How can I update a table in the data base where the SET clause from MySQL query depends on variables? It can be one $var, two, or many more.
Here is my ex. code:
$name = 'comp_name = "'.$nume.'",';
$large = 'logolarge = "'.$linklogolarge.'",';
$small = 'logosmall = "'.$linklogosmall.'",';
...............................
$sql = 'UPDATE company
SET
'.$name.'
'.$large.'
'.$small.'
WHERE id_comp = 43 ';
The problem is that the normal syntax of the UPDATE query is that after SET .......between values needs a comma " , "
ex.
UPDATE table
SET
col1 = x ,
col2 = y ,
col3 = z
WHERE id = 4
and at the end before WHERE doesn't needs one ..... ( ex. after " z ")
So how can I make the sql query to accept different combination of those $var ...( only '.$name.' or '.$name.' and '.$large.' or only last two '.$large.' and '.$small.' .... etc)
basically any combination between those 3 var ...and maybe combining more than 3 var.
$name = "comp_name = '$nume'";
$large = "logolarge = '$linklogolarge'";
$small = "logosmall = '$linklogosmall'";
$sql = "UPDATE company SET " . $name;
if( ! is_null( $linklogolarge ) ) $sql = $sql . ", " . $large;
if( ! is_null( $linklogosmall ) ) $sql = $sql . ", " . $small;
$where = " WHERE id_comp = 43"; /* change this if required*/
$sql = $sql . $where;
echo $sql;
Related
$query_sub = "SELECT * FROM `product_mappings` LEFT JOIN `product_list` ON `product_mappings`.ID_PRODUCT =`product_list`.ID WHERE ID_USER='" . $row{'ID'} . "'";
$result_sub = mysql_query($query_sub);
if ($result_sub && mysql_num_rows($result_sub) > 0)
{
$data_products = array();
while ($row_sub = mysql_fetch_array($result_sub))
{
$data_sub = array();
$data_sub["ID"] = $row_sub{'ID'};
$data_sub["product"] = $row_sub{'PRODUCT'};
$query_sub_unactive = "SELECT * FROM `product_list` WHERE ID != '" . $row_sub{'ID'} . "' ";
$result_sub_unactive = mysql_query($query_sub_unactive);
if ($result_sub_unactive && mysql_num_rows($result_sub_unactive) > 0)
{
$data_products_unactive = array();
while ($row_sub_unactive = mysql_fetch_array($result_sub_unactive))
{
$data_sub_unactive = array();
$data_sub_unactive["ID"] = $row_sub_unactive{'ID'};
$data_sub_unactive["productss"] = $row_sub_unactive{'PRODUCT'};
array_push($data_products_unactive, $data_sub_unactive);
}
$data_current["productsUnactive"] = $data_products_unactive;
}
array_push($data_products, $data_sub);
}
$data_current["products"] = $data_products;
Hi guys ! This is query where I should select only products that are not already in main query. I am checking if ID is the same as you can see. For example I load 4 products (of 15) with main query and unactive should load 11 of items in this case.. but loads 14 items.. so it "removes" just one product from list. Any clue?
Thanks !
SELECT * FROM `product_list` WHERE ID != '" . $row_sub{'ID'} . "' ";
This query is checking 1 ID at a time and is always going to return the other 14 rows. What you need is a "NOT IN" query like this:
SELECT * FROM `product_list` WHERE ID NOT IN ("id1","id2","id3","id4");
I'm building a simple search algorithm and I want to break my string with spaces, and search my database on it, like so:
$search = "Sony TV with FullHD support";
$search = explode( ' ', $search );
SELECT name FROM Products WHERE name LIKE %$search[1]% AND name LIKE %$search[2]% LIMIT 6
Is this possible?
Yes, you can use SQL IN operator to search multiple absolute values:
SELECT name FROM products WHERE name IN ( 'Value1', 'Value2', ... );
If you want to use LIKE you will need to use OR instead:
SELECT name FROM products WHERE name LIKE '%Value1' OR name LIKE '%Value2';
Using AND (as you tried) requires ALL conditions to be true, using OR requires at least one to be true.
Try this
Using UNION
$sql = '';
$count = 0;
foreach($search as $text)
{
if($count > 0)
$sql = $sql."UNION Select name From myTable WHERE Name LIKE '%$text%'";
else
$sql = $sql."Select name From myTable WHERE Name LIKE '%$text%'";
$count++;
}
Using WHERE IN
$comma_separated = "('" . implode("','", $search) . "')"; // ('1','2','3')
$sql = "Select name From myTable WHERE name IN ".$comma_separated ;
This will works perfectly in both cases, one or multiple fields searching multiple words.
