I am creating nodes pro-grammatically by fetching emails. Where I am splitting the subject of the mail for creating it for specific group & the title of the node.
Now I want to fetch the group_id by the description of the group and wrote query for it, but it's not working. Let me paste the code here..
list($group_name, $title_text) = explode(', ', $title);
$query = "SELECT * FROM {og} WHERE og_description = ' ".$group_name." ' ";
$group_details = db_query($query);
while ($group = db_fetch_object($group_details)) {
$gid = $group->nid;
}
echo $gid;
echo $gid is giving nothing. Though $group_name = 'Logo design' & gid = 1442 for it in table.
Is there anything I am missing here ?
Check out the following two pages , the examples give here does not use the single quotes around the placeholder in the query ($group_name - in your example) .
http://drupal.org/node/310072
One of the lines says "Note that placeholders should not be escaped or quoted regardless of their type" .
http://drupal.org/node/1407528
I have solved it. Here is the answer:-
$title = "ED's presentation, This content is for ed's presenation"; //This is the subject of the mail, which I am fetching.
list($group_name, $title_text) = explode(', ', $title);
$query = "SELECT nid FROM {og} WHERE og_description = '".$group_name."'";
$group_details = db_query($query);
while ($group = db_fetch_object($group_details)) {
{
$gid = $group->nid;
}
Thanks :)
Related
I am kind of new one for mysql and php. a week ago this code worked perfectly and when now I am trying it shows this error message
Error : You have an error in your SQL syntax; check the manual that
corresponds to your MariaDB server version for the right syntax to use
near 's product portfolio has diversified to encompass a highly
successful multi-brand' at line 1
I search how to solve that after spending a whole day, but couldn't figure it out.
I have tried similar questions here in stackoverflow, Yet I am stucked here.
A help would be really admired
Given below is my code
<?php
if(isset($_POST['upload']))
{ $company_name =$_POST['company_name'];
$service =$_POST['service'];
$email =$_POST['email'];
$password =$_POST['password'];
$details =$_POST['details'];
$fileName = $_FILES['Filename']['name'];
$fileName1 = $_FILES['Filename1']['name'];
$fileName2 = $_FILES['Filename2']['name'];
$fileName3 = $_FILES['Filename3']['name'];
$fileName4 = $_FILES['Filename4']['name'];
$target = "company_images/";
$fileTarget = $target.$fileName;
$fileTarget1 = $target.$fileName1;
$fileTarget2 = $target.$fileName2;
$fileTarget3 = $target.$fileName3;
$fileTarget4 = $target.$fileName4;
$tempFileName = $_FILES["Filename"]["tmp_name"];
$tempFileName1 = $_FILES["Filename1"]["tmp_name"];
$tempFileName2 = $_FILES["Filename2"]["tmp_name"];
$tempFileName3 = $_FILES["Filename3"]["tmp_name"];
$tempFileName4 = $_FILES["Filename4"]["tmp_name"];
$result = move_uploaded_file($tempFileName,$fileTarget);
$result1 = move_uploaded_file($tempFileName1,$fileTarget1);
$result2 = move_uploaded_file($tempFileName2,$fileTarget2);
$result3 = move_uploaded_file($tempFileName3,$fileTarget3);
$result4 = move_uploaded_file($tempFileName4,$fileTarget4);
$file = rand(1000,100000)."-".$_FILES['file']['name'];
$file_loc = $_FILES['file']['tmp_name'];
$file_size = $_FILES['file']['size'];
$file_type = $_FILES['file']['type'];
$folder="pdf_uploads/";
// new file size in KB
$new_size = $file_size/1024;
// new file size in KB
// make file name in lower case
$new_file_name = strtolower($file);
// make file name in lower case
$final_file=str_replace(' ','-',$new_file_name);//anthima
if(move_uploaded_file($file_loc,$folder.$final_file))
{
$query = "INSERT INTO company_details( company_name,service, email, password, details,image_path,file_name,image_path1,file_name1,image_path2,file_name2,image_path3,file_name3,file,type,size,image_path4,file_name4) VALUES ('$company_name','$service','$email','$password','$details','$fileTarget','$fileName','$fileTarget1','$fileName1','$fileTarget2','$fileName2','$fileTarget3','$fileName3','$final_file','$file_type','$new_size','$fileTarget4','$fileName4')";
$con->query($query) or die("Error : ".mysqli_error($con));
mysqli_close($con);
}
}
?>
<?php
Given below is the test data error
VALUES ('singer','Hardware','singer#gmail.com','singer','Singer has been in Sr' at line 1
Because you never sanitize anything and put the data straight into your query,
$company_name =$_POST['company_name'];
$service =$_POST['service'];
$email =$_POST['email'];
$password =$_POST['password'];
$details =$_POST['details'];
...
