Hi im trying to do an API in Perl6 using Bailador, DBIish and Slang::SQL but when I try to use
sql select * from user where nom='"$name"'; do -> $row {
"$row".say;
}
instead of
sql select * from user where nom="try"; do -> $row {
"$row".say;
}
it dont tell me anything :c (obviously $name == "try")
I search for hour on the internet but with no answer. I already try to use only DBIish synthaxe but it end with the same result. Can someone help me :) ?
You should be using place holders is the main reason why. The slang doesn't do quoting of that kind, and even if it did you'd be introducing a point of entry for a SQL injection exploit in your code - unless you escaped quotes in the variable.
Instead try:
sql select * from user where nom = ?; with ($name) do -> $row {
$row.say;
}
Good luck with your app. BTW there's a subreddit that'd be interested in your progress https://www.reddit.com/r/perl6
So I tried Matt Oates's answer but it didn't give me anything back (like if it didn't find anything in the DB). But I finally found the syntax that did the job:
my $email = request.params<email>;
my $db = 'SELECT * FROM user WHERE email=?';
my $do = $*DB.prepare($db);
$do.execute($email);
my %row = $do.fetchrow_hashref;
return (%row);
Related
I am trying to diedump the query on my index screen using this line of code:
dd(DB::table('members')->where('name', '=', 'Tycho')->toSql());
Now the problem is that when I am displaying the query on my screen I get this:
"select * from `members` where `name` = ?"
My final goal of these lines of code is that I can save offline queries and execute them when the application is online. Unless someone has a solution for this, I'll have to save the queries in a database.
You are seeing the ? placeholders as Laravel uses Prepared Statements.
See Ijas Ameenudeen's answer on another SO question which details how to add a toRawSql() macro on the Eloquent builder which will replace the placeholders with the bindings that you supplied to the original query.
This is because you are using the toSql method, you can use the getBindings method to get the values / bindings.
oneliner:
$query = DB::table('members')->where('name', '=', 'Tycho')->toSql();
// will give the raw query with bindings.
$sqlWithBindings = str_replace_array('?', $query->getBindings(), $query->toSql());
You can try this:
DB::enableQueryLog();
DB::table('members')->where('name', '=', 'Tycho')->get();
echo "<pre>";
print_r(DB::getQueryLog());
I've searched high and low for an answer on this, but I'm either missing something, or I just can't find anything in this context.
Background - trying to avoid spaghetti frenzy with a little casual project I'm starting; part of this will involve mainly just calls to a mysql database, displaying table content and so on. Simply put, like a CRM I guess.
I may be way off base here, but I want to be able to create my sql calls as functions, which will help if/when I tweak and tune, as well as creating a cleaner code for what I'm looking to do.
So, without further ado, I have this as a demomstration:
echo "<table>";
selectall('actions','content',$mysqli);
echo "</table><br><br>";
What this does is show all rows from my table of 'actions. "content" is just an example field name I'm passing through that I want to display, as it is the main human-relevant field name in that table. I'm also passing $mysqli through here for my function db call.
My function looks like this:
function selectall($s_table,$s_content,$mysqli){
$query = "SELECT * FROM " . $s_table;
$resource = $mysqli->query($query);
if ( !$resource ) throw new Exception($db->error);
while ( $row = $resource->fetch_assoc() ) {
$id = $row['id'];
echo "<tr><td>{$row[$s_content]}</td></tr>";
}
$resource->free();
$mysqli->close();
}
However.... it doesn't work, and it seems to throw a wobbly saying:
Warning: mysqli::query(): Couldn't fetch mysqli
This points to the action within the line $resource = $mysqli->query($query);
I know the function and everything is ok, as if I restate and declare $mysqli within the first line of the function, like so...
$mysqli = new mysqli(username password and so on in here);
... it works spot on.
$mysqli exists and works within the same code that is passing the variable within the function too.
This is early stages, so by shuffling the code around trying to poke the $mysqli pass into life I have perhaps made the code a little messier that intended, so try not to worry too much about that.
Anyone any ideas why it doesn't like this?
D'oh...
I had a
$mysqli->close();
in the lines above. Solved myself.
