My problem is the next, im having troubles with some names. My application is getting out from database all the names of a team and then i put them in a link (A href) to pass by GET the player name and then charge the stadistics. The code is the next:
$sele_t5 = "SELECT * FROM PLAYERS WHERE nom_team='$team' ORDER BY totalpoints DESC LIMIT 5;";
$sele_t5 = mysql_query( $sele_t5, $link );
while( $row = mysql_fetch_assoc( $sele_t5 ) )
{
echo "<TR>";
echo "<TD ALIGN='CENTER'><A HREF='?player={$row['nombre']}'>".$row['nombre']."</A></TD>";
}
well this is working perfect with all the players except with names with apostrophe, for example:
Jo. O'Brien when i press the link (which show me the full name correct) i got Jo. O in adress bar, is like the apostrophe is cutting the action. Happens the same when i send some name with apostrophe by post, so i would appreciate any solve for this problem.
thanks and best regards,
Change
echo "<TD ALIGN='CENTER'><A HREF='?player={$row['nombre']}'>"
to
echo "<TD ALIGN='CENTER'><A HREF='?player=" . urlencode($row['nombre']) . "'>"
However, you should really read about MySQL-Injections and Cross-Site-Scripting or you will run into big security issues.
Related
I have a API result that contains multiple photo's in a set / list / childs (I do not know the right term), the result looks like this.
"photos":[{"small":"https:\/\/pararius-office-prod.global.ssl.fastly.net\/10379\/files\/photos\/api-little\/52016521.1667319824-357.jpeg?fit=crop&width=100&height=100",
"big":"https:\/\/pararius-office-prod.global.ssl.fastly.net\/10379\/files\/photos\/api-export\/52016521.1667319824-357.jpeg?width=600",
"huge":"https:\/\/pararius-office-prod.global.ssl.fastly.net\/10379\/files\/photos\/api-huge\/52016521.1667319824-357.jpeg?width=1000&fit=bounds",
"middle":"https:\/\/pararius-office-prod.global.ssl.fastly.net\/10379\/files\/photos\/api-middle\/52016521.1667319824-357.jpeg?width=1000&fit=bounds",
"category":"photo"}]
I want to shot the big photo but I don't know how.
The rest is working fine.
I tried to load it with '. $property->city . ' but that does not work.
I assume you need to get the 'big' photo from "photos".
I start by copying your photo data into $results.
echo '<pre>';
$results = '"photos":[{"small":"https:\/\/pararius-office-prod.global.ssl.fastly.net\/10379\/files\/photos\/api-little\/52016521.1667319824-357.jpeg?fit=crop&width=100&height=100",
"big":"https:\/\/pararius-office-prod.global.ssl.fastly.net\/10379\/files\/photos\/api-export\/52016521.1667319824-357.jpeg?width=600",
"huge":"https:\/\/pararius-office-prod.global.ssl.fastly.net\/10379\/files\/photos\/api-huge\/52016521.1667319824-357.jpeg?width=1000&fit=bounds",
"middle":"https:\/\/pararius-office-prod.global.ssl.fastly.net\/10379\/files\/photos\/api-middle\/52016521.1667319824-357.jpeg?width=1000&fit=bounds",
"category":"photo"}]';
echo "$results\n\n";
I then get a substring from the 10th character, removing photos:[
Remove the slashes.
And trim the trailing ].
We now have valid JSON.
$results = stripslashes(trim(substr($results,10),']'));
echo "$results\n\n";
To confirm the JSON is now valid I convert it to an array.
$results = json_decode($results,1);
var_export($results);
I then get the 'big' photo src.
$src = $results['big'];
echo "\n\nsrc = $src\n\n";
echo '</pre>';
Then show the photo:
echo "<img src=\"$src\" />";
The Result:
I have a HTML table with a redcross at the end of every row. I need this image to ask the user to confirm deleting the booking which is on that line and then remove it from the SQL database.
