Getting sum in PHP MySQL - mysqli

I want to get sum of integers that are selected from mysql
Here is my code
<?php
Include 'init.php';
$page = '2459';
$ttl = array();
$search = $db->link->query("SELECT id,packid,rating FROM pakrate WHERE packid LIKE '%$q%'");
if($search->num_rows>0){
while($result=$search->fetch_assoc()){
$ttl[] = $row['rating'];
echo $ttl;
echo $result[SUM('rating')];
}
}
else {
echo "no such query";
}
So what I am doing wrong here, any other suggestions?

Just run the sum in your query
<?php
Include 'init.php';
$page = '2459';
$ttl = array();
// Not sure why you're doing this but there should only be one leading connection ($conn->query) unless you're doing some object item elsewhere in init.
// I would also use prepared statements since they're more secure:
$q = "%$q%"; // create your like variable, wherever $q is coming from??
$query = "SELECT sum(rating) from pakrate WHERE packid LIKE ?);
$stmt = $db->prepare($query); // assuming $db is your connection variable
if($stmt){
$stmt->bind_param("s",$q); // Bind the variable in
$stmt->execute(); // Execute
$stmt->bind_result($rating); // Bind the result variable
$stmt->store_result(); // Store it so you can get num_rows
$rows = $stmt->num_rows; // assign rows found
if($rows > 0){
while($stmt->fetch()){ // Loop the result
$ttl[] = $rating; // add to your array
// You can't echo an array like this.... echo $ttl;
// if you really want to, print_r($ttl);
}
}
$stmt->close(); // Close it
}
?>

Related

Returning an array using PDO

I'm trying to use PDO using the following code, I want to select the array of values for the context_list, but it returns one record, any ideas where I'm going wrong?
try {
$sql2 = "SELECT area_easting, area_northing, context_number FROM excavation.contexts";
$sth = $conn->prepare($sql2);
$sth->execute();
while ($row = $sth->fetch(PDO::FETCH_ASSOC))
{
$easting_list = $row['area_easting'];
$northing_list = $row['area_northing'];
$context_list = $row['context_number'];
}
}
catch(PDOException $e )
{
echo "Error: ".$e;
}
echo "context list: ";
echo $context_list;
A partial solution:
This worked:
$query = $conn->prepare("SELECT area_easting, area_northing, context_number FROM excavation.contexts");
$query->execute();
while($r = $query->fetch(PDO::FETCH_OBJ)){
echo $r->area_easting, '|';
echo $r->area_northing;
echo '<br/>';
}
But Now I need to make the $r->area_easting accessible to the session, but that's another question.
Your query may return several records (provided they actually exist in the table).
Your code loops through all the records (with the while loop) but the values ($easting_list, $northing_list and $context_list) are overwritten in the loop.
I suggest the following changes to your code:
$easting_list = array();
$northing_list = array();
$context_list = array();
try {
$sql2 = "SELECT area_easting, area_northing, context_number FROM excavation.contexts";
$sth = $conn->prepare($sql2);
$sth->execute();
while ($row = $sth->fetch(PDO::FETCH_ASSOC))
{
$easting_list[] = $row['area_easting'];
$northing_list[] = $row['area_northing'];
$context_list[] = $row['context_number'];
}
}
catch(PDOException $e )
{
echo "Error: ".$e;
}
echo "context list: ";
echo implode(', ', $context_list);
Now all the values are stored in 3 arrays. explode is used to print a comma-separated list of all values in $context_list array.

How to store MySQLi bind_result value for further processing?

In the below code,I can echo $count in bind_result by using while loop(commented in the code). But instead I want to keep that value in the $count variable for further processing instead of just printing the value. How do I hold the value for $count?
/*......mysqli connection...*/
$stmt =$mysqli->prepare("select count(*) from tab where rtd_id=? ");
$stmt->bind_param('i',$id);
$id = 1;
$stmt->execute();
$stmt->bind_result($count);
/*while($stmt->fetch())
{
echo $count;
}*/
if($count>0)
{
//DO SOMETHING
}
?>
First of all, you don't need a loop here.
$stmt->bind_result($count);
$stmt->fetch();
if($count>0)
{
//DO SOMETHING
}

