1

I need little help. Please how can I get the PHP value "$filtr_zamestnanci_ID" to the sql_query. Code here :

<?php  
if (isset($_POST["filtr_zamestnanci_ID"])) {
    for ($a = 0; $a < count($_POST["filtr_zamestnanci_ID"]); $a++) {
        $filtr_zamestnanci_ID .="AND companies_text_records_user_ID = '".$_POST["filtr_zamestnanci_ID"][$a]."'&nbsp;";
    }
}else {
    $filtr_zamestnanci_ID = "";
}

echo "filtr_zamestnanci_ID :".$filtr_zamestnanci_ID;

mysql_query("SET CHARACTER SET utf8"); 
$sql_1 =
    mysql_query("SELECT * FROM companies_text_records
        LEFT JOIN companies ON companies_text_records_company_ID = company_ID
        LEFT JOIN login_users ON user_id = companies_text_records_user_ID
        WHERE companies_text_records_relative_to = '0'
        '".$filtr_zamestnanci_ID."'
        ORDER BY companies_text_records_ID DESC");
?>

If I pass it without loop everything is OK. But output from loop don´t work at all. Maybe something in the formatting of "$filtr_zamestnanci_ID" ?

Improve this question
5

2 Answers 2

Reset to default
1

Try the following. Will also sort out your SQL Injection issues:

<?php
    $conn = new PDO("mysql:host=$hostname;dbname=$db_name;charset=utf8mb4", $db_username, $db_password);
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

if (isset($_POST["filtr_zamestnanci_ID"])) {
    for ($a = 0; $a < count($_POST["filtr_zamestnanci_ID"]); $a++) {
        $filtr_zamestnanci_ID = $_POST["filtr_zamestnanci_ID"][$a];

        $stmt = $conn->prepare("SELECT * FROM companies_text_records
                            LEFT JOIN companies ON companies_text_records_company_ID = company_ID
                            LEFT JOIN login_users ON user_id = companies_text_records_user_ID
                        WHERE companies_text_records_relative_to = '0'
                        AND companies_text_records_user_ID = :company_text_records_user_id
                        ORDER BY companies_text_records_ID DESC");

        if ($stmt->execute(array(':company_text_records_user_id' => $filtr_zamestnanci_ID))) {
            while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
                $someField = $row['columnFromDatabase'];
            }
            echo 'success';
        }
    }
}else {
    $filtr_zamestnanci_ID = "";
}
?>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Warning mysql_query, mysql_fetch_array,mysql_connect etc.. extensions were deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0. Instead, the MySQLi or PDO_MySQL extension should be used.

1) Give space before AND

$filtr_zamestnanci_ID .=" AND companies_text_records_user_ID = '".$_POST["filtr_zamestnanci_ID"][$a]."'";

2) remove single quotes enclosed for additionally added where clause '".$filtr_zamestnanci_ID."'

"SELEC‌​T * FROM companies_text_records LEFT JOIN companies ON companies_text_records_company_ID = company_ID LEFT JOIN login_users ON user_id = companies_text_records_user_ID WHERE companies_text_records_relative_to = '0' ".$filtr_zamestnanci_ID." ORDER BY companies_text_records_ID DESC"
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.