So I have a list of optional clothing items as checkboxes, there may be a greater number than the 5 below.
shoes, pants, skirt, socks, jacket //list of possible choices
A comma separated array is created in jquery of the chosen item. Let's say the following are chosen:
shoes, socks, jacket //array posted as $_POST['clothes']
In the db, each customer has these options in the clothes table with 'yes' or 'no' under the clothing items. However, the clothing item are named a bit differently but map out to the same options:
'clothes' table before insert
customer_id dress_shoes elegant_pants long_skirt ankle_socks biker_jacket
1 no yes no no no
With the $_POST['clothes'], I'm trying to loop through the array, updating the corresponding fields to 'yes', and the non corresponding fields to 'no' in the db. I have a hard time doing that.
'clothes' table after insert
customer_id dress_shoes elegant_pants long_skirt ankle_socks biker_jacket
1 yes no no yes yes
I did an array_intersect to get the items to mark as 'yes':
$clothesArray = array("shoes", "socks", "jacket"); // Posted clothes
$clothesArrayAll = array("shoes", "pants", "skirt", "socks", "jacket"); // All clothes
$common = array_intersect($clothesArrayAll,$clothesArray);
print_r($common);
Array ( [0] => shoes [3] => socks [4] => jacket )
I'm trying to somehow loop through the $clothesArrayAll, give a 'yes' to common clothes, and a 'no' to all others in the array. Then, I'm trying to update the 'clothes' table via PDO, setting each corresponding field to a 'yes' or 'no' in the most efficient way. I'm stuck after getting the common clothes array above and not sure how to proceed.
Can someone help me please?
Thank you!
I think you are on the right track. I would just add one additional array that contains the mappings of your fields, e.g.
$mappingArray = array('shoes' => 'dress_shoes', 'socks' => 'ankle_socks', ...);
With this array and the previous you can loop through and set your SQL accordingly based on the value of the $common field with the key in the $mappingArray
Edit with example (probably not the most optimized):
$finalArray = array();
foreach ($mappingArray as $key => $value) {
$finalArray[$value] = in_array($key, $common) ? 'yes' : 'no';
}
$finalArray will now have an yes/no statement for each value that matches your db table.
Edit to include PDO: I would actually update the above loop as follows:
$finalArray = array();
$sql = "INSERT INTO cloths (" . implode(",", array_values($mappingArray)) . ") VALUES (:" . implode(",:", array_values($mappingArray)) . ")";;
foreach ($mappingArray as $key => $value) {
$finalArray[":" . $value] = in_array($key, $common) ? 'yes' : 'no';
}
$q = $conn->prepare($sql);
$q->execute($finalArray);
Going on the fly with this one, so something like that...
Why not change your HTML field names to match your database names, set a default of 'no' in the atabase then...
$cols='INSERT INTO clothes ';
$values=' VALUES ';
$join='(';
foreach ($_POST as $key=>$val) {
$cols.=$join . $key;
$values=$join . ':' . $key;
$join=',';
}
$qry=$cols . ')' . $values . ')';
$stmt = $dbh->prepare($qry);
foreach ($_POST as $key=>$val) {
$stmt->bindParam(':' . $key, $_POST[$key]);
}
But you might want to check the posted names are valid column names - you can get the column names and types from the table using
DESC clothes;
Related
I have a table structure with META_ID | KEY | VALUE | USER_ID where META_ID is auto-increment. Now in my php logic
1 get the result key-value pairs per user
2 delete the key value row per user
3 update or insert the key value pair for a already known USER_ID
4 insert key value pair for a new user
But the META_ID keeps growing, so i was wondering if i could just delete the META_ID column?
Case logic
An registered user or returning registered user can update their form over time if they haven't submit it yet. So overtime an user can select and deselect certain form options and update, insert or delete is triggered.
Now the logic behind "returning user deselects a key (and the row needs to be deleted)" gives me a problem. That's why i just delete all users key-value pairs. But what would be the right way?
