I got a Array like this....
Array ( [register] => Array ( [0] => Array ( [firstname] => Marc [surname] => hamster [company] => 12345678 [position] => !\"§$%&/(hamste$r ) [1] => Array ( [country] => [zip] => [city] => [street] => ) [2] => Array ( [homepage] => [phone] => [mobile] => ) [3] => Array ( [email] => [password1] => [password2] => ) ) )
I put these in a Database like this:
// build query...
$sql = "INSERT INTO table";
// implode keys of $array...
$sql .= " (`".implode("`, `", array_keys($array))."`)";
// implode values of $array...
$sql .= " VALUES ('".implode("', '", $array)."') ";
// execute query...
$result = mysql_query($sql) or die(mysql_error());
But before i want to replace special Characters like this....to avoid SQL inject
$text= preg_replace("/[^a-zA-Z0-9\-öäüÖÄÜ# ]/","",$text);
Is there a simple and smart way to do it ?
I think you will need to loop through the array first* - for example:
foreach ( $columns as $value){
$value = preg_replace etc...;
}
Then run the query.
*before you build the query I guess.
Related
I could use some help with storing an array. The process defined below is working and saving a record! It saves the record defined in the [0] column. If a zero is there, it saves record one, if a 1 is there it saves record two etc.
Now I need to automate this so it will do that for EACH RECORD as it iterates through. Perhaps a second foreach statement to tie them together? Or a for loop with an integer variable? I have tried many combos and it is still not working.
//0 = feeobject row[]: to keyfield=>val
//Array ([0] => 0)
foreach($AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0] as $key=>$data ) {
$PaymentID = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['PaymentID'];
$ClientID = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['ClientID'];
$ClientName = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['ClientName'];
$Account_ID = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['Account_ID'];
$State = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['State'];
$PaymentDate = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['PaymentDate'];
$Amount = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['Amount'];
$CheckID = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['CheckID'];
$CreditorName = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['CreditorName'];
$DRC_ClientID = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['DRC_ClientID'];
$DRC_TransactionID = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'][0]['DRC_TransactionID'];
$sql = "INSERT INTO tblAgencyFees (PaymentID, ClientID, ClientName, Account_ID, State, PaymentDate, Amount, CheckID, CreditorName, DRC_ClientID, DRC_TransactionID) VALUES ('".$PaymentID."', '".$ClientID."', '".$ClientName."', '".$Account_ID."', '".$State."', '".$PaymentDate."', '".$Amount."', '".$CheckID."', '".$CreditorName."', '".$DRC_ClientID."', '".$DRC_TransactionID."')";
mysqli_query($connection, $sql);
}
//}
//}
echo $sql;
$res = mysqli_query($connection, $sql);
If( !$res ) exit( mysqli_error($connection) );
The array:
Array (
[AgencyFeesGetInfoResult] => Array (
[FeeObject] => Array (
[0] => Array (
[PaymentID] => 816
[ClientID] => 1141
[ClientName] => Ortega, Daniel
[Account_ID] => 2222100000010717
[State] => OK
[PaymentDate] => 2019-07-31T00:00:00
[Amount] => 8.0000
[CheckID] => 10
[CreditorName] => 0
[DRC_ClientID] => 1195
[DRC_TransactionID] =>
)
[1] => Array (
[PaymentID] => 817
[ClientID] => 1141
[ClientName] => Ortega, Daniel
[Account_ID] => 2222100000010717
[State] => OK
[PaymentDate] => 2019-07-31T00:00:00
[Amount] => 92.0000
[CheckID] => 11
[CreditorName] => MF
[DRC_ClientID] => 1195
[DRC_TransactionID] =>
)
[2] => Array (
[PaymentID] => 847
[ClientID] => 1141
[ClientName] => Ortega, Daniel
[Account_ID] => 2222100000010717
[State] => OK
[PaymentDate] => 2019-08-14T13:21:49.23
[Amount] => 195.0000
[CheckID] => 13
[CreditorName] => MF
[DRC_ClientID] => 1195
[DRC_TransactionID] =>
)
)
)
)
You can do a simple loop over your data and do multiple inserts.
$arrFeeObjects = $AgencyFeesBasicArray['AgencyFeesGetInfoResult']['FeeObject'];
if(count($arrFeeObjects) > 0)
{
foreach($arrFeeObjects as $intKey => $data)
{
$sql = "INSERT INTO tblAgencyFees (PaymentID, ClientID, ClientName, Account_ID, State, PaymentDate, Amount, CheckID, CreditorName, DRC_ClientID, DRC_TransactionID)
VALUES ('". $data['PaymentID'] ."', '". $data['ClientID'] ."', '". $data['ClientName'] ."', '". $data['Account_ID'] ."', '". $data['State'] ."', '". $data['PaymentDate'] ."', '". $data['Amount'] ."', '". $data['CheckID'] ."', '". $data['CreditorName'] ."', '". $data['DRC_ClientID'] ."', '". $data['DRC_TransactionID'] ."')";
mysqli_query($connection, $sql);
}
}
My code is like this :
My array of city (echo '<pre>';print_r($city);echo '</pre>';die();) :
Array
(
[0] => Array
(
[CityCode] => 14879
[CityName] => Soldeu
)
[1] => Array
(
[CityCode] => 14881
[CityName] => Ari'nsal
)
[2] => Array
(
[CityCode] => 14882
[CityName] => El Tarter
)
[3] => Array
(
[CityCode] => 14883
[CityName] => Grau Roig
)
[4] => Array
(
[CityCode] => 175198
[CityName] => Llorts
)
)
In city code : 14881, city name : Ari'nsal
It's single quote in string.