Hope this will help someone. Thanks
declare #searchTrm varchar(MAX)='one two three four';
--select value from STRING_SPLIT(#searchTrm, ' ') where trim(value)<>''
select * from Bols
WHERE EXISTS (SELECT value
FROM STRING_SPLIT(#searchTrm, ' ')
WHERE
trim(value)<>''
and(
BolNumber like '%'+ value+'%'
or UserComment like '%'+ value+'%'
or RequesterId like '%'+ value+'%' )
)
This has been partially answered here:
MySQL Like multiple values
I advise against
$search = explode( ' ', $search );
and input them directly into the SQL query as this makes prone to SQL inject via the search bar. You will have to escape the characters first in case they try something funny like: "--; DROP TABLE name;
$search = str_replace('"', "''", search );
But even that is not completely safe. You must try to use SQL prepared statements to be safer. Using the regular expression is much easier to build a function to prepare and create what you want.
function makeSQL_search_pattern($search) {
search_pattern = false;
//escape the special regex chars
$search = str_replace('"', "''", $search);
$search = str_replace('^', "\\^", $search);
$search = str_replace('$', "\\$", $search);
$search = str_replace('.', "\\.", $search);
$search = str_replace('[', "\\[", $search);
$search = str_replace(']', "\\]", $search);
$search = str_replace('|', "\\|", $search);
$search = str_replace('*', "\\*", $search);
$search = str_replace('+', "\\+", $search);
$search = str_replace('{', "\\{", $search);
$search = str_replace('}', "\\}", $search);
$search = explode(" ", $search);
for ($i = 0; $i < count($search); $i++) {
if ($i > 0 && $i < count($search) ) {
$search_pattern .= "|";
}
$search_pattern .= $search[$i];
}
return search_pattern;
}
$search_pattern = makeSQL_search_pattern($search);
$sql_query = "SELECT name FROM Products WHERE name REGEXP :search LIMIT 6"
$stmt = pdo->prepare($sql_query);
$stmt->bindParam(":search", $search_pattern, PDO::PARAM_STR);
$stmt->execute();
I have not tested this code, but this is what I would do in your case.
I hope this helps.
You can try and execute below query:
SELECT name FROM Products WHERE REGEXP '.*Value1|.*Value2';
Pls note that there should not be a space before or after the pipe symbol
(|).
I know this is long time ago, but I have a solution. It can solved like this:
#intial query
query = 'SELECT var1, var2 FROM dbo.db_name WHERE'
if status :
query = query + " AND status='" + status + "'"
if type :
query = query + " AND Type='" + type + "'"
if number :
query = query + " AND Number='" + number + "'"
if cancel_request:
query = query + " AND CancelRequest='" + cancel_request + "'"
query = query + ' ORDER BY transid DESC'
cur.execute(query)
Here is my double-minded query:
$Quest = "SELECT * FROM TOAWorkorders";
$FindTechResult = mysql_query($Quest, $cxn)
or die ('The easter bunny is watching you' . mysql_error());
while ($row = mysql_fetch_array($FindTechResult))
{
if (strpos($BBT, 0, 3) != 'Sys')
{
$IdNum = $row['IdNum'];
$BBT = $row['BBT'];
$BBTArray = explode("-", $BBT);
$TechNum = $BBTArray["0"];
$Title = $BBTArray["2"];
$Name = explode(" ", $BBTArray['1']);
$FirstName = $Name["0"];
$LastName = $Name["1"];
}
echo $TechNum . ' !! ' . $FirstName . ' !! ' . $LastName . ' !! ' . $Title . '<br>';
$Quest = "UPDATE TOAWorkorders SET TechNum = '$TechNum', FirstName = '$FirstName', LastName = '$LastName', Title = '$Title' WHERE IdNum = '$IdNum'";
$result = mysql_query($Quest, $cxn) or die(mysql_error());
}
Everything works for about 2/3s of the database. That leaves 33,000 rows that are not updated. I cannot find any difference between the data that works and the data that doesn't.
Since you're doing an UPDATE, and you say the rest of the code works (meaning, I hope, that you get 109,112 echo'ed results), it must be that the ID isn't being found (WHERE IdNum = '$IdNum').
Try preceding that command with "SELECT COUNT(*) from TOAWorkorders WHERE IdNum = '$IdNum'" and see if you get 33,000 zeros when the program runs. If you do, then you have missing IdNum values in your table.
If you don't, please provide details and I'll let you know.
