I'm trying to rewrite an SQL select query to use the $wpdb->prepare function. My original SQL query looks like this and works fine.
function hfwp_SaveFormData($formData, $userID, $today, $dbTable) {
global $wpdb;
$wpdb->show_errors();
$query = "SELECT UserID FROM $dbTable WHERE Date = '$today' AND UserID = '$userID'";
$wpdb->get_results( $query );
$count = $wpdb->num_rows;
if ($count > 0) {
$wpdb->update($dbTable, array('Distance' => $formData), array('Date' => $today, 'UserID' => $userID));
}else{
$wpdb->insert($dbTable, array('UserID' => $userID, 'Date' => $today, 'Distance' => $formData));
}
}
I then tried to rewrite the SELECT statement to use $wpdb->prepare:
$wpdb->get_results( $wpdb->prepare("SELECT UserID FROM %s WHERE Date = %s AND UserID = %d", $dbTable, $today, $userID ) );
But it gives an error in the log but not enough to give me a hint on what is wrong.
I also tried another version of the $wpdb->prepare:
$query = "SELECT UserID FROM %s WHERE Date = %s AND UserID = %d";
$prepared = $wpdb->prepare( $query , $dbTable, $today, $userID );
$wpdb->get_results( $prepared );
Related
I am trying to pass table name and column name from String to the sql query, but for some reason it doesnt work.
This is an example of what am trying to do from symfony 4.4 documentation :
This is how I am trying to do it :
$sql = "SELECT
:col,
COUNT(*) AS `cnt`
FROM
:tab
GROUP BY
:col
";
$stmt = $conn->prepare($sql);
$stmt->execute([ 'col' => $col , 'tab' => $tab ]);
return $stmt->fetchAllAssociative();
output :
meanwhile, it works like this :
$sql = "SELECT
typeCl,
COUNT(*) AS `cnt`
FROM
client
GROUP BY
typeCl
";
$stmt = $conn->prepare($sql);
$stmt->execute([ 'col' => $col , 'tab' => $tab ]);
return $stmt->fetchAllAssociative();
And I still want to make my table and column parametrable .. is there anyway to do that ??
(It is not about my String values I used dump and die and make sure nothign wrong with that)
This is how i made it work :
$sql = "SELECT ".$col.",
COUNT(*) AS `cnt`
FROM
".$tab."
GROUP BY
".$col."
";
$stmt = $conn->prepare($sql);
$stmt->execute([ 'col' => $col , 'tab' => $tab ]);
return $stmt->fetchAllAssociative();
In zf2, how can i write following mysql query and execute it. ??
SELECT * FROM `user_modules` um JOIN ((SELECT vm.id, vm.module_code, vm.module_title,'video' AS type FROM video_master vm WHERE vm.is_deleted = 0) UNION (SELECT sm.id, sm.module_code, sm.module_title, 'slideshow' AS type FROM slideshow_master sm WHERE sm.is_deleted = 0) result ON um.module_id = result.id
WHERE um.user_id='3'
I found solution!!
$userId = '1';
$select = "SELECT * FROM `user_modules` um JOIN ((SELECT vm.id, vm.module_code, vm.module_title, 'video' AS type FROM video_master vm WHERE vm.is_deleted = 0) UNION (SELECT sm.id, sm.module_code, sm.module_title, 'slideshow' AS type FROM slideshow_master sm WHERE sm.is_deleted = 0)) temptable on um.module_id = temptable.id where um.user_id='". $userId ."'";
$resultSet = $this->adapter->query($select);
return $data = $this->resultSetPrototype->initialize($resultSet->execute())->toArray();
OR else can use ZF2 method:
$sql = new Sql($this->getAdapter());
$select = $sql->select()->from(array('um' => $this->table));
Get all slideshow modules
$select1 = $sql->select(array())->from(
array("slideshow" =>'slideshow_master'))
->columns(array('id','module_code','module_title',"type" => new Expression("'Slideshow'")));
$select1 = $sql->select(array())->from(
array("slideshow" =>'slideshow_master'))
->columns(array('id','module_code','module_title',"type" => new Expression("'Slideshow'")));
$select1->where("slideshow.is_deleted = 0");
$select1->order("slideshow.id");
Get all video modules
$select2 = $sql->select(array())->from(
array("video" => 'video_master'))
->columns(
array('id','module_code','module_title',"type" => new Expression("'Video'")));
$select2->where("video.is_deleted = 0");
$select2->order("video.id");
union of two first selects
$select1->combine ( $select2, 'UNION' );
$select->join(array('result' => $select1), "result.id = um.module_id");
$select ->where("um.user_id='". $userId. "'");
$statement = $sql->prepareStatementForSqlObject($select);
return $this->resultSetPrototype->initialize($statement->execute())->toArray();
Sorry for my typing and formatting.
