How to get session ID in sql in joomla - sql

I'm working with vcharts in Joomla and trying tom implement charts based on who is logged in. Sadly vcharts only allows me to use SQL for queries and not PHP so How will I get the session ID then.

Based on the SO question Variables added to vchart joomla sql query not picked up (that exposes a relevant portion of the vcharts manual which joomla users must ordinarily pay to see...) it seems the placeholder that you can use in your SQL is:
{loggedinuserid}
So, you might write something like
SELECT * FROM #__users WHERE id = {loggedinuserid}
Of course this is just a guess because I've never used vcharts, nor have I seen the actual docs.
If it doesn't like the #__ prefix placeholder, then I guess you'll need to manually replace it like this:
SELECT * FROM lmnop_users WHERE id = {loggedinuserid}
All this said, I have had some experience with the Plotalot extension and it's pretty good with great documentation.

I find this approach: with joomla api
<?php
$link = mysqli_connect("localhost", "joomla_usr", "geheim", "joomla_db");
define('_JEXEC', 1);
define('JPATH_BASE', dirname(__FILE__));
define('DS', DIRECTORY_SEPARATOR);
require_once(JPATH_BASE . DS . 'includes' . DS . 'defines.php');
require_once(JPATH_BASE . DS . 'includes' . DS . 'framework.php');
require('libraries/joomla/factory.php');
$mainframe = JFactory::getApplication('site');
$mainframe->initialise();
$session = JFactory::getSession();
$query_user = "SELECT name, username, email FROM joomla_users WHERE id=(SELECT userid FROM joomla_session WHERE session_id='" . $session->getId() . "')";
$result_user = mysqli_query($link, $query_user);
$row_user = mysqli_fetch_array($result_user);
?>
Maybe you can use the query direct to access the mysql database from your Platform. Or embed PHP in any way.

Related

Wordpress post update code is not working

I want to update a topic with a post id in Wordpress and add it to the end of the post. However, I could not run the code below. Can you help?
wp_update_post(['ID' => $posts->ID,"post_content" => "concat_ws(' ',post_content, 'SECOND')"]);
Normally, this process is done over sql with concat. But I want to use it with php.
The version that works with sql;
update test_user set descrip = concat_ws(' ',descrip, 'SECOND') where Id=2
but I want to run it with php, not sql. How should the first code be?
You can use braces or concatenation operator .
echo "qwe{$a}rty"; // qwe12345rty, using braces
echo "qwe" . $a . "rty"; // qwe12345rty, concatenation used
Also, it much better to use WP_Post class than modify data in tables directly.
Your WP instance can use some db caching layer, or some hooks for posts updating. This functionality can be
potentially broken if you work with tables directly.
$post = get_post( 123 );
$post->post_content = $post->post_content . "Some other content";
wp_update_post( $post );

How to build a $wpdb query

I am trying to build a query that will help me rank SearchWP search results by total_sales (in a WooCommerce shop).
SearchWP has a simple filter that helps injecting additional sql into the search algorithm and adding weight as desired.
The following example lets recent posts rank higher:
$sql .= " + ( IF( UNIX_TIMESTAMP( {$wpdb->prefix}posts.post_date ) > UNIX_TIMESTAMP( {$time_ago} ), {$additional_weight}, 0 ) )";
So I tried to do the same thing by using the total_sales column from the postmeta table to increase the weight of search results, but it doesn't work.
$sql .= " + {$wpdb->prefix}postmeta.total_sales";
Obviously I wonder what the solution is.
But I also want to know a way how to build and test such a $wpdb query successfully myself. A link to a good tutorial would be appreciated.
I found the solution by following this SearchWP documentation. It is another filter provided by the SearchWP plugin: https://searchwp.com/docs/kb/using-custom-field-prioritize-search-results/
Simply drop both filters into functions.php and change the line
$my_meta_key = 'my_search_priority';
to
$my_meta_key = 'total_sales';
It works like a charm