Prepare content does not work for Sourcerer and DirectPHP

In my Joomla website, I need to execute some custom SQL queries, that have to select different titles from related categories.
Problem I have it works like option Prepare Content is turned off, so all of my content is outside HTML tags.
Module content looks like this:
{source}
<?php
$var_result = '';
$var_categories = array();
$var_category_list = array();
$db =& JFactory::getDBO();
$query = 'select * from jneg_categories where parent_id = 9';
$db->setQuery($query,0,300);
$res = $db->loadObjectList();
foreach ( $res as $row ) {
$var_categories[($row->id)] = $row->title;
$var_category_list[] = $row->id;
}
$var_category_list = implode($var_category_list, ', ');
$sql = "select * from jneg_content where catid IN (".$var_category_list.") order by `catid`";
$db->setQuery($sql,0,30000);
$res = $db->loadObjectList();
$var_current_cat = 0;
foreach ( $res as $row ) {
if ($current_cat != $row->catid) {
$current_cat = $row->catid;
echo '<h2>'.$categories[($row->catid)] . '</h2>';
echo '<br>';
}
echo $row->title;
echo '<br>';
}
?>
{/source}
Can you help me how to get proper HTML as a result of this code please.
Sourcer or other php rendering plugins don't run in html modules unless you go under the module 'options' and select 'prepare content'...
...or you can use this module and just include your php file directly:
https://github.com/idea34/mod_show
Ok, I did it with Jumi plugin - http://2glux.com/projects/jumi/usage-for-j15
Thank you anyway.

Result binding in mysqli

In the following example, can any folks show me how to code the binding part as I select all fields from the table
$stmt = $mysqli_conn->stmt_init();
if ($stmt->prepare("SELECT * FROM books")) {
$stmt->execute();
$stmt->bind_result( **WHAT DO I PUT HERE** );
$stmt->close();
}
In bind_result, you put in the variables where you want to fetch the data into, instead of using an array returned otherwise.
$stmt->bind_result($col1, $col2, $col3, $col4);
while($stmt->fetch_assoc())
echo "$col1 $col2 $col3 $col4";
Alternatively, if you don't want to bind the result
while($resultArray = $stmt->fetch_assoc()) {
echo "$resultArray[columnName1] $resultArray[columnName2] ...";
}

How to migrate mysqli to pdo

Hi I was wondering how I would migrate a mysqli php file to use PDO. Would anyone be able to take a look at my code and see if I'm on the right track?
This is my original (mysqli) code:
<?php
// connecting to database
$conn = new mysqli('xxxxxx', 'xxxxxx', 'password', 'xxxxxx');
$match_email = 'email';
$match_passhash = 'passhash';
if (isset($_POST['email'])) {
$clean_email = mysqli_real_escape_string($conn, $_POST['email']);
$match_email = $clean_email;
}
if (isset($_POST['passhash'])) {
$clean_passhash = mysqli_real_escape_string($conn, $_POST['passhash']);
$match_passhash = sha1($clean_passhash);
}
$userquery = "SELECT email, passhash, userlevel, confirmed, blocked FROM useraccounts
WHERE email = '$match_email' AND passhash = '$match_passhash'
AND userlevel='user' AND confirmed='true' AND blocked='false';";
$userresult = $conn->query($userquery);
if ($userresult->num_rows == 1) {
$_SESSION['authorisation'] = 'knownuser';
header("Location: userhome.php");
exit;
} else {
$_SESSION['authorisation'] = 'unknownuser';
header("Location: userlogin.php");
exit;
}
?>
And this is my attempt to migrate it to PDO:
<?php
// connecting to database
$dbh = new PDO("mysql:host=xxxxxx; dbname=xxxxxx", "xxxxxx", "password");
$match_email = 'email';
$match_passhash = 'passhash';
if (isset($_POST['email'])) {
$clean_email = mysqli_real_escape_string($conn, $_POST['email']);
$match_email = $clean_email;
}
if (isset($_POST['passhash'])) {
$clean_passhash = mysqli_real_escape_string($conn, $_POST['passhash']);
$match_passhash = sha1($clean_passhash);
}
$userquery = "SELECT email, passhash, userlevel, confirmed, blocked FROM useraccounts
WHERE email = ':match_email' AND passhash = ':match_passhash' AND
userlevel='user' AND confirmed='true' AND blocked='false';";
$stmt = $dbh->prepare($query);
$stmt->bindParam(":match_email", $match_email);
$stmt->bindParam(":match_passhash", $match_passhash);
$stmt->execute();
$userresult = $conn->query($userquery);
if ($userresult->num_rows == 1) {
$_SESSION['authorisation'] = 'knownuser';
header("Location: userhome.php");
exit;
} else {
$_SESSION['authorisation'] = 'unknownuser';
header("Location: userlogin.php");
exit;
}
?>
I'm also not sure how to count the number of rows returned in PDO.
If anyone would be able to help me out that wold be very great.
A million thanks in advance!
When using prepared statements and $stmt->bindValue() or $stmt->bindParam() you do not need to escape values with mysqli_real_escape_string(), PDO will do that for you.
Just remember to set a correct data type for the value. That is the third argument in the bind functions and it is a string by default so your code here is fine. I would only use bindValue() instead of bindParam() as you do not need references.
$stmt->execute() will run your prepared statement as a query. The other $conn->query() does not work with prepared statements. It is for raw queries, like you used to have with MySQLi.
When $stmt->execute() runs your response is saved in the $stmt object. For row count use $stmt->rowCount().