fix, but it fails.
SELECT * FROM contacts
WHERE zipcode IN ('45211%','45213%')
How might I change this so it brings back anything that has proper zip + dash + any zip4? For example, 45211-1234 or 45213-4321.
Note I have whole bunch of zipcodes to enter, not just these two.

How about this:
SELECT * FROM contacts
WHERE Left(zipcode,5) IN ('45211','45213')

SQL query, although constructed properly, returns 1064 error [duplicate]

This question already has an answer here:
Syntax error due to using a reserved word as a table or column name in MySQL
(1 answer)
Closed 8 years ago.
Can somebody point out why the following query fails?
SELECT
references_translations.language_id,
references_translations.active,
references_translations.title,
references_translations.slug,
references_translations.body,
references_translations.seo_title,
references_translations.seo_description,
references.*
FROM (references)
INNER JOIN references_translations ON references_translations.reference_id = references.id AND references_translations.language_id = 'nl'
WHERE `references_translations`.`active` = 1;
I cant see why this query keeps failing. Couldn't find if any of my table or column names are reserved by MySQL.
Any pointers in the right direction would be greatly appreciated. Thanks in advance.

references is a reserved keyword, try to enclose it in backticks `.

References is a Reserve word.
Checked from link below:
MySQL 5.5 Reserved-words