$query = "INSERT INTO
company_details( company_name,service, email, password, details,image_path,file_name,image_path1,file_name1,image_path2,file_name2,image_path3,file_name3,file,type,size,image_path4,file_name4)
VALUES (
'$company_name','$service','$email','$password','$details','$fileTarget','$fileName','$fileTarget1','$fileName1','$fileTarget2','$fileName2','$fileTarget3','$fileName3','$final_file','$file_type','$new_size','$fileTarget4','$fileName4'
)";
your problem is most likely in the data
's product portfolio has diversified to encompass a highly successful multi-brand
Maybe you have unscaped apostrophes in your data, so you're kinda SQL-injecting yourself. The query ends before the string shown in the error.
The solution is to escape special chars before inserting like in this question: How do I escape only single quotes?
In your case, start with the details
$details = addcslashes($_POST['details'], "'");
or
$details = addslashes($_POST['details']);
But keep adding test scenarios for your code. E.g. what happens if company name gets something like Mc'Donaldson? What is the set of chars you want to accept for each field? Then you will know how to validate those fields and create your functions (or reuse something)
For some reason the first two query's don't show anything. I made it so, that you press a submit button to post your input, and then have it controlled and added to the database. But it doesn't work.
$sql = "SELECT * FROM rubrieklink WHERE rekeningnummer = '".$_POST["rekeningnummer"]."'";
$resultrubrieken = $mysqli->query($sql);
$sql="INSERT INTO betalingen(
bedrijf
,rekeningnummer
,prijs
,rubriek)
VALUES('".$_POST["name"]."'
,'".$_POST["rekeningnummer"]."'
,".$_POST["prijs"]."
,'".$resultrubrieken["rubriek"]."')";
$result = $mysqli->query($sql);
$resultbetalingen = $mysqli->query("SELECT * FROM betalingen");
if ($resultbetalingen->num_rows > 0) {
echo "<center><table><tr><td>bedrijf</td><td>rekeningnummer</td><td>prijs</td><td>rubriek</td></tr>";
while($betalingen = $resultbetalingen->fetch_assoc()){
echo"<tr><td>".$betalingen['bedrijf']."</td><td>".$betalingen['rekeningnummer']."</td><td>".$betalingen['prijs']."</td><td>".$betalingen['rubriek']."</td></tr>";
}
echo"</table>";
}
is rekeningnummer an INTEGER or a string if so you must quote your strings same goes for the insert for example $_POST["name"] is not quoted
PS also why is the INSERT INTO doubled in your query?
I have a calendar (FullCalendar) where the user can filter down results based on a few params (Tutor Secondary Tutor, Lesson, Location). When the user makes a change to the query it hits the following code.
The issue I am having is the 'OR'. What I really want is an IF input is null then get all.
If User { Get all lessons where lead_tutor_id = 1 and secondary_tutors_id = 1 }
If User and Location { Get lessons where the user is as above, but have location_id = 3 }
etc, etc.
So, is there a way I can fall back to get ALL the results IF only one or two filters are set?
$current_events = Calendar::Where(function($query) use ($start_time, $end_time, $tutor, $location, $lesson)
{
$query->whereBetween('date_from', [$start_time, $end_time])->orderBy('date_from')
->whereRaw('lead_tutor_id = ?
OR secondary_tutors_id = ?
OR location_id = ?
OR lesson_id = ?',
[
$tutor, // Input get() for user
$tutor, // Input get() for user
$location, // Input get() for location
$lesson, // Input get() for lesson
]
);
})->with('lessons', 'leadtutor', 'secondarytutor')->get();
I've been playing with Query Scopes, but this seems to fail if passing a NULL value through to it.
Any help is very much appreciated. Thanks in advance.
You can build the query on forehand, store it in a variable and use it once its build.
$query = isset($var) ? $var : '';
$query .= isset($othervar) ? $othervar : '';
whereBetween(*)->orderBy(*)->whereRaw($query)
Only thing you need to keep in mind is to insert the 'OR's in the right place . So have like a check for wether it is the first thing to be inserted or not, if not then put 'OR' in front of it.
Hope that is enough info to help you.
After the advice from Saint Genius, I have got this working:
$built_query = [];
isset($lead_tutor) ? $built_query['lead_tutor'] = 'lead_tutor_id = ' . $lead_tutor . ' ' : null;
isset($secondary_tutor) ? $built_query['secondary_tutor'] = 'secondary_tutors_id = ' . $secondary_tutor . ' ' : null;
isset($location_id) ? $built_query['location'] = 'location_id = ' . $location_id : null;
isset($lesson_id) ? $built_query['lesson'] = 'lesson_id = ' . $lesson_id : null;
// Flatten the array so we can create a query and add the word ADD in between each element.
$built_query = implode(" AND ", $built_query);
// Run the query
$current_events = Calendar::whereBetween('date_from', [$start_time, $end_time])->orderBy('date_from')->whereRaw($built_query)->with('lessons', 'leadtutor', 'secondarytutor')->get();
I am developing a php script within the Joomla environment which queries the same table / database twice. Each time I need to know whether any matches are found.
It seemed that the best way would be to use the getNumRows(). The Joomla documentation is very specific on its use:
Miscellaneous Result Set Methods getNumRows()
getNumRows() will return the number of result rows found by the last
query and waiting to be read. To get a result from getNumRows() you
have to run it after the query and before you have retrieved any
results.