So if the key-value exists in the db table but not in $params i need to delete it!
btw here's my function
function user_shopping_meta_data($params) {
global $wpdb;
$shopping_meta_table = 'wp_shopping_metavalues';
$wp_user_id = $params['wp_user_id'];
//1 CHECK IF USER HAS KEY VALUE PAIRS
$checkKeyValues = $wpdb->get_results("SELECT meta_shopping_key FROM $shopping_meta_table WHERE wp_user_id = '$wp_user_id'");
//2 WE DELETE
$qdel = $wpdb->delete($shopping_meta_table, array('wp_user_id' => $wp_user_id));
//3 UPDATE OR INSERT
foreach ($params as $key => $val) {
//variables
if (is_array($val)) {
$val = json_encode($val);
}
$shopping_meta_values = array(
'wp_user_id' => $wp_user_id,
'meta_shopping_key' => $key,
'meta_shopping_value' => $val
);
if (count($checkKeyValues) > 0) {//3 USER IS KNOWN SO UPDATE and/or INSERT new key-value
foreach ($checkKeyValues as $check) {
//UPDATE OR INSERT
if (($key != "wp_user_id")) {
//FOR UPDATE where
$shopping_meta_where = array('meta_shopping_key' => $key, 'wp_user_id' => $wp_user_id);
$result = $wpdb->get_results("SELECT * FROM $shopping_meta_table WHERE meta_shopping_key = '" . $key . "' AND wp_user_id = '$wp_user_id'");
if (count($result) > 0) {//KEY ALREADY EXISTS FOR USER
$return .= $wpdb->update($shopping_meta_table, array('meta_shopping_key' => $key, 'meta_shopping_value' => $val), $shopping_meta_where) . '<br/>';
//$return .= 'UDPATE<br/>';
} else {//KEY IS NEW
$return .= $wpdb->insert($shopping_meta_table, $shopping_meta_values) . '<br/>';
// $return .= 'INSERT for old';
}
}//.end $key
}//.end foreach checkKeyValue
}//.end count
else {//4 INSERT KEY VALUE PAIR FOR NEW USER
if (($key != "wp_user_id")) {
$return .= $wpdb->insert($shopping_meta_table, $shopping_meta_values) . '<br/>';
// $return .= 'INSERT NEW';
}
}
}//.end each
echo 'Test return: ' . $return;
}
You won't gain much by deleting it. You might think that you save some space, but in fact you don't. An auto_increment column is always also (part of) the primary key. If you delete it, MySQL will create an "implicit" primary key, which is not visible but necessary for MySQL to identify rows. Also you will lose some comfort like not being able to use LAST_INSERT_ID().
You can very well delete it. It is just a unique ID. If you can distinguish different rows without the META_ID or you do not need to distinguish rows, then META_ID is redundant.
If i can give you a suggest is better to leave that field as a history.
If you need to want to know what is the last action done for that user you can order by META_ID.
Is usefull to have a primary key in a table. But this is just a suggest
I suggest you have a primary key that you are sure of that it is unique. It is a good idea to use a auto-increment column for this because you will always be sure that it is unique.
I'm trying to find a way to retrieve every combination of values from two columns in a table, where each combination matches a value in a third column.
Say part of the table looks like this:
products_id options_id options_values_id
1487 2 1
1487 2 61
1487 3 60
1487 5 52
My desired output, when working with products_id 1487, would be the following two strings:
2-1, 3-60, 5-52
2-61, 3-60, 5-52
I've got the impression that those strings would need to be assembled recursively, but I ran into trouble trying it that way because not every products_id has the same options_ids, or the same number of them.
Edited to add: I've tried variations of a couple of the solutions below, but to no avail. I think I should have been more descriptive.
I'm trying to have it retrieve every combination of unique options_id and its corresponding options_values_id. (In other words, not every single possible combination of numbers from those two columns.) Options_id represents product options like "color" and "size," and options_values_id represents choices of those options, like "red" or "small." So I'm trying to come up with every possible combination of options for a given products_id. In the example above, there are two possible option combinations for that item-- "2-1, 3-60, 5-52" and "2-61, 3-60, 5-52".
Join the table against itself for each distinct option.
Do a select first to retrieve the number of options.
$tables = array();
$rs = mysql_query(
'SELECT DISTINCT options_id FROM table WHERE products_id = '.$id);
while ($row = mysql_fetch_row($rs)) {
$tables[$row['options_id']] =
'SELECT options_values_id FROM table WHERE products_id = '.$id.