Perl6 API with Slang::SQL

Hi im trying to do an API in Perl6 using Bailador, DBIish and Slang::SQL but when I try to use
sql select * from user where nom='"$name"'; do -> $row {
"$row".say;
}
instead of
sql select * from user where nom="try"; do -> $row {
"$row".say;
}
it dont tell me anything :c (obviously $name == "try")
I search for hour on the internet but with no answer. I already try to use only DBIish synthaxe but it end with the same result. Can someone help me :) ?
You should be using place holders is the main reason why. The slang doesn't do quoting of that kind, and even if it did you'd be introducing a point of entry for a SQL injection exploit in your code - unless you escaped quotes in the variable.
Instead try:
sql select * from user where nom = ?; with ($name) do -> $row {
$row.say;
}
Good luck with your app. BTW there's a subreddit that'd be interested in your progress https://www.reddit.com/r/perl6
So I tried Matt Oates's answer but it didn't give me anything back (like if it didn't find anything in the DB). But I finally found the syntax that did the job:
my $email = request.params<email>;
my $db = 'SELECT * FROM user WHERE email=?';
my $do = $*DB.prepare($db);
$do.execute($email);
my %row = $do.fetchrow_hashref;
return (%row);

Increment user postcount upon posting topic/reply

I'm really new to SQL and looked around the web for help on incrementing values but couldn't find something that works for me. What I'm trying to do is increment the value of user_posts when a reply/topic is posted. The user_posts is in users (forums>users>user_posts). I don't know how to get the specific user and then add to the value of his/her posts. I'm working off of a very small and basic example, which is how I have posts working. I was thinking I could add it to the SQL where the topic is sent to the DB but, like I said, can't figure out how. I don't really have any code to provide to start with because I really don't know where to start. I believe it uses UPDATE, but that's all I can guess. If you aren't quite sure what it is I want even after reading all of this, ask and I'll try to clarify.
Here's what it looks like with part of the working post code and a suggested code that doesn't seem to work.
VALUES ('" . $_POST['reply-content'] . "',
NOW(),
" . mysql_real_escape_string($_GET['id']) . ",
" . $_SESSION['user_id'] . ");
UPDATE users SET user_posts=1 WHERE user_id=1";
You can write
UPDATE Users
SET PostCount = PostCount + 1
WHERE UserId = #id
Something like: select postcount from users where user_id = <userid>; followed by update users set postcount=<new_postcount> where user_id = <userid>;. Some details: http://www.w3schools.com/sql/sql_update.asp
I wouldn't worry about optimizing your queries to your database until you experience problems handling your load. :)

Updating email addresses in MySQL (regexp?)

Is there a way to update every email address in MySQL with regexp? What I want to do is to change something#domain.xx addresses to something#domain.yy. Is it possible to do with SQL or should I do it with PHP for example?
Thanks!
You can search for a REGEXP with MySQL, but, unfortunately, it cannot return the matched part.
It's possible to do it with SQL as follows:
UPDATE mytable
SET email = REPLACE(email, '#domain.xx', '#domain.yy')
WHERE email REGEXP '#domain.xx$'
You can omit the WHERE clause, but it could lead to unexpected results (like #example.xxx.com will be replaced with #example.yyx.com), so it's better to leave it.
UPDATE tableName
SET email = CONCAT(SUBSTRING(email, 1, locate('#',email)), 'domain.yy')
WHERE email REGEXP '#domain.xx$';
I would rather do it with PHP, if possible. Mysql unfortunately does not allow capturing matching parts in regular expressions. Or even better: you can combine the two like this, for example:
$emails = fetchAllDistinctEmailsIntoAnArray();
# Make the array int-indexed:
$emails = array_values($emails);
# convert the mails
$replacedEmails = preg_replace('/xx$/', 'yy', $emails);
# create a new query
$cases = array();
foreach ($emails as $key => $email) {
# Don't forget to use mysql_escape_string or similar!
$cases[] = "WHEN '" . escapeValue($email) .
"' THEN '" . escappeValue(replacedEmails[$key]) . "'";
}
issueQuery(
"UPDATE `YourTable`
SET `emailColumn` =
CASE `emailColumn`" .
implode(',', $cases) .
" END CASE");
Note that this solution will take quite some time and you may run out of memory or hit execution limits if you have many entries in your database. You might want to look into ignore_user_abort() and ini_set() for changing the memory limit for this script.
Disclaimer: Script not tested! Do not use without understanding/testing the code (might mess up your db).
Didn't check it, since don't have mysql installed, but seems it could help you
update table_name
set table_name.email = substr(table_name.email, 0, position("#" in table_name.email) + 1)
+ "new_domain";
PS. Regexp won't help you for update, since it only can help you to locate specific entrance of substring in string ot check whenever string is matches the pattern. Here you can find reference to relevant functions.