I follow this in my script. At the first query there is no problem, but the second query always throws up a warning - most likely because the getNumRows() call for the second time is after the retrieving results from the first query - which does not comply with the Joomla requirement.
Any ideas how to solve? Many thanks!
The part of my script in question reads:
$db = JFactory::getDBO();
$query = "SELECT * FROM #__art_mobiles WHERE user_agent_header='$ua'";
$db->setQuery($query);
$rowsAG = $db->getNumRows();
$replyAG = $db->loadRow();
if ($rowsAG == 0) {
//if no match check www.handsetdetection.com
//see https://www.handsetdetection.com/properties/vendormodel for current list of models in database together with headers
echo "not in local database - try external<br/>";
$prod = '';
if ($hd3->siteDetect()) {
$replyHD = $hd3->getReply();
$man = $replyHD['hd_specs']['general_vendor'];
$dev = $replyHD['hd_specs']['general_model'];
$os = $replyHD['hd_specs']['general_platform'];
echo "found in handsetdetection.com database<br/>";
//check for provisional match in local database
$query = "SELECT * FROM #__art_mobiles WHERE manufacturer='$man' AND device='$dev'";
$db->setQuery($query);
$rowsAGprov = $db->getNumRows();
$replyAGprov = $db->loadRow();
if ($rowsAGprov == 0) { **[ETC]**
I think this could be an issue with using $db->loadRow(); as getNumRows relies on an executed query.
For example you could try:
$db = JFactory::getDBO();
$query = "SELECT * FROM #__art_mobiles WHERE user_agent_header='$ua'";
$db->setQuery($query);
$replyAG = $db->query();
$rowsAG = $db->getNumRows();
And:
$query = "SELECT * FROM #__art_mobiles WHERE manufacturer='$man' AND device='$dev'";
$db->setQuery($query);
$replyAGprov = $db->query();
$rowsAGprov = $db->getNumRows();
Though I am not sure what/if the difference will be between the results returned from query and loadRow. It would be worth experimenting and seeing if this works.
Alternately, if you are only using getNumRows to see if a record exists, you could do some kind of check on your $replyAG variable instead. It again might be worth experimenting to see what loadRow returns if there are no results.
You need to add the following code before you write the the query:
$query = $db->getQuery(true);
You need to use
$db = JFactory::getDbo();
$query = $db->getQuery(true)
->select($db->qn(array('id')))
->from($db->qn('#__social_notifications'))
->where($db->qn('status') . ' = ' . $db->q(0));
$db->setQuery($query);
$db->execute();
$resultData = $db->getNumRows();
I have a large database containing part numbers for a filter company. Several of the products have similar years and model numbers. I have a php script that is searching a text keyword section for each part.
So for a 1997-1999 Honda Crf 250 090987 19.95 the keywords are:
1997 1998 1999 honda crf 250 090987
I got the code from a tutorial and it's written to search the keywords section for everything separated by a space. The problem is that a lot of the listings have honda or similar year spreads.
I need to figure out how to alter the php to narrow the results so if someone types "1997 honda", all of the hondas and '97s don't show up but only ones that are 1997 hondas.
I'm new to php and I've looked all around and can't figure it out. Any help will be thoroughly appreciated.
here's the php:
$keywords = $_GET['keywords'];
$terms = explode(" ", $keywords);
$query = "SELECT * FROM search WHERE ";
foreach ($terms as $each){
$i++;
if ($i == 1)
$query .= "keywords LIKE '%$each%' ";
else
$query .= "OR keywords LIKE '%$each%' ";
}
// connect
mysql_connect("localhost", "root", "root");
mysql_select_db("catalog");
$query = mysql_query($query);
$numrows = mysql_num_rows($query);
if ($numrows > 0){
while ($row = mysql_fetch_assoc($query)){
$id = $row['id'];
$year = $row['year'];
$manufacturer = $row['manufacturer'];
$product = $row['product'];
$partnumber = $row['partnumber'];
$price = $row['price'];
echo "<div id=\"results\">
<div class=\"words\">$year</div><div class=\"words\">$manufacturer</div><div class=\"words\">$product</div><div class=\"words\">$partnumber</div>$price<br /></div>";
}
}
else
echo "<div class=\"no_results\"><center>No results found for \"<b>$keywords</b>\"</center></div>";
// disconnect
mysql_close();
?>
Interesting problem.
I thought of 2 approaches:
(1) if you have control over the database structure, you could SELECT WHERE (make = 'Honda' AND Year IN (1997,1998,1999)) AND the "like" stuff you already have (without the make/year). But you would need to separate out the model years and make into separate fields.
(2) otherwise, if we can assume the input is always "year(s) make [other keywords], we could do what izuriel suggested while I was typing this, just "AND 'keywords = '1997' AND keywords = 'honda' AND (our existing list of "like" clauses)".
that way you'd get only 1997 Hondas that have any or all of the other keywords.
Use AND in the query instead of OR to enforce that all keywords must match, otherwise one keyword match will return a result always. Outside of that, you'll have to do some Relevance work in code which might slow down the application.
I recommend you to use one symbol percentage at the end of the word and you and instead of or and you limit in your query if the database is large