' AND options_id = '.$row['options_id'];
}
mysql_free_result($rs);
Then, for each option, join it in as a separate table in your query. Do not include any joining clauses comparing values, just join every record against every other record.
$sql = 'SELECT ';
$count = 0;
foreach ($tables AS $id => $query) {
if ($count++) $sql .= ', ;
$sql .= 'table_'.$id.'.options_values_id AS value_'.$id;
}
$sql .= ' FROM ';
$count = 0;
foreach ($tables AS $id => $query) {
if ($count++) $sql .= ', ';
$sql .= '('.$query.') AS table_'.$id;
}
Finally, execute that query. Each row will contain one column per options_id. There will be one row per unique combination of values.
or for a mixed, php/sql approach, try using that SQL query:
SELECT products_id, options_id, options_values_id WHERE products_id = '$var_with_product_id';
fetch the results into an array, say $results:
$pairs = array();
foreach($results as $result) {
// build array with pairs (array_push to avoid overwriting)
array_push($pairs, array( $result['options_id'] => $result['options_values_id'];
}
// a bit extra complication, as array_push adds e.g. [0] => array( options_id => options_values_id ) :)
$pairs = array_values($pairs);
// check for double options_id
$found_double_options_id = false;
do {
// check for duplicates... use a lot of array functions
} while (count($pairs) && $found_double_options_id);
"Every combination" is the Cartesian product:
SELECT DISTINCT e1.options_id, e2.options_values_id
FROM Entity e1, Entity e2
WHERE e1.products_id = 1487 AND e2.products_id=1487
I've been trying to look for a solution where you can fetch database with one prepared statement and execute it with an array value
Typically I do this with my statement:
$search = $db->prepare("SELECT * FROM table WHERE name = ?");
$search->execute(array($name));
But what if i have an array like so:
Array (
[0] => Array
(
[name] => Burger Joint
)
[1] => Array
(
[name] => Burger Joint
)
[2] => Array
(
[name] => Burgers
)
[3] => Array
(
[name] => Meats
)
)
I'd like to somehow go through my database with either of the values in the array WHERE name=? in the statement. However, sometimes there's going to be multiple similar names, is there a way to condense the array before hand or what would be the best practice in a situation like this?
Thanks!
You can do this in a number of ways, but since you mentioned OR, let's use that:
First, your array of possible values. Let's take your array and mold it into an array of unique values:
$values_array = array_unique(
array_map(
function($element) {
return $element['name'];
},
$original_array
)
);
// $values_array now contains array('Burger Joint', 'Burgers', 'Meats')
Now, we build the prepared query by introducing as many placeholders as you have possible values:
$query = sprintf('SELECT * FROM table WHERE %s',
implode(
' OR ',
array_fill(
'name = ?',
count($values_array)
)
)
);
// $query now contains 'SELECT * FROM table WHERE name = ? OR name = ? OR name = ?'
and execute it:
$search = $db->prepare($query);
$search->execute($values_array);
Alternatively, you could use IN instead, building your query like so:
$query = sprintf('SELECT * FROM table WHERE name in (%s)',
implode(
', ',
array_fill(
'?',
count($values_array)
)
)
);
// $query now contains 'SELECT * FROM table WHERE name in (?, ?, ?)'
$search = $db->prepare($query);
$search->execute($values_array);
This will have the same effect, and it's slightly more clear what's going on by looking at the code.
Try name IN instead of name = .
First, you need IN. field IN (1,2) is equal to field=1 OR field=2.
Next, you need some sort of helper function, to put all that mess of technical details of creating correct SQL statements away from application business code. To make it in ONE line, not 50.
$data = $db->getAll("SELECT * FROM table WHERE name IN (?a)",$names);
Finally, it seems you're getting your names from another query.
In this case you have to run only single query using JOIN. You may ask another question under [mysql] tag providing both your queries.
To get only names into array you have to use another helper function (though you have to create it yourself or get somewhere first):
$names = $db->getCol("here goes your query to get names");
If I have a table named book
Column 1 = current_user
, Column 2 = page_length
, Column 3 = author
, Column 4 = title
I'd like to select the data from columns 2, 3 and 4 that correspond to the currently logged in user. Is the following correct syntax?
