$query="SELECT charity FROM `users` WHERE username='$username'"; $result=mysql_query($query); $row = mysql_fetch_assoc($result); echo $row['charity']; $query = mysql_query("SELECT charity FROM

`users` WHERE username=`$username`"); while($result = mysql_fetch_object($query)) { $charity = $result->FIELD_NAME_HERE; } print($charity);

echo "<table border='1'> <tr> <TH COLSPAN=2>July 2010</TH> <TH COLSPAN=2>August 2010</TH> <TH COLSPAN=2>September 2010</TH> </tr> <tr> <th>User</th> <th>Posts</th> <th>User</th> <th>Posts</th> <th>User</th> <th>Posts</th> </tr>"; while (($row = mysql_fetch_assoc($july)) || ($row2 = mysql_fetch_assoc($aug)) || ($row3 = mysql_fetch_assoc($sept))) { echo "<tr>"; echo "<td>" . $row['cUsername'] . "</td>"; echo "<td>" . $row['postCount'] . "</td>"; echo "<td>" . $row2['cUsername'] . "</td>"; echo "<td>" . $row2['postCount'] . "</td>"; echo "<td>" . $row3['cUsername'] . "</td>"; echo "<td>" . $row3['postCount'] . "</td>"; echo "</tr>"; } echo "</table>"; SELECT user_id, ( SELECT COUNT(*) FROM posts p WHERE p.user_id = u.user_id AND p.date >= '2010-06-01' AND p.date < '2010-07-01' ) AS june_count, ( SELECT COUNT(*) FROM posts p

WHERE

FROM

p.user_id = u.user_id AND p.date >= '2010-07-01' AND p.date < '2010-08-01' ) AS july_count, ( SELECT COUNT(*) FROM posts p WHERE p.user_id = u.user_id AND p.date >= '2010-08-01' AND p.date < '2010-09-01' ) AS aug_count users u

<?php // Our MySQL query

$sql = "INSERT INTO beautiful (name, age) VALUES ('Helen', 24), ('Katrina', 21), ('Samia', 22), ('Hui Ling', 25), ('Yumie', 29)"; mysql_query( $sql, $conn ); ?>

<?PHP $user_name = "root"; $password = ""; $database = "addressbook"; $server = "127.0.0.1"; $db_handle = mysql_connect($server, $user_name, $password); $db_found = mysql_select_db($database, $db_handle); if ($db_found) { $SQL = "INSERT INTO tb_address_book (First_Name, Surname, Address) VALUES ('bill', 'gates', 'Microsoft')"; $result = mysql_query($SQL); mysql_close($db_handle);

print "Records added to the database"; } else { print "Database NOT Found "; mysql_close($db_handle); } ?> <?php if ($_SERVER['REQUEST_METHOD'] == "POST") { // the following 4 lines are needed if your server has register_globals set to Off $category = $_POST['category']; $sitename = $_POST['sitename']; $siteurl = $_POST['siteurl']; $description = $_POST['description']; $SQL = " INSERT INTO links "; $SQL = $SQL . " (category, sitename, siteurl, description) VALUES "; $SQL = $SQL . " ('$category', '$sitename','$siteurl','$description') "; $result = mysql_db_query($db,"$SQL",$cid); if (!$result) { echo("ERROR: " . mysql_error() . "\n$SQL\n"); } echo ("New Link Added\n"); } mysql_close($cid); ?> Escaping Data When creating SQL statements, string values are delimited using apostrophes (see above code). So what happens when there is an apostrophe in the data you are trying to insert? A SQL error will occur if, for example, the description variable included an apostrophe. Because you do not know what the user will type in, you must assume they are entering all sorts of bad data. To insert an apostrophe into the database using SQL you need to "double-up" the apostrophes. That is, put two apostrophes in the text where you want just one. For example, to insert the phrase "what's up?" into a database, the SQL code looks like: INSERT INTO mytable (phrases) VALUES ('what''s up?')

In PHP there is a string function which allows you to do just this on variables quite easily: str_replace This function replaces one value with another in a string. So before you insert data in the database you should replace all single apostrophes with double-apostrophes. For the example variable, the PHP code is: $description = str_replace("'","''",$description); Note: This does not insert two apostrophes into the database, just one. So when you pull the data out of the database, it will contain only single apostrophes.
// process one row at a time while($row = mysql_fetch_assoc($dbresult)) { <?php $mime = "text/html"; $charset = "utf-8"; # special check for the W3C_Validator if ((isset($_SERVER["HTTP_USER_AGENT"])) && (stristr($_SERVER["HTTP_USER_AGENT"],"W3C_Validator"))) { $mime = "application/xhtml+xml"; } elseif ((isset($_SERVER["HTTP_ACCEPT"])) && (stristr($_SERVER["HTTP_ACCEPT"],"application/xhtml+xml"))) { if(preg_match("/application\/xhtml\+xml[a-z0-9,\s\/\*\-\+]*;[\s]? q=([0-1]{0,1}\.\d{0,4})/i",$_SERVER["HTTP_ACCEPT"],$matches)) { $xhtml_q = $matches[1]; if(preg_match("/text\/html[a-z0-9,\s\/\*\-\+]*;[\s]?q=([0-1] {0,1}\.\d{0,4})/i",$_SERVER["HTTP_ACCEPT"],$matches)) { $html_q = $matches[1]; if((float)$xhtml_q >= (float)$html_q) $mime = "application/xhtml+xml"; } } else $mime = "application/xhtml+xml"; } if ($mime=="application/xhtml+xml") header('Content-Type: '.$mime."; charset=$charset"); ?>