Please help me to structure mysql query
I have 2 tables, #_udjacomment AND #_content
currently I have query:
$query = "SELECT udja.id";
if( $include_author == 1 ) $query .= ", udja.full_name";
if( $include_date == 1 ) $query .= ", udja.time_added";
if( $include_comment == 1 ) $query .= ", if(CHAR_LENGTH(udja.content) > ".$content_number_of_characters.", SUBSTR(udja.content, 1, ".$content_number_of_characters."), udja.content) AS content";
if( $include_link_to_comment == 1 ){
$query .= ", CASE WHEN LOCATE('com_content:', udja.comment_url) > 0
THEN CONCAT(SUBSTRING_INDEX(udja.comment_url,':',-1),'-', com_content.alias, '.html')
ELSE udja.comment_url END AS comment_url";
}
$query .= " FROM #__udjacomments AS udja, #__content AS com_content WHERE udja.is_published = 1 AND com_content.id = SUBSTRING_INDEX(udja.comment_url,':',-1) AND com_content.checked_out = 0 ORDER by udja.id DESC limit ".$number_of_comments;
But I am not getting the proper results. If I stop trying to access from the table #__content AS com_content, then I get the results for #__udjacomment AS udja correct
So, I guess I am asking how can indicate and include the constrain that I want the field com_content.alias WHERE com_content.id = SUBSTRING_INDEX(udja.comment_url,':',-1)
In some cases, udja.comment_url will have this format com_content:22, com_content:19
and in other instances, udja.comment_url will have a string like word-word-another-word
this is why I have the more extensive statement inside the conditional if($include_link_to_comment == 1)
UPDATE: THE FINAL QUERY LOOKED LIKE THIS (I IMPLEMENTED WHAT RESPONDER SUGGESTED AND CHANGED THE CASE STATEMENT AND THE WHERE STATEMENT)
$query = "SELECT udja.id";
if( $include_author == 1 ) $query .= ", udja.full_name";
if( $include_date == 1 ) $query .= ", udja.time_added";
if( $include_comment == 1 ) $query .= ", if(CHAR_LENGTH(udja.content) > ".$content_number_of_characters.", SUBSTR(udja.content, 1, ".$content_number_of_characters."), udja.content) AS content";
if( $include_link_to_comment == 1 ){
$query .= ", CASE
WHEN LOCATE('com_content:', udja.comment_url)<>0
THEN CONCAT(SUBSTRING_INDEX(udja.comment_url,':',-1),'-', com_content.alias, '.html')
ELSE udja.comment_url
END AS comment_url";
}
// THEN CONCAT(SUBSTRING_INDEX(udja.comment_url,':',-1),'-', com_content.alias, '.html')
$query .= " FROM #__udjacomments AS udja
LEFT JOIN #__content AS com_content
ON com_content.id = SUBSTRING_INDEX(udja.comment_url,':',-1)
WHERE udja.is_published = 1 ORDER by udja.id DESC limit ".$number_of_comments;
You need to use an outer join:
...
FROM #__udjacomments AS udja
LEFT JOIN #__content AS com_content
on com_content.id = SUBSTRING_INDEX(udja.comment_url,':',-1)
WHERE ...
So I have following as part of my query
SELECT * FROM $table WHERE columname LIKE '%$searchterm%'
I have tried taking out leading and/or ending wildcards meaning
SELECT * FROM $table WHERE columname LIKE '$searchterm%'
AND
SELECT * FROM $table WHERE columname LIKE '%$searchterm'
AND
SELECT * FROM $table WHERE columname LIKE '%$searchterm%' OR columname LIKE '$searchterm'
and also tried adding following to the query with no luck
OR columname = '$searchterm'
So when my search term is "myval" and if column has whole string "myval", I would like to have that selected. But ALL of my queries above, return false/return nothing where myval is searchterm and column value as full.
I can not use MATCH because this is not Full-Text index.
EDIT:
PHP Code:
$sterm = NULL;
$table = 'mytable';
if(isset($_GET['s'])) { $sterm = explode(" ", mysql_real_escape_string($_GET['s'])); }
if(isset($_POST['s'])) { $sterm = explode(" ", mysql_real_escape_string($_POST['s'])); }
if(!empty($sterm)){
$getdata = "SELECT * FROM $table WHERE termsi != 'Special' ";
foreach ($sterm as $value){
$getdata .= "AND netid_all LIKE '%$value%' OR netid_all = '$value' ";
} //End foreach
$getdata .= "LIMIT 10";
$result = mysql_query($getdata) or die(mysql_error());
$row = mysql_fetch_array($result, MYSQL_ASSOC);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
echo <<<PRINTALL
{$row[0]}, {$row[1]}, {$row[2]}, {$row[3]}, {$row[4]}, {$row[5]}, {$row[6]}, {$row[7]}, ' <br />'
PRINTALL;
} //End While
} //End If search exists
Okay So As you guys suggested, i tried PHPMyAdmin sql console and it works fine, so it would have to be by PHP!? so here it is.
I'd suggest writing your query building like this:
$fullvalues = array();
$partials = array();
foreach ($sterm as $value){
$partials[] = "(netid_all LIKE '%" . mysql_real_escape_string($value) . "%')";
$fullvalues[] = "'" . mysql_real_escape_string($value) . "'";
}
$partials = implode(' OR ', $partials);
$fullvalues = implode(', ', $fullvalues);
$sql = <<<EOL
SELECT *
FROM $table
WHERE (termsi != 'Special')
AND (($partials) OR (netid_all IN ($fullvalues));
EOL;
Assuming your search string is a b c, you'd get this query:
SELECT *
FROM yourtable
WHERE (termsi != 'Special')
AND (((netid_all LIKE '%a%') OR (netid_all LIKE '%b%') OR (netid_all LIKE '%C%')) OR (netid_all IN ('a', 'b', 'c')))
If your search requires that all terms be present, then change the 'OR' to 'AND' in the implode.
Well found it,
$row = mysql_fetch_array($result, MYSQL_ASSOC);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
Was the problem, earlier when I was testing things, anyhow, it should have been the following
$row = mysql_fetch_array($result, MYSQL_ASSOC);
while($row)