SELECT WHERE IN query using text string - mysql

I've had a bit of a look around, and tried a few things, but I can't seem to get this to work... Can anyone help?
$typeall = " ('House','Condo','Loft','Townhouse','Land')";
$rs = mysql_query("SELECT * FROM 'houses' WHERE and category IN " .$typeall);
does not work
but if I type
$rs = mysql_query("SELECT * FROM 'houses' WHERE and category IN ('House','Condo','Loft','Townhouse','Land')");
it works perfect, why?
Thanks.

Try this:
$typeall = "'House','Condo','Loft','Townhouse','Land'";
$rs = mysql_query("SELECT * FROM 'houses' WHERE and category IN (".$typeall.")");
may be variable $typeall is not working in brackets.

Don't quote table name, and drop extra and:
$typeall = " ('House','Condo','Loft','Townhouse','Land')";
$rs = mysql_query("SELECT * FROM houses WHERE category IN " .$typeall);

You should remove the and:
WHERE and category IN ...
Into:
WHERE category IN ...

Related

Fat free Framework Parameterized queries LIKE [duplicate]

I am running problems in implementing LIKE in PDO
I have this query:
$query = "SELECT * FROM tbl WHERE address LIKE '%?%' OR address LIKE '%?%'";
$params = array($var1, $var2);
$stmt = $handle->prepare($query);
$stmt->execute($params);
I checked the $var1 and $var2 they contain both the words I want to search, my PDO is working fine since some of my queries SELECT INSERT they work, it's just that I am not familiar in LIKE here in PDO.
The result is none returned. Do my $query is syntactically correct?
You have to include the % signs in the $params, not in the query:
$query = "SELECT * FROM tbl WHERE address LIKE ? OR address LIKE ?";
$params = array("%$var1%", "%$var2%");
$stmt = $handle->prepare($query);
$stmt->execute($params);
If you'd look at the generated query in your previous code, you'd see something like SELECT * FROM tbl WHERE address LIKE '%"foo"%' OR address LIKE '%"bar"%', because the prepared statement is quoting your values inside of an already quoted string.
Simply use the following:
$query = "SELECT * FROM tbl WHERE address LIKE CONCAT('%', :var1, '%')
OR address LIKE CONCAT('%', :var2, '%')";
$ar_val = array(':var1'=>$var1, ':var2'=>$var2);
if($sqlprep->execute($ar_val)) { ... }
No, you don't need to quote prepare placeholders. Also, include the % marks inside of your variables.
LIKE ?
And in the variable: %string%
$query = "SELECT * FROM tbl WHERE address LIKE ? OR address LIKE ?";
$params = array("%$var1%", "%$var2%");
$stmt = $handle->prepare($query);
$stmt->execute($params);
You can see below example
$title = 'PHP%';
$author = 'Bobi%';
// query
$sql = "SELECT * FROM books WHERE title like ? AND author like ? ";
$q = $conn->prepare($sql);
$q->execute(array($title,$author));
Hope it will work.

Using DISTINCT to filter duplicates?

I have the following query, and would like to list only the first match.
$first = $_GET['category'];
$first = $first[0] . "%";
$query = mysql_query("SELECT * FROM lyrics WHERE authorclean LIKE '".$first."'") or die(mysql_error());
(?category=b)
So DISTINCT could do this right? This is what I tried, but did not work:
$query = mysql_query("SELECT DISTINCT authorclean FROM lyrics WHERE authorclean LIKE '".$first."'") or die(mysql_error());
EDIT: Here is the full code:
function getCategory() {
$first = $_GET['category'];
$first = $first[0] . "%";
$query = mysql_query("SELECT DISTINCT authorclean FROM lyrics WHERE authorclean LIKE 'B%'") or die(mysql_error());
//$query = mysql_query("SELECT * FROM lyrics WHERE authorclean LIKE '".$first."'") or die(mysql_error());
if(mysql_num_rows($query) == 0) {
echo "Geen resultaten gevonden.";
} else {
while ($row = mysql_fetch_assoc($query)) { ?>
<p><?= $row['author']; ?></p>
<?php }
}
}
(B% is just for testing)
If I run this following query in the database directly I get two results. If I run with the code above I just get an empty page (except for the html thats already there).
SELECT DISTINCT authorclean FROM lyrics WHERE authorclean LIKE 'B%'
You should use LIMIT 1 to list only the first match.
If you have a a table "tbl_lyrics" with fields: author lyrics year and is filled for example as follows:
author_A lyrics_A year_A
author_A lyrics_A1 year_A1
author_A1 lyrics_A2 year_A
author_B lyrics_B1 year_B1
if you do
select distinct(author) from tbl_lyrics where author like '%author_A%'
you are going to get: author_A and author_A1. NOT the first one that matches.
If you want the first one that matches you can do:
select author from (select distinct(author) as author from tbl_lyrics where author like '%author_A%') where rownum <2;
this will return author_A only.
Limit is used with MySql but would not work with oracle databases

Can you have an OR in a WHERE statement inside a mysql query?