I like to write a csv import / update to my Mysql database, but it isnt working. I get no error messages.
Can anybody help me to find the error or whats wrong with my script please.
// set local variables
$connect = mysql_connect("localhost","root","") or die('Could not connect: ' . mysql_error());
$handle = fopen("imptest.csv", "r");
// connect to mysql and select database or exit
mysql_select_db("shoptest1", $connect);
while($data = fgetcsv($handle, 30000, ';')) //Jede Zeile durchgehen
{
$Product_ID=$data[0];
$field=$data[1];
$query = 'SELECT Product_ID FROM testprod';
if (!$result = mysql_query($query)) {
continue;
} if ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
// entry exists update
$query = "UPDATE ps_product_lang SET custom_field ='$field' WHERE id_product = '$Product_ID'";
mysql_query($query);
if (mysql_affected_rows() <= 0) {
echo "kein update";
// no rows where affected by update query
}
} else {
echo "kein eintrag";
// entry doesn't exist continue or insert...
}
mysql_free_result($result);
}
fclose($handle);
mysql_close($connect);
?>
The queries you are performing:
SELECT Product_ID FROM testprod
UPDATE nl_product_lang SET custom_field = ? WHERE Product_ID = ?
are suitable to detect whether a product exists and then either UPDATE or INSERT. For only an UPDATE, the SELECT doesn't matter, as there won't be an entry WHERE Product_ID NOT IN (SELECT Product_ID FROM testprod) - if you have a foreign key.
Here's an example of how to do this using PDO.
list( $SQLDSN, $SQLUSER, $SQLPASS ) = [ 'mysql:dbname=shoptest1', 'root', '' ];
$db = new PDO( $SQLDSN, $SQLUSER, $SQLPASS, [
PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8',
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
] );
$ids = $db->query( "SELECT Product_ID from testprod" )->fetchAll( \PDO::FETCH_COLUMN, 0 );
while ( list( $Product_ID, $field ) = fgetcsv(...) )
if ( in_array( $Product_ID, $ids ) )
query( $db, "UPDATE ps_product_lang SET custom_field = ? WHERE Product_ID = ?",
[ $field, $Product_ID ]
);
else
trigger_warning( "unknown product $Product_ID" );
function query( $db, $sql, $args = null ) {
$sth = $db->prepare( $sql );
$sth->execute( $sql );
return $sth;
}
I am a relative novice and could use some help with this problem.
This will be used in a search filter situation.
Users need to search by a value and 1 or more other values passed by the search form.
$name = $_POST['name'];
$sdate = $_POST['sdate'];
$startdate = $_POST['startdate'];
$enddate = $_POST['enddate'];
$vehicle = $_POST['vehicle'];
$triptype = $_POST['triptype'];
If any of these values are '' I do not want them in the query, If they contain a value I do want them in the query.
SELECT * FROM form_data WHERE `resp_person` = '$name',
IF $sdate != '' then `sdate` = '$sdate',
IF $startdate != '' then `sdate` = *all values between $startdate and $enddate*,
IF $triptype != '' then `triptype` = '$vehicle',
IF $vehicle != '' then `vehicle` = '$vehicle', `sdate`
ORDER BY `sdate` DESC, `stime` DESC")
I know the code is wrong but it should give you a good idea of what I am trying to accomplish. Any guidance would be greatly appreciated.
A better way is to not use string concatenation to build the entire query, but rather use an sql library that supports prepared statements, such as PDO.
$pdo = new PDO('... connection string ...', username, password);
$where = '';
$possible_values = array('name', 'sdate', 'startdate', 'enddate', 'vehicle', 'triptype' );
$params = array();
foreach($possible_values as $val)
{
if(isset($_POST[$val]))
{
$params[] = $_POST[$val];
if($where == '')
{
$where = "WHERE $val = ?";
}
else
{
$where .= " AND $val = ?";
}
}
}
$stmt = $pdo->prepare("SELECT * FROM form_data " . $where);
$stmt->execute($params);
In cases like this, I prefer to build the query in pieces...
$wheres = array(); // Collect things to AND together
if ($searchterm != 'All') $wheres[] = "subject LIKE '%searchterm'";
if (...) $wheres[] = "...'";
...
if (count($wheres) > 0)
$where_str = "WHERE " . implode(' AND ', $wheres);
else
$where_str = '';
$order_str = (...) ? "ORDER BY ..." : '';
$limit_str = $limit ? "LIMIT $limit" : '';
$query = "SELECT ... FROM foo $where_str $order_str $limit_str";
Oh, and don't forget to use escape the strings on any data coming in from a form -- else a user can do nasty things to the SQL statement!