<?php $con = mysql_connect("localhost", "peter", "abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } $db_selected = mysql_select_db("test_db",$con); $sql = "SELECT * from Person"; $result = mysql_query($sql,$con);

print_r(mysql_fetch_row($result)); // Free memory mysql_free_result($result); $sql = "SELECT * from Customers"; $result = mysql_query($sql,$con); print_r(mysql_fetch_row($result)); mysql_close($con); ?> $insert= mysql_query ("INSERT INTO Beta Users (BetaEmail) Values ($betaemail)"); if (!mysql_query($insert,$con)) { die('Error: ' . mysql_error()); }
<?php mysql_connect("localhost", "mysql_user", "mysql_password") or die("Could not connect: " . mysql_error()); mysql_select_db("mydb"); $result = mysql_query("SELECT id, name FROM mytable"); while ($row = mysql_fetch_array($result, MYSQL_NUM)) { printf("ID: %s Name: %s", $row[0], $row[1]); } mysql_free_result($result); ?> <?php mysql_connect("localhost", "mysql_user", "mysql_password") or die("Could not connect: " . mysql_error()); mysql_select_db("mydb"); $result = mysql_query("SELECT id, name FROM mytable"); while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { printf("ID: %s Name: %s", $row["id"], $row["name"]); } mysql_free_result($result); ?> <?php mysql_connect("localhost", "mysql_user", "mysql_password") or die("Could not connect: " . mysql_error()); mysql_select_db("mydb"); $result = mysql_query("SELECT id, name FROM mytable");

while ($row = mysql_fetch_array($result, MYSQL_BOTH)) { printf ("ID: %s Name: %s", $row[0], $row["name"]); } mysql_free_result($result); ?>

<?php

//function function

fetch_records($table_name, $fields){ $conn = mysql_connect("localhost", "root", ""); $select_db = mysql_select_db("db", $conn);

if(!$conn){ return "Not able to connect to dabase...."; }

$table = "<table border='0' cellpadding='5' cellspacing='5'>"; $cols = implode (', ', $fields); $sql = "select $cols from $table_name"; $run = mysql_query($sql);
if($run){ if(mysql_num_rows($run) == 0){ return "Sorry. No records found in the database"; } else { while($arr = {

mysql_fetch_array($run, MYSQL_ASSOC))

$table .= "\t\t<tr>\n";
foreach ($arr as $val_col) { $table .= "\t\t\t".'<td>'.

$val_col.'</td>'."\n";
}

$table .= "\t\t</tr>\n";
}

$table .= "</table>"; return $table;

}

mysql_free_result($run);
}

return "There was an error while fetching the records. Please contact site administrator."; } //how to call the function

$table = "product_master"; $cols = array("product_name", "product_image", "product_price"); echo fetch_records($table, $cols); ?>
$query = "SELECT * FROM TABLE1 WHERE field2 = 2"; $result = mysql_query($query); $num_rows = mysql_num_rows($result); if((!is_bool($result) || $result) && $num_rows) { while($row = mysql_fetch_array($result)) { $field1 = $row['field1']; $field2 = $row['field2']; $field3 = $row['field3']; } }

<? $res=mysql_query("SELECT * FROM members"); if(mysql_num_rows($res)==0) echo "There is no data in the table"; else for($i=0;$i<mysql_num_rows($res);$i++) { $row=mysql_fetch_assoc($res); echo "ID : $row[id] Name : $row[name] Email : $row[email]"; } ?>
class MyRegistryModel // extends nothing { /** * @var Zend_Db_Table_Abstract */ protected $_registryTable; /** * @var Zend_Db_Table_Abstract */ protected $_namesTable; public function __construct() { $this->_registryTable = new RegistryTable(); $this->_namesTable = new NamesTable(); }

public function getDailyReport() { // use the tables as needed to build the report } }

1. $term = $_REQUEST['term']; 2. $query = "SELECT * FROM table WHERE value LIKE '%$term%'"; 3. $result = mysql_query($query); 4. 5. $array = array(); 6. 7. while ($data = mysql_fetch_array($result)) 8. { 9. $row_array['id'] = $data['id']; 10. $row_array['value'] = "$data[value]"; 11. 12. array_push($array, $row_array); 13. } 14. 15. echo json_encode($array);