Is it possible to have an OR inside a WHERE statement in a mysql query as I have done below.
$query = mysql_query("SELECT * FROM fields WHERE post_id=$id OR post_id="" order by id desc") or die(mysql_error());
This produces a server error when run on my site. Any thoughts on how I could accomplish this?
Thanks in advance.
Yes you can have an OR. What is the type of post_id?
If post_id is a character type:
"SELECT * FROM fields WHERE post_id='$id' OR post_id='' order by id desc"
If it's an integer then it can't be equal to the empty string. Did you mean post_id IS NULL instead?
What is the error? It looks like you have not escaped the double quote in the query. It should be:
$query = mysql_query("SELECT * FROM fields WHERE post_id=$id OR post_id=\"\" order by id desc") or die(mysql_error());
what are the errors.. as such ur query is fine but u string problems with all these double quotes.. try something like this..
$query = mysql_query("SELECT * FROM fields
WHERE post_id = " . $id . " OR post_id='' order by id desc")
or die(mysql_error());

Mapping location in MySQL

I have two tables:
1) One is the location table that is kept from android phone consists of username, latitude, longitude, date, time.
2) Another one is table that I kept country, region, province, postal code, city, latitude, longitude.
I want to mapping location(lat,lng) of table 1) using table 2) before insert to db.
It's look simple but the problem is location of table 2) is just a stable point, otherwise the location of table 1) are points which traversal of each city.
So, the location of table 1) is not similar to location of table 2).
Any one have idea for this problem ? Any formula or technique ?
Appreciate your help.
edit: I tried this statement before insert statement
$city = mysql_query("SELECT p.city
FROM place AS p
ORDER BY ACOS(SIN(p.lng)*SIN('".$lng."')+COS(p.lng)*COS('".$lng."')*COS(p.lat-'".$lat."'))",$con);
but the result is Resource id #3 in the field, other fields also shown like this.
c
so somthing like:
SELECT regions.*
FROM users, regions
WHERE users.user_id = $user_id
ORDER BY
ACOS (
SIN(users.long) * SIN(regions.long) +
COS(users.long) * COS(regions.long) * COS(regions.lat - users.lat)
)
LIMIT 1
Added 2011-08-15
or in php like your exemple
$query = "SELECT city
FROM place
ORDER BY
ACOS(
SIN(lng) * SIN({$lng}) +
COS(lng) * COS({$lng}) * COS(lat - {$lat})
)";
$resource = mysql_query($query);
$result = mysql_fetch_assoc($resource);
$city = $result['city'];
Thank you for every help.
$qc = mysql_query("SELECT *
FROM place AS p
ORDER BY MIN(ACOS(SIN(p.lng)*SIN({$lng})+COS(p.lng)*COS({$lng})*COS(p.lat-{$lat})))", $con);
while ($row = mysql_fetch_assoc($qc)) {
$city = $row['city'];
$district = $row['district'];
$province = $row['province'];
$region = $row['region'];
$country = $row['country'];
mysql_query("INSERT INTO " . $username . "_logs_" . $type . "(username,date,
time,lat,lng,city,district,province,region,country,note,color)
VALUES('".$username."','".$date."','".$time."',
'".$lat."','".$lng."','".$city."','".$district."'
,'".$province."','".$region."','".$country."','unknown','unknown')", $con)
or die("Cannot Insert to Table");
mysql_close();
}
This is my final answer. I want to share for whoever weak in query like me :))

Mysql Like Syntax

Quick question: How do I mysqli_escape_string a variable enclosed in a like clause?
"SELECT * FROM table WHERE name LIKE '%". %s . "%'"
or
"SELECT * FROM table WHERE name like '%"."%s"."%'"
don't work.
Thanks!
$value = mysql_real_escape_string($_POST["terms"]);
$query = "SELECT * FROM table WHERE name LIKE '%".$value."%'";
Or you could acheive this with sprintf like this:
$query = sprintf("SELECT * FROM table WHERE name LIKE '%s'", "%".$value."%");