I followed this link and created my own custom query with pagination.. but I don't really understand how the offset works,
https://wordpress.stackexchange.com/questions/21626/pagination-with-custom-sql-query
the pagination does not work well. and I'm getting zero value for offset.
function spiciest(){
global $wpdb, $paged, $max_num_pages;
$paged = (get_query_var('paged')) ? get_query_var('paged') : 1;
$post_per_page = intval(get_query_var('posts_per_page')); //6
$offset = ($paged - 1)*$post_per_page;
/* Custom sql here. I left out the important bits and deleted the body
as it will be specific when you have your own. */
$sql = "
SELECT DISTINCT * FROM $wpdb->posts
INNER JOIN (SELECT *, SUBSTRING(name, 6) as 'post_ID',
votes_up AS votes_balance,
votes_up + votes_down AS votes_total
FROM thumbsup_items) AS thumbsup
ON $wpdb->posts.ID = thumbsup.post_ID
WHERE $wpdb->posts.post_status = 'publish'
AND $wpdb->posts.post_type = 'post'
AND $wpdb->posts.post_password = ''
ORDER BY votes_up DESC, votes_balance DESC
LIMIT ".$offset.", ".$post_per_page."; ";
$sql_result = $wpdb->get_results( $sql, OBJECT);
/* Determine the total of results found to calculate the max_num_pages
for next_posts_link navigation */
$sql_posts_total = $wpdb->get_var( "SELECT FOUND_ROWS();" );
$max_num_pages = ceil($sql_posts_total / $post_per_page);
print_r("offset ". $offset."\n") ;
print_r("\n"."sql_posts_total ". $sql_posts_total."\n") ;
print_r("\n"."max_num_pages ". $max_num_pages."\n") ;
return $sql_result;
}
Please see it live.. I have printed the vlues.. http://goo.gl/fZTck
It should have 7 pages with a total of 39 entries.
The problem here is the LIMIT, it'll just count the first page and not the entire query.
I had solved it by providing a secondary SQL query for counting the max pages. thanks for my friends for this tip.
here's the complete code.
function.php
function spiciest(){
global $wpdb, $paged, $max_num_pages;
$paged = (get_query_var('paged')) ? get_query_var('paged') : 1;
$post_per_page = intval(get_query_var('posts_per_page')); //6
$offset = ($paged - 1)*$post_per_page;
// query normal post
$query_spicy = "
SELECT DISTINCT * FROM $wpdb->posts
INNER JOIN (SELECT *, SUBSTRING(name, 6) as 'post_ID',
votes_up AS votes_balance,
votes_up + votes_down AS votes_total
FROM thumbsup_items) AS thumbsup
ON $wpdb->posts.ID = thumbsup.post_ID
WHERE $wpdb->posts.post_status = 'publish'
AND $wpdb->posts.post_type = 'post'
AND $wpdb->posts.post_password = ''
ORDER BY votes_up DESC, votes_balance DESC";
//query the posts with pagination
$spicy = $query_spicy . " LIMIT ".$offset.", ".$post_per_page."; ";
$spicy_results = $wpdb->get_results( $spicy, OBJECT);
// run query to count the result later
$total_result = $wpdb->get_results( $query_spicy, OBJECT);
$total_spicy_post = count($total_result);
$max_num_pages = ceil($total_spicy_post / $post_per_page);
return $spicy_results;
}
TEMPLATE CODES:
<?php
$spiciest = spiciest();
if ($spiciest):
global $post;
foreach ($spiciest as $post) :
setup_postdata($post);
?>
/**** PUT TEMPLATE TAGS HERE *****/
<?php
endforeach;
endif;
?>
and then the PAGINATION here, please note of the TOTAL in array.
global $wp_rewrite, $wp_query, $max_page, $page;
$wp_query->query_vars['paged'] > 1 ? $current = $wp_query->query_vars['paged'] : $current = 1;
$pagination = array(
'base' => #add_query_arg('page','%#%'),
'format' => '',
'total' => $max_num_pages,
'current' => $current,
'prev_text' => __('PREV'),
'next_text' => __('NEXT'),
'end_size' => 1,
'mid_size' => 2,
'show_all' => false,
'type' => 'list'
);
if ( $wp_rewrite->using_permalinks() )
$pagination['base'] = user_trailingslashit( trailingslashit( remove_query_arg( 's', get_pagenum_link( 1 ) ) ) . 'page/%#%/', 'paged' );
if ( !empty( $wp_query->query_vars['s'] ) )
$pagination['add_args'] = array( 's' => get_query_var( 's' ) );
echo paginate_links( $pagination );
Your variable $offset value is always the same.
So just replace
$offset = 1;
with:
$offset = ($paged - 1)*$post_per_page;