<?
global $user;
$user_id=$user->name;
db_query('SELECT * FROM {book} WHERE current_user=$user_id', $page_length, $author, $title); ?>
Some tips:
You need to make sure to use quotation marks around the string that is the SQL statement.
Since the username is a user-supplied string, you should use parameter escaping to prevent SQL injections.
You don't really need to assign the user name to a separate variable ($user_id) to use it.
You need to retrieve your result from the return value of db_query.
Fixed code:
<?php
global $user;
$res = db_query("SELECT page_length, author, title FROM {book} WHERE current_user = '%s'", $user->name);
$row = db_fetch_array($res);
// now $row['page_length'], $row['author'] and $row['title'] are filled in with values if the query was successful
?>
I am having an issue with inserting an array of information into a mysql database. Basically I built a sortable gallery similar to Facebook's photo albums that can be arranged by moving the div to a new spot with jquery's sortable function.
I am using Ajax to call a php file which will inser the new order of the div's into the DB. The information is being passed correctly, it is just not being inserted correctly.
The error I am receiving is:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Array' at line 1
The Php code is:
foreach ($_GET['listItem'] as $position => $item) {
if ($item >= 1) {
$sql[] = "UPDATE table SET order = '{$position}' WHERE id = '{$item}'";
mysql_query($sql) or die(mysql_error());
}
}
If I remove the mysql_query function and just do a print_r, I get:
Array
(
[0] => UPDATE table SET order = '0' WHERE id = '2'
[1] => UPDATE table SET order = '1' WHERE id = '4'
[2] => UPDATE table SET order = '2' WHERE id = '3'
[3] => UPDATE table SET order = '3' WHERE id = '1'
[4] => UPDATE table SET order = '4' WHERE id = '5'
[5] => UPDATE table SET order = '5' WHERE id = '6'
)
This is the first time I have tried to do something like this. Any help would be great.
Thank you in advance for the help!
In mysql_query($sql) $sql is an array, therefore it's value is simply Array. When you assign $sql[] = "UPDATE table SET order = '{$position}' WHERE id = '{$item}'"; simply make this line $sql = "UPDATE table SET order = '{$position}' WHERE id = '{$item}'";. That should solve your problem.
EDIT:
You can leave the [] and simply remove the mysql_query from where it is. After your foreach list item, add this:
foreach($sql as $query) {
mysql_query($query);
}
Sounds like there is some confusion about what the [] operator does. You use [] when you want to append an element to the end of an existing array.
For example:
$sql = array();
$sql[] = 'UPDATE table SET order = "0" WHERE id = "2"';
mysql_query($sql); // this will produce the error you are seeing
Versus:
$sql = 'UPDATE table SET order = "0" WHERE id = "2"';
mysql_query($sql); // this will work
You should rewrite your code as such:
foreach ($_GET['listItem'] as $position => $item) {
if ($item >= 1) {
$sql = "UPDATE table SET order = '{$position}' WHERE id = '{$item}'";
mysql_query($sql) or die(mysql_error());
}
}
That will do what you are intending. However, this is still not a good idea, since you are passing untrusted $_GET data directly to the database. I could, for example, call your script with a string like:
http://yoursite.com/yourscript.php?listItem=1'%3B%20DROP%20TABLE%20yourtable%3B
Since the value of listItem is going directly to the database -- and the $item >= 1 check is insufficient, since PHP will evaluate a string as an integer if it begins with numeric data -- all I have to do is add a single quote to terminate the previous query, and I am then free to inject whatever SQL command I'd like; this is a basic SQL injection attack. Whenever you write database-touching code, you should cleanse any input that might be going to the database. A final version of your code might look like:
foreach ($_GET['listItem'] as $position => $item) {
if ($item >= 1) { // this check may or may not be needed depending on its purpose
$sql = 'UPDATE table SET order = "' . mysql_real_escape_string($position) . '" WHERE id = "' . mysql_real_escape_string($item) . '"';
mysql_query($sql) or die(mysql_error());
}
}
There are other ways to cleanse input data as well, that is just one of them. Hope that helps.