For reference, this is my function:
function selectall($s_table,$s_field,$mysqli){
if ($mysqli->connect_error) {die('Connect Error (' . $mysqli->connect_errno . ') '. $mysqli->connect_error);}
$s_table = preg_replace('/[^0-9a-zA-Z_]/', '', $s_table); // Cleans up the table name variable
$s_field = preg_replace('/[^0-9a-zA-Z_]/', '', $s_field); // Cleans up the field name variable
$query = "SELECT * FROM " . $s_table; // Adds passed table name to the select all
$resource = $mysqli->query($query);
if ( !$resource ) throw new Exception($db->error);
while ( $row = $resource->fetch_assoc() ) {
echo "<tr><td>{$row[$s_field]}</td></tr>"; // Content for each row of the select all
}
$resource->free();
$mysqli->close();
}
As you can see, I've also tried to protect the variables that enter the function.
This can be called via:
selectall('actions','content',$mysqli);
In this context, I want to view all the entries in the 'actions' table by the field name 'content'. This function, with some code above and below for a table, will create a new row for each entry.
I'll probably evolve a few, already created on that includes a delete button at the end of the line which is 'selectalldel'.
Open to comments on whether this actually is worthwhile, but thought I'd post up my corrected stupidity in case anyone finds this useful.
I have a table of values and I would like a user to choose a row from the list with a drop-down menu in a WordPress page and have values from various columns populated in the same WordPress page.
I am trying to learn how to use the $wpdb class in WordPress to do this, I am trying to understand first how to write something that will be displayed in the user's browser, but I think I might be missing some critical parts:
What I have done is to create a table called 'wp_axleaa' in my WordPress database. I am trying to query this table and the only result I get printed is “Array”
I wrote a plugin as follows:
<?php
/**
* #package Trying to Connect
* #version 1.6
*/
/*
Plugin Name: Trying to Connect
Plugin URI:
Description: Connecting to DB with $wpdb
Author: Paul J
Version: 1.0
Author URI:
*/
function tc_info() {
global $display;
global $wpdb;
$display = $wpdb->get_results(
'
SELECT *
FROM $wpdb->wp_axleaa
');
print $display;
}
add_shortcode('showinfo','tc_info');
?>
Then I put the shortcode [showinfo] into my WordPress site, and when I view the page then it just shows “Array”. If I add a WHERE clause to the SQL statement, then I get an error message on the page.
I am very new to WordPress and writing PHP and would really appreciate any help, I'm sorry if this is a long-winded question...
Thanks very much,
That's because get_results() returns an array. You may want to modify your code like this:
function tc_info()
{
global $wpdb;
$output = '';
$sql = 'SELECT * FROM $wpdb->wp_axleaa';
$rows = $wpdb->get_results( $sql );
if ( $rows ) {
foreach ( $rows as $row ){
$output .= $row[0];
}
}
print $output;
}
Your problem is not exactly retrieving the database info. First, Shortcode values should be returned. Not printed or echoed. Second, you need to do something with the array you're receiving from the DB query.
To have a nicely formatted display of the array contents, instead of print $display;, use:
return '<pre>' . print_r( $display, true ) . '<pre>';
If you want fast progress in learning, you'll need to consult the documentation frequently:
http://codex.wordpress.org/Class_Reference/wpdb
http://php.net/manual/en/function.print-r.php
I want to query a table and only need one cell returned. Right now the only way I can think to do it is:
$query = $this->db->query('SELECT id FROM crops WHERE name = "wheat"');
if ($query->num_rows() > 0) {
$row = $query->row();
$crop_id = $row->id;
}
What I want is, since I'm select 'id' anyway, for that to be the result. IE: $query = 'cropId'.
Any ideas? Is this even possible?
Of course it's possible. Just use AND in your query:
$query = $this->db->query('SELECT id FROM crops WHERE name = "wheat" AND id = {$cropId}');
Or you could use the raw power of the provided Active Record class:
$this->db->select('id');
$this->db->from('crops');
$this->db->where('name','wheat');
$this->db->where('id',$cropId);
$query = $this->db->get();
If you just want the cropId from the whole column:
foreach ($query->result()->id as $cropId)
{
echo $cropId;
}
Try this out, I'm not sure if it will work:
$cropId = $query->first_row()->id;
Note that you want to swap your quotes around: use " for your PHP strings, and ' for your SQL strings. First of all, it would not be compatible with PostgreSQL and other database systems that check such things.
