How do I prevent sql injection with php and mysql
I have a form into which the visitor can enter data, and I want to store this data in a mysql database via the $_POST variable. What do I need to prevent sql injection? ...
mysql
get value from MySQL database with PHP
$from = $_POST['from']; $to = $_POST['to']; $message = $_POST['message']; $query = "SELECT * FROM Users WHERE `user_name` = '$from' LIMIT 1"; $result = mysql_query($query); while($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $fromID = $row['user_id']; } I'm trying to have $formID be the user_id for a user in my database. Eac...
MySQL Full Text Search Boolean Mode Partial Match
I've found boolean mode of MySQL full text search useful, however there are a couple of things I can't seem to figure out how to achieve. For instance imagine I have a full text column containing the words "Steve's Javascript Tutorial - Part One". I would like to match this for each of the following searches: "tutorials", "javascript t...
While loop problems
I have put together the following code, the problem is that each while loop is only returning one set of data. $result = mysql_query("SELECT date FROM ".TBL_FIXTURES." WHERE compname = '$comp_name' GROUP BY date"); $i = 1; echo "<table cellspacing=\"10\" style='border: 1px dotted' width=\"300\" bgcolor=\"#eeeeee\">"; while ...
MySQL: failed to create function {functionName}
This works on MySQL 5.0.41, but on 5.1.31 it just says "failed to create function". I type this in the console: delimiter | <press enter> CREATE DEFINER=`root`@`localhost` FUNCTION `ucwords`( str VARCHAR(128) ) RETURNS varchar(128) CHARSET utf8 BEGIN DECLARE c CHAR(1); DECLARE s VARCHAR(128); DECLARE i INT DEFAULT 1; DECLARE boo...
C# MySQL Connector works in IDE, not after publish?
For some reason I can't seem to get the MySQL Net Connector to work with C# outside of the IDE. I have a very simple program working just fine in the IDE (connecting to the database and everything) but when I publish the code and run the .application file (on my local computers desktop or off the company server) it says it can't connect ...
Mysql ninja tricks
Possible Duplicate: Hidden Features of MySQL Hi, what are your mysql ninja tricks? What features are extra special? I'm starting with ORDER BY FIELD which enables you to sort in a particular order, like this: SELECT url FROM customer ORDER BY FIELD(customer.priority, 1, 2, 3, 0) Features like this is hard to find in the m...
For each result in MySQL query, push to array (complicated)
Okay, here's what I'm trying to do. I am running a MySQL query for the most recent posts. For each of the returned rows, I need to push the ID of the row to an array, then within that ID in the array, I need to add more data from the rows. A multi-dimensional array. Here's my code thus far. $query = "SELECT * FROM posts ORDER BY id DES...
Getting long variable/digit out of a MySQL and 'squashing' it...
Lets say I have a 10,000 digit number in my database... This would be laggy for the viewer if it was echoed out. Is there a way to display only like 100 (the first 100)? Digits? -Either using php, or (Pref.) using MySQL to only get the first 100... ...
Upgrading from MySQL 4.1 to 5.0 - What kind of performance changes (good or bad) can we expect?
Currently have approximately 2000 simultaneouse connections. We average approximately 425 reads and writes per second. We have a read to write ration of 3:1. All of our tables are myisam. Can we expect better or worse performance when we go from mysql 4.1.22 to 5.0? ...
A logical problem with two tables
Hey guys, I created a list for fixtures. $result = mysql_query("SELECT date FROM ".TBL_FIXTURES." WHERE compname = '$comp_name' GROUP BY date"); $i = 1; $d = "Start"; while ($row = mysql_fetch_assoc($result)) { $odate = $row['date']; $date=date("F j Y", $row['date']); echo "<p>Fixture $i - $d to ...
Indexes and multi column primary keys
Went searching and didn't find the answer to this specific noob question. My apologies if I missed it. In a MySQL database I have a table with the following primary key PRIMARY KEY id (invoice, item) In my application I will also frequently be selecting on "item" by itself and less frequently on only "invoice". I'm assuming I would ...
Ruby on Rails workaround for the mySQL max int: 2147483647 ?
I'm trying to use this number: 294670251400 This number will be an attribute in a model that is keeping counter tabs on membership cards. The membership cards have three four digit vanity sets. But when I update_attribute to contain this, the number is reset to mySQL's max int : 2147483647 Anyone have a workaround to this ? ...
Find groups with both validated, unvalidated users
(Not my real MySQL schema, but illustrates what needs done.) Users can belong to many groups, and groups have many users. users: id INT validated TINYINT(1) groups: id INT name VARCHAR(20) groups_users: group_id INT user_id INT I need to find groups that contain both validated and unvalidated users (validated being 1 or...
What is the best practise for relational database tables in mysql?
Hi, I know, there is a lot of info on mysql out there. But I was not really able to find an answer to this specific and actually simple question: Let's say I have two tables: USERS (with many fields, e.g. name, street, email, etc.) and GROUPS (also with many fields) The relation is (I guess?) 1:n, that is ONE user can be a member of...
mysql faster way of matching an inner string
I'm trying to match on band names in a DB by excluding 'The' So a search for 'The Beatles' or 'Beatles' would both succeed. This is too slow: select * from artists where artist_name LIKE '%beatles'; Better ways to do this? I'd like to avoid having an extra sorting/matching column with 'the' stripped out. Thanks! ...
Get number of posts in a topic PHP
How do I get to display the number of posts on a topic like a forum. I used this... (how very noobish): function numberofposts($n) { $sql = "SELECT * FROM posts WHERE topic_id = '" . $n . "'"; $result = mysql_query($sql) or die(mysql_error()); $count = mysql_num_rows($result); echo numb...
Best practice for writing sql statements in php.
Can someone point me towards a resource or show me an example of a good way of writing sql statements in php. Most statements seem so ugly and unreadable. ...
Can I put an mysql index on a date field with when I use >= or <=?
I have indexes for my table user,date, and date,user but when I issue queries like SELECT * FROM table WHERE date >= '2010-5-1' and user='test'; It doesn't use the date,user index it uses the user index. Is there any way to get mysql to use the date,user index for these queries? ...
Ruby on Rails: test db is persisting data. I'm using Cucumber, how do I clear the DB after each scenario?
Title says it all. Preferably, I'd like something to go in this method defined in support/env.rb After do |scenario| end ...