This is the code that is used for creating the HTML table:
while($row = sqlite_fetch_array($resultrooms))
{
echo "<tr>";
echo "<td>" . $row['BookingID'] . "</td>";
echo "<td>" . $row['Date'] . "</td>";
echo "<td>" . $row['Period'] . "</td>";
echo "<td>" . $row['RoomID'] . "</td>";
echo "<td><img src='/Tutorials/sandbox/myfiles/Pictures/redcross.png' alt='Cancel?' height='42' width='42' onclick='del()'></td>";
echo "</tr>";
}
For example : The user clicks the redcross on row 2. I need to figure out a way to select the data on line two, place it into a confirm popup that says :
"Are you sure you want to cancel your booking on Date , Room, Period"
and then remove it from a SQL database.
Any suggestions? Or just even any ideas on how to select data from that specific HTML row.
Use the BookingID as class for the tr. Now you can track a click (with javascript) on the img and get the class from your table row which is the ID. With the ID (which I suppose is unique) you can easily delete your data from the SQL Table.
I have this problem regarding Drupal 7 Mysql queries especially on LEFT JOIN.
I found this solution but I can't seem it apply it on my problem since I'm not aware how the syntax goes.
https://drupal.stackexchange.com/questions/4317/how-do-i-write-a-left-join-query
This is the solution that I found on the link above.
$terms = db_select('taxonomy_index', 'ti')
->fields('ti', array('tid', 'name'))
->leftJoin('taxonomy_term_data', 'ttd', 'ti.tid = ttd.tid')
->condition('vid', 2)
->condition('nid', $nid)
->execute();
foreach ($terms as $term) {
// $term contains the object for the taxonomy term.
}
Yet I'm having a problem on how do I apply it to my query.
Here is my LEFT JOIN query on mysql.
$query = "SELECT sweep_table.end_offer, sweep_table.title, embed.fbp_id, embed.sweep_stat
FROM sweep_table, embed
WHERE sweep_table.uid=embed.uid AND sweep_table.promo_id=embed.sweep_id";
I already did the first few lines but the rest, I don't know how.
$terms = db_select('sweep_table', 'embed')
->fields('sweep_table', array('end_offer', 'title'))
->fields('embed', array('fbp_id', 'sweep_stat'))
->leftJoin('taxonomy_term_data', 'ttd', 'ti.tid = ttd.tid') //Don't know how to apply to my query.
->condition('vid', 2)
->condition('nid', $nid)
->execute();
foreach ($terms as $term) {
}
Also, was wondering how do I retrieve the data after I successfully LEFT JOIN it?
Would be glad if you help me guys.
Wouldn't have thought that this would work though. Thanks to rekire for the hint.
$query = "SELECT sweep_table.end_offer, sweep_table.title, embed.fbp_id, embed.sweep_stat FROM sweep_table, embed WHERE sweep_table.uid=embed.uid AND sweep_table.promo_id=embed.sweep_id";
$result = db_query($query);
foreach ($result as $row) {
echo $row->end_offer . " " . $row->title . " " . $row->fbp_id . " " . $row->sweep_stat . "<br>";
}
I have a large database containing part numbers for a filter company. Several of the products have similar years and model numbers. I have a php script that is searching a text keyword section for each part.
So for a 1997-1999 Honda Crf 250 090987 19.95 the keywords are:
1997 1998 1999 honda crf 250 090987
I got the code from a tutorial and it's written to search the keywords section for everything separated by a space. The problem is that a lot of the listings have honda or similar year spreads.
I need to figure out how to alter the php to narrow the results so if someone types "1997 honda", all of the hondas and '97s don't show up but only ones that are 1997 hondas.