Otherwise, as Christopher told you, you can test the crop identifier in your query. Only if you define a string between '...' in PHP, the variables are not going to be replaced in the strings. So he showed the wrong PHP code.
"SELECT ... $somevar ..."
will work better.
Yet, there is a security issue in writing such strings: it is very dangerous because $somevar could represent some additional SQL and completely transform your SELECT in something that you do not even want to think about. Therefore, the Active Record as mentioned by Christopher is a lot safer.
I create a custom import and export, at the moment as an external script (via bootstrap), i plan to create a module in a more generic fashion lateron.
I am building a frontend for nagios and for our host management and nagios configuration btw. Maybe it might become useful for other environments (networkmanagement)
Now i need to know how to get list of all nodes of type x?
I want to avoid direct SQL.
A suggestion i got was to make an rss and parse it
but i acess the drupal db a dozen times to extract various nodes, so it feels strange to do a web request for one thing
So what i am looking for as newbie drupal dev is just a pointer to basic search module api for this task
TIA
florian
Why do you want to avoid using SQL?
If you want to get info about what's in your db, like all the nodes of type x, the only way to get it, is through a SQL query, unless you have the data extracted already.
A query like
db_query("SELECT title, nid FROM {node} WHERE type = 'x';");
shouldn't be the thing that ruins your performance.
Edit:
The link you provided is a from Drupal 7, so you have to be be careful reading this. The reason is that in Drupal 7 it is not only possible to use db_query which basically is wrapper for the php functions mysql_query, pg_query. It's a bit different and using it, you wont have to use db_specific code. Anyways new in Drupal 7 is something that is a bit like an ORM. I haven't read about it in detail, but the idea is that you can build a query using commands on an object. This is probably what you are after. However, Drupal 7 is not ready at all for production sites. There are still a lot of critical issues and security issues. So this wont be a possibility for quite some time.
Edit 2:
If you want to get the node title and body, this is what you should do:
$type = 'x';
$query = db_query("SELECT r.nid, r.title, r.body FROM {node} AS n
LEFT JOIN {node_revisions} AS r ON r.nid = n.nid
WHERE type = '%s';", array($type));
$nodes = array();
while ($node = db_fetch_object($query)) {
$nodes[$node->nid] = $node;
}
You can use db_fetch_array instead of db_fetch_object` if you want to extract arrays instead of objects from the db.
This is a pretty old question, but for anyone coming across this page now, in Drupal 7.x best practise is to use dynamic queries.
So if you wanted to select all the nodes of type x, you could do the following:
$articles = db_select('node')
->fields('node', array('nid', 'title'))
->condition('type', 'x', '=')
->execute()
->fetchAllKeyed();
The $articles variable should then be an array of all x type nodes, keyed by nid with the arrays corresponding value set to the node title. Hope that can help.
Views is generally how you create database queries without writing them in Drupal, but this query is so simple I'm not sure it's worth the overhead of learning views, barely 5 lines after you've bootstrapped Drupal:
$nodes = array();
$results = db_query("SELECT nid FROM {node} WHERE type = '%s'", $type);
while ($result = db_fetch_object($result)) {
$nodes[] = node_load($result->nid);
}
Gotta use SQL do to this.
http://api.drupal.org/api/function/node_get_types/6
Node counts =
$node_types = node_get_types();
$type_count = array();
foreach ($node_types as $type) {
$result = db_fetch_object(db_query('SELECT count(nid) AS node_count FROM {node} WHERE type = "%s"'), $type);
$type_count[$type] = $result['count(nid)'];
}
print_r($type_count);
Nodes and their type:
$node_types = node_get_types();
$nodes = array();
foreach ($node_types as $type) {
$result = db_query('SELECT nid, title FROM {node} WHERE type = "%s"'), $type);
while ($node = db_fetch_object($result)) {
$nodes[] = array('Type' => $type, 'Title' => $node->title);
}
}
print_r($nodes);
Something like that. I am eating lunch so I didn't test that but I have done this before so it should work. Drupal 6.
The migrate module may be of interest to you. It also supports drush so you can script things fairly easily.