I try code like this :
$date = date('Y-m-d H:i:s');
$sql = "INSERT INTO hotel_search_city (nation_code, city_code, city_name, created_at, updated_at) values ";
$valuesArr = array();
foreach($city as $row){
$nation_code = $value->nation_code;
$city_code = $row['CityCode'];
$city_name = mysqli_real_escape_string($row['CityName']);
$created_at = $date;
$updated_at = $date;
$valuesArr[] = "('$nation_code', '$city_code', '$city_name', '$created_at', '$updated_at')";
}
$sql .= implode(',', $valuesArr);
$query = $sql;
$this->db->query($query);
There exist error like this : Message: mysqli_real_escape_string() expects exactly 2 parameters, 1 given....
Any solution to solve my problem?
Thank you very much
$date = date('Y-m-d H:i:s');
$sql = "INSERT INTO hotel_search_city (nation_code, city_code, city_name, created_at, updated_at) values (?, ?, ?, ?, ?)";
foreach ($city as $row) {
$nation_code = $value->nation_code;
$city_code = $row['CityCode'];
$city_name = $row['CityName'];
$created_at = $date;
$updated_at = $date;
$fields = array($nation_code, $city_code, $city_name, $created_at, $updated_at);
$this->db->query($query, $fields);
}
or
$date = date('Y-m-d H:i:s');
foreach ($city as $row) {
$fields = array(
'nation_code' => $value->nation_code,
'city_code' => $row['CityCode'],
'city_name' => $row['CityName'],
'created_at' = $date,
'updated_at' = $date
);
$this->db->insert('hotel_search_city', $fields);
}
how do i add the new attribute to a json object i have stored in a mysql table column? now i have json_encode data stored like:
"1":{"lastname":"blah","firstname":"R.A.","function":"Manager","email":"test#hotmail.com","barcode":"33432799181"}
and i like to add a new data pair, visted:0 which i want to update as soon as a person has been visited.
"1":{"lastname":"blah","firstname":"R.A.","function":"Manager","email":"test#hotmail.com","barcode":"33432799181", "visited":"0"}
How do i push an element to the existing json data?
$jsondataTmp = json_decode($core,true);
$custom = array('visited'=>'0');
$jsondataTmp[] = $custom;
but it adds an array and not within each
[1] => Array
(
[lastname] => blah
[firstname] => R.A.
[function] => Manager
[email] => test#hotmail.com
[barcode] => 33432799181
)
[2] => Array
(
[lastname] => blah
[firstname] => R.A.
[function] => Manager
[email] => test#hotmail.com
[barcode] => 33432799181
)
[3] => Array
(
[visited] => 0
)
and not
[2] => Array
(
[lastname] => blah
[firstname] => R.A.
[function] => Manager
[email] => test#hotmail.com
[barcode] => 33432799181
[visited] => 0
)
MySQL doesnot have native support for JSON - MySQL still is pure RDBMS system.
One easy hack for the time being can be using a REPLACE function.
UPDATE table_name
SET column_name = REPLACE ( column_name, "}", ',"visited":"0"}';
I am trying to run two model functions from one view. The first query appears to be working fine.
The second query returns a blank array. I noticed when printing the query to the screen that the queries appear to be joining together and are not separate, like this:
JDatabaseQueryMySQL Object ( [db:protected] => JDatabaseMySQL Object ( [name] => mysql [nameQuote:protected] => ` [nullDate:protected] => 0000-00-00 00:00:00 [dbMinimum:protected] => 5.0.4 [_database:JDatabase:private] => Curling_Schedule [connection:protected] => Resource id #19 [count:protected] => 0 [cursor:protected] => Resource id #72 [debug:protected] => [limit:protected] => 0 [log:protected] => Array ( ) [offset:protected] => 0 [sql:protected] => SELECT team_name, division FROM #_autoschedTeams ORDER BY division [tablePrefix:protected] => encex [utf:protected] => 1 [errorNum:protected] => 0 [errorMsg:protected] => [hasQuoted:protected] => [quoted:protected] => Array ( ) ) [type:protected] => select [element:protected] => [select:protected] => JDatabaseQueryElement Object ( [name:protected] => SELECT [elements:protected] => Array ( [0] => sheet, id ) [glue:protected] => , ) [delete:protected] => [update:protected] => [insert:protected] => [from:protected] => JDatabaseQueryElement Object ( [name:protected] => FROM [elements:protected] => Array ( [0] => #__autoschedPlayingSheets ) [glue:protected] => , ) [join:protected] => [set:protected] => [where:protected] => [group:protected] => [having:protected] => [columns:protected] => [values:protected] => [order:protected] => JDatabaseQueryElement Object ( [name:protected] => ORDER BY [elements:protected] => Array ( [0] => sheet ) [glue:protected] => , ) [union:protected] => [autoIncrementField:protected] => )
Model:
public function getTeams()
{
// Create a new query object.