I'm new to php and I've looked all around and can't figure it out. Any help will be thoroughly appreciated.
here's the php:
$keywords = $_GET['keywords'];
$terms = explode(" ", $keywords);
$query = "SELECT * FROM search WHERE ";
foreach ($terms as $each){
$i++;
if ($i == 1)
$query .= "keywords LIKE '%$each%' ";
else
$query .= "OR keywords LIKE '%$each%' ";
}
// connect
mysql_connect("localhost", "root", "root");
mysql_select_db("catalog");
$query = mysql_query($query);
$numrows = mysql_num_rows($query);
if ($numrows > 0){
while ($row = mysql_fetch_assoc($query)){
$id = $row['id'];
$year = $row['year'];
$manufacturer = $row['manufacturer'];
$product = $row['product'];
$partnumber = $row['partnumber'];
$price = $row['price'];
echo "<div id=\"results\">
<div class=\"words\">$year</div><div class=\"words\">$manufacturer</div><div class=\"words\">$product</div><div class=\"words\">$partnumber</div>$price<br /></div>";
}
}
else
echo "<div class=\"no_results\"><center>No results found for \"<b>$keywords</b>\"</center></div>";
// disconnect
mysql_close();
?>
Interesting problem.
I thought of 2 approaches:
(1) if you have control over the database structure, you could SELECT WHERE (make = 'Honda' AND Year IN (1997,1998,1999)) AND the "like" stuff you already have (without the make/year). But you would need to separate out the model years and make into separate fields.
(2) otherwise, if we can assume the input is always "year(s) make [other keywords], we could do what izuriel suggested while I was typing this, just "AND 'keywords = '1997' AND keywords = 'honda' AND (our existing list of "like" clauses)".
that way you'd get only 1997 Hondas that have any or all of the other keywords.
Use AND in the query instead of OR to enforce that all keywords must match, otherwise one keyword match will return a result always. Outside of that, you'll have to do some Relevance work in code which might slow down the application.
I recommend you to use one symbol percentage at the end of the word and you and instead of or and you limit in your query if the database is large
I've spent a considerable amount of time trying to track this one down. I've used a boxed autocomplete on my site (http://www.devbridge.com/projects/autocomplete/jquery/). As you type the word, it sends it as a GET variable to a page for processing where it is searched for in a mySQL database. The page looks like this:
$get = $_GET['query'];
$query = "SELECT title,author,id,isbn10,isbn13 FROM textbook
WHERE title LIKE '" . $get . "%'
OR author LIKE '" . $get . "%'
LIMIT 5
";
$result = mysql_query($query,$connection);
$resString = "";
$idString = "";
while($data = mysql_fetch_array($result)){
$resString .= "'" . title($data['title']) . " by " . $data['author'] . "',";
$idString .= "'" . $data['id'] . "',";
}
$resString = rtrim($resString, ',');
$idString = rtrim($idString, ',');
$code = "{\n";
$code .= "query:'" . $get . "',\n";
$code .= "suggestions:[" . $resString . "],\n";
$code .= "data:[" . $idString . "]\n";
$code .= "}";
echo $code;
This outputs a basic JSON dataset that is read and shot back as a result. The problem is that it has been REALLY slow. the "LIMIT 5" helped a ton to speed it up some. However, still running slow after the initial result set shows. I may type in "hum" and it will come back with a quick result set, but any letters/words after that take 4-6 seconds to show. The database is 300K records roughly. Attached is a picture of my database structure page:
database http://semesterkey.com/images/data.jpg
Im just trying to figure out how to speed things up. I think it might be my database structure, it could be how Im querying? I just have no idea. Thanks in advance for your help!
There is only solution is that use Indexing on column which you want to show in autocomplete in your Database, hope this will help you
Yes, the answer to your problem is an index on the (author, title) group of columns. It will grow the amount of space used by the DB and will decrease the performance on INSERT, UPDATE, DELETE in that table, but it will increase the interrogation performance.
make index on author and title may help you to improve the performance.
Syntax help for those who don't grasp which above answer
ALTER TABLEYour_table_nameADD INDEX (column_title) ;