I'm trying to build a leaderboard web app, with data from 15 countries.
The data needs to be uploaded as an .xls file and imported to a MySQL database.
I have build the upload part, which gives me a valid JSON string.
The string is then posted via ajax, to this script as "output":
<?php
if(isset($_POST['output'])) {
$host = "localhost";
$username = "root";
$password = "password";
$dbname = "database";
$con = mysqli_connect($host, $username, $password, $dbname) or die('Error in Connecting: ' . mysqli_error($con));
$st = mysqli_prepare($con, 'INSERT INTO tbl_ttl(country, leads, followup, followuppercent) VALUES (?, ?, ?, ?)');
mysqli_stmt_bind_param($st, 'ssss', $country, $leads, $followup, $followuppercent);
$jsondata = $_POST['output'];
$data = json_decode($jsondata, true);
foreach ($data as $row) {
$country = $row['country'];
$leads = $row['leads'];
$followup = $row['followup'];
$followuppercent = $row['followuppercent'];
mysqli_stmt_execute($st);
}
echo "Success!";
mysqli_close($con);
And this is where im stuck. I do get the "Success!" alert and no errors.
I need to import the records in the string as seperate rows.
And one more thing...
The leaderboard needs to be updated once a month. So is it possible to update the existing rows with new values every time they are uploaded?
Thanks!
Related
Update function
I am getting an error while updating data from database.
sub update
{
my $sql = "UPDATE Data SET NAME = ?, ADDRESS=?, PHONE_NO=?,
DATE_OF_JOINING=?, ROLE_ASSIGN=?, SALARY=? WHERE ID = ?";
my $sth = $dbh->prepare($sql);
print("Enter ID to update : ");
chomp(my $ID = <STDIN>);
print("NAME : ");
chomp(my $NAME = <STDIN>);
print("ADDRESS : ");
chomp(my $ADDRESS = <STDIN>);
print("PHONE_NO : ");
chomp(my $PHONE_NO = <STDIN>);
print("DATE_OF_JOINING : ");
chomp(my $DATE_OF_JOINING = <STDIN>);
print("ROLE_ASSIGN : ");
chomp(my $ROLE_ASSIGN = <STDIN>);
print("SALARY : ");
chomp(my $SALARY = <STDIN>);
$sth->bind_param(1,$NAME);
$sth->bind_param(2,$ADDRESS);
$sth->bind_param(3,$PHONE_NO);
$sth->bind_param(4,$DATE_OF_JOINING);
$sth->bind_param(5,$ROLE_ASSIGN);
$sth->bind_param(6,$SALARY);
$sth->bind_param(7,$ID);
$sth->execute();
print("The record has been updated successfully!");
$sth->finish();
$dbh->disconnect();
}
After executing above function when i try to view updated data :
sub query_links
{
my ($dbh) = #_;
my $sql = "SELECT * FROM Data";
my $sth = $dbh->prepare($sql) or die $DBI::errstr;
$sth->execute() or die $DBI::errstr;
$sth->dump_results();
$sth->finish();
}
Error:
DBD::mysql::st execute failed: MySQL server has gone away at mini.plx line 94,
<STDIN> line 9.MySQL server has gone away
The error message means that the connection to your database has been lost.
You don't show us any code that creates your connection, so it's hard to know what might have gone wrong there. You might consider adding the mysql_auto_reconnect flag when connecting to the database.
my $dbh = DBI->connect($dsn, $user, $password, {
mysql_auto_reconnect => 1,
});
You can also change this setting after the database connection has been set up.
$dbh->{mysql_auto_reconnect} = 1;
Update: As ikegami points out in a comment, you disconnect from the database at the end of update() - and you don't show any code demonstrating that you reconnect before using the connection again in query_links(). That will cause this problem.