$db = JFactory::getDBO();
$query = $db->getQuery(true);
// Select some fields
$query->select('team_name, division');
// From the hello table
$query->from('#__autoschedTeams');
$query->order('division');
$db->setQuery((string)$query);
$teams = $db->loadResultArray();
$div = $db->loadResultArray(1);
$divs = array_unique($div);
$result = [];
foreach($divs as $key)
{
$result[$key] = [];
foreach(array_keys($div, $key) as $index)
{
array_push($result[$key], $teams[$index]);
}
}
return $result;
}
public function getSheets()
{
// Create a new query object.
$db = JFactory::getDBO();
print_r($query);
$query = $db->getQuery(true);
// Select some fields
$query->select('sheet, id');
// From the hello table
$query->from('#__autoschedPlayingSheets');
$query->order('sheet');
//print_r($query);
$db->setQuery($query);
$result = $db->loadResultArray();
return $result;
}
}
relevant code from View:
$teams_sched = $this->get('Teams');
$sheets_sched = $this->get('Sheets');
Change the name of the variable and check with it.
If you are not getting the result again, then print the query echo $query; and check with it.
public function getSheets()
{
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$query->select('sheet, id');
$query->from('#__autoschedPlayingSheets');
$query->order('sheet');
$db->setQuery($query);
$Sheets = $db->loadResultArray();
print_r($Sheets);
return $Sheets;
}
I did the Facebook Registration Plugin like in the official Facebook tutorial and with this code there it shows the total Array on screen:
if ($_REQUEST) {
echo '<p>signed_request contents:</p>';
$response = parse_signed_request($_REQUEST['signed_request'],
FACEBOOK_SECRET);
echo '<pre>';
print_r($response);
echo '</pre>';
} else {
echo '$_REQUEST is empty';
}
this brings me the following array:
signed_request contents:
Array
(
[algorithm] => HMAC-SHA256
[expires] => 1324xxxx400
[issued_at] => 132446xxx80
[oauth_token] => AAADRjT73VhwBALl6Gb3EVarvyGU7xxxxxxxxxxxxxxxxxxxSAUuoZAGlydkX2pH3
[registration] => Array
(
[name] => Philipp Mail
[email] => p.mail#xxxxde
[location] => Array
(
[name] => Munich, Germany
[id] => 1.1604xxxxxx286E+14
)
[birthday] => xx/xx/19x7
)
[registration_metadata] => Array
(
[fields] => [{'name':'name'}, {'name':'email'}, {'name':'location'}, {'name':'birthday'}]
)
[user] => Array
(
[country] => de
[locale] => de_DE
)
[user_id] => 10xxxxxxx5426
)
Now I changed it for storing several data to mysql:
if ($_REQUEST) {
echo '<p>signed_request contents:</p>';
$response = parse_signed_request($_REQUEST['signed_request'],
FACEBOOK_SECRET);
$name_arr = explode(' ',$name,2);
$vname = $name_arr[0];
$zname = isset($name_arr[1])?$name_arr[1]:'';
$email = $response["registration"]["email"];
$ort = $response["registration"]["location"]["name"];
$anrede = $response["registration"]["gender"];
$geburtstag = $response["registration"]["birthday"];
// Connecting to database
mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());
mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());
// Inserting into users table
$result = mysql_query("INSERT INTO REKRU_mem (mem_id, vname, zname, ort, email, userpass, chili, regdatum, geburtstag, fbuid)
VALUES
(NULL, '$vname', '$zname', '$ort', '$email', MD5('".$gesamtpass."'),'$chili', '0000-00-00 00:00:00', '$geburtstag', '$user_fbid')");
if($result){
// GOT RESULTS
}
else
{
// Error in storing
}
}
else
{
echo '$_REQUEST is empty';
}
When I look in mysql after a registration there is a new line but it saves only the actual registration time. Can anyone of U see what is my mistake?
do not use this code in a plublic Area! You can make a SQL-Injection (could also be the problem why you cannot insert).
Try this instead of the mysql_query:
$vname = mysql_real_escape_string($vname);
$zname = mysql_real_escape_string($zname);
$ort = mysql_real_escape_string($ort);
$email = mysql_real_escape_string($email);
$gesamtpass = mysql_real_escape_string($gesamtpass);
$chili = mysql_real_escape_string($chili);
$geburtstag = mysql_real_escape_string($geburtstag);
$user_fbid = mysql_real_escape_string($user_fbid);
$result = mysql_query("INSERT INTO REKRU_mem (mem_id, vname, zname, ort, email, userpass, chili, regdatum, geburtstag, fbuid)
VALUES (NULL, '".$vname."', '".$zname."', '".$ort."', '".$email."', MD5('".$gesamtpass."'),'".$chili."', '0000-00-00 00:00:00', '".$geburtstag."', '".$user_fbid."')");