We Keep Coding

Create query on laravel CONCAT and md5

How to convert my query to laravel? My $ID is md5
$ID = "aa8c96cf79a656e7ef095871ec061888";
$sql = "SELECT * FROM orders WHERE md5(CONCAT(`id`,`email`)) = '{$ID}' || md5(CONCAT(`code`,`email`)) = '{$ID}' ";
$order = DB::table('orders')->select(
??
);
Thanks

try something like this:
$order = DB::table('orders')->whereraw('md5(CONCAT(`id`,`email`)) = ? || md5(CONCAT(`code`,`email`)) = ?',[$ID,$ID] );
see here for more details:
https://laravel.com/docs/5.8/queries#raw-expressions

SELECT * FROM WHERE Query isn't retrieving any results

I'm using a SELECT * FROM "" WHERE "" = "" query and I'm not sure what I'm doing wrong with it. I'm trying to select an item based on its PO which is a completely unique identifier to one row in the table. Here's my process in doing so:
$jobnumber = $_GET['jref'];
$query = "SELECT * FROM `po_10152796` WHERE `po` = " .$jobnumber;
$results = mysqli_query($conn,$query) or die(mysqli_error($conn));
$rowitem = mysqli_fetch_array($results);
$jobname = $rowitem['Job Name'];
$phone = $rowitem['phone'];
Things i know are correct:
The "jobnumber" is retrieved correctly and matches up with an element in the table
The table is named "po_10152796" and there is a column named "po"

Forgot to post this, redid the code with prepared statements and it works, not sure what exactly I changed but here it is anyhow:
$jobnumber = $_GET['jref'];
$stmt = $conn->prepare( "SELECT `Job Name`, `Address`, `phone`, `description`, `materials` FROM po_10152796 WHERE po = ?");
$stmt->bind_param("i", $jobnumber);
if($stmt->execute()){
$stmt->bind_result($jobname, $address, $phone, $description, $materials);
$stmt->fetch();
}

try this line for the query
$query = "SELECT * FROM `po_10152796` WHERE `po` = '" .$jobnumber. "' ";

SQL - SELECT with WHERE statement return false despite present field in table

I am very confused about this (returning false):
$sql = "SELECT * from tbl_user WHERE group = 'abc'";
$res = mysql_query($sql);
if(mysql_num_rows($res) > 0) {
$response = array('status' => '1');
} else {
$response = array('status' => '0'); // ---> what I get back
die("Query failed");
}
...despite the fact the field group is present in mySQL database. Even more strange is that the following return the value of group:
$SQL = "SELECT * FROM tbl_user";
$result = mysql_query($SQL);
while ($db_field = mysql_fetch_assoc($result)) {
print $db_field['group']; // ---> returns 'abc'
When I execute a WHERE clause with every other fields of my table excepting group (for example WHERE name = 'ex1' AND ID=1 AND isAllowed=0 (and so on...), everything is fine. As soon as I insert group = 'abc', I get nothing...
This makes me mad. If anyone could help... (I am running a local server with MAMP).
Thanks a lot!

The issue is that group is a reserved word in SQL.
For MySql you need to escape it with backticks
`group`
So your query would be
$sql = "SELECT * from tbl_user WHERE `group` = 'abc'";

ZF2 sanitize variables for DB queries

In making database queries in Zend Framework 2, how should I be sanitizing user submitted values? For example, $id in the following SQL
$this->tableGateway->adapter->query(
"UPDATE comments SET spam_votes = spam_votes + 1 WHERE comment_id = '$id'",
\Zend\Db\Adapter\Adapter::QUERY_MODE_EXECUTE
);

You can pass parameters when you execute..
$statement = $this->getAdapter()->query("Select * from test WHERE id = ?");
$result = $statement->execute(array(99));
$resultSet = new ResultSet;
$resultSet->initialize($result);
You can also pass them directly to the query method
$statement = $this->getAdapter()->query(
"Select * from test WHERE id = ?",
array(99)
);
$result = $statement->execute();
$resultSet = new ResultSet;
$resultSet->initialize($result);
Both will produce the query "Select * from test WHERE id = '99'"
If you want to use named parameters:
$statement = $this->getAdapter()->query("Select * from test WHERE id = :id");
$result = $statement->execute(array(
':id' => 99
));
$resultSet = new ResultSet;
$resultSet->initialize($result);
If you want to quote your table/field names etc:
$tablename = $adapter->platform->quoteIdentifier('tablename');
$statement = $this->getAdapter()->query("Select * from {$tablename} WHERE id = :id");
$result = $statement->execute(array(
':id' => 99
));

Check whether value exist in database

What's the best way to check whether the value is in the database?
Am I doing it correct?
$result = mysql_query("SELECT COUNT(*) FROM table WHERE name = 'John'");
$count = count($result);

you could use straight forward ,
mysql_num_rows() ;
eg :
$con = mysql_connect($host,$uname,$passwd)
mysql_select_db($dbase,$con);
$result = mysql_query($query,$con);// query : SELECT * FROM table WHERE name='jhon';
if( ! mysql_num_rows($result)) {
echo " Sorry no such value ";
}

Yes you are doing it right, if you are only concerned with checking if there are any records where name='john'
SELECT COUNT(*) FROM table WHERE name = 'John'
will return the no. of records where name field is 'John'. if there are no records then it will return 0, and if there are any records it will return the number of records.
But the above query will miss the entries where name is 'John Abraham' or 'V john', to include even these
you can modify your query like this.
SELECT COUNT(*) FROM table WHERE name like '%John%'

I'd say yes.
$result = mysql_query("SELECT COUNT(*) AS 'nb' FROM table WHERE name = 'John'");
$line = mysql_fetch_array($result, MYSQL_ASSOC);
$count = $line['nb'];
Will give you the number of matching rows.

$result = mysql_query("SELECT COUNT(*) as user FROM table WHERE name = 'John'");
$line = mysql_fetch_array($result, MYSQL_ASSOC);
$count = $line['user'];
if($count!=0)
{
echo "user exists";
}
else
{
echo "There is no such user";
}