I'm trying to test my prepared statement that is protecting one field to get the error message in case of SQL injection. I tried until now thousands of attacks, and all of the values I gave were accepted. Am I using a wrong syntax or attack? I can't see where the problem is. Here is my code:
try {
// $host = "localhost";
// $username = "root";
// $password = "root";
// $db_name = "pokemon";
$conn = new PDO('mysql:host='.$host.';dbname='.$db_name.';', $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$meldung="";
$name =$_REQUEST['name'];
$gewicht = $_REQUEST['Gewicht'];
$größe =$_REQUEST['Größe'];
$spezies = $_REQUEST['Spezies'];
$stufe =$_REQUEST['Stufe'];
$atacke =$_REQUEST['Attacke'];
$array = explode(',', $_REQUEST['Attacke']);
$stmt = $conn->prepare("INSERT INTO Pokemon (`Name`,`Gewicht`,`grosse`,`spezies`,`stufe`) VALUES (:Name, '".$gewicht."', '".$größe."', '".$spezies."', '".$stufe."')");
$stmt->bindParam(':Name', $name);
// $stmt->bindParam(':Gewicht', $gewicht);
// $stmt->bindParam(':grosse', $größe);
// $stmt->bindParam(':spezies', $spezies);
// $stmt->bindParam(':stufe', $stufe);
$stmt->execute();
}
catch(PDOException $e)
{
$meldung = "Error: " . $e->getMessage();
echo $meldung;
}
thanks
When I am trying to decode JSON with this code the output is
ArrayArray ( [0] => )
I do not know why WordPress doesn't support this
<?php
global $wpdb;
$mylink = $wpdb->get_results( "SELECT option_value FROM wp_options WHERE option_id=62167", ARRAY_N );
$raw = stripslashes_deep($mylink);
$data = array();
foreach ($raw as $json) {
echo $json;
$item = #json_decode($json, true);
$data[] = $item;
print_r($data);
}
?>
Hello you need to unserealize the data first when your query get data from database,
That is serealized data and when we get it from db we need to unserealize it.
global $wpdb;
$mylink = $wpdb->get_results("SELECT option_value FROM wp_options WHERE option_id=1223",ARRAY_A);
$raw = stripslashes_deep($mylink);
$data = $raw[0]['option_value'];
$datas = unserialize($data);
foreach ($datas as $key => $value) {
print_r($value);
}
I have the following code :
<?php
try {
# MySQL with PDO_MYSQL
$DBH = new PDO("mysql:host=*****;dbname=****", "****", "*****");
$DBH->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
# statement handle (prevents injection)
$STH = $DBH->prepare("SELECT Adresse FROM Agences");
$STH->execute();
# statement handle (prevents injection)
$STHNAMES = $DBH->prepare("SELECT `numero-agence` FROM Agences");
$STHNAMES->execute();
$storeArray = Array();
$nameArray = Array();
while ($row = $STH->fetch()) {
$storeArray[] = $row['Adresse'];
}
while ($row = $STHNAMES->fetch()) {
$nameArray[] = $row['numero-agence'];
}
echo json_encode(
Array("theAddress" => $storeArray,
"theName" => $nameArray)
);
}
catch(PDOException $e) {
echo 'There was an issue inserting thing into database: '.$e->getMessage();
}
?>
My question is : is there a way to combine the two queries and still have an associative array to send back to the client JSON-encoded ? (I am querying this bit of PHP with an ajax call, and need the resulting data)
Thanks.
Can be done in the same query:
# statement handle (prevents injection)
$STH = $DBH->prepare("SELECT Adresse, `numero-agence` FROM Agences");
$STH->execute();
$storeArray = Array();
$nameArray = Array();
while ($row = $STH->fetch()) {
$storeArray[] = $row['Adresse'];
$nameArray[] = $row['numero-agence'];
}
i seem to be having an error on this coding any help would be appreciated
Parse error: parse error in C:\wamp\www\espn.com\login.php on line 19
<?php
//Database Information
$dbhost = "localhost";
$dbname = "users";
$dbuser = "root";
$dbpass = "*****";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
session_start();
$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);
$query = “select * FROM users where 'username'=$username and 'password'= $password " ;
$result = mysql_query($query);
if (mysql_num_rows($result) != 1) {
$error = “Bad Login”;
include “login.html”;
} else {
$_SESSION[‘username’] = “$username”;
include “memberspage.php”;
}
?>
looks like you have a fancy quote on your query, so it's not a proper string
“ vs "
You are using odd quotes: “ instead of the proper ".
Probably happened while copying code from a web site.
The only valid string-delimiting quotes in PHP (and most other programming languages) are ' and ".
I want to tell you create a separate file/page for database connection. Suppose your connection file name is db_connection.php. Where you want to check only db_connection.php page will include. It saves your codding.
db_connection.php
<?php
//Database Information
$dbhost = "localhost";
$dbname = "users";
$dbuser = "root";
$dbpass = "*****";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
session_start();
?>
Now in your login page you include db_connection.php
loginpage:
<?php
include_once('db_connection.php');
if(isset($_POST['submit']) //submit is form button name
{
$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);
$query = mysql_query(“select * FROM users where 'username'=$username and 'password'= $password ") ;
if (mysql_num_rows($result)>0) {
$_SESSION[‘username’] = “$username”;
header(location:memberspage.php);
} else {
$error = “Bad Login”;
header(location:memberspage.php);
}
?>