Sql query from a variable How to apostrophe each value

StackOverflow https://stackoverflow.com/questions/21626766

  •  08-10-2022
  •  | 
  •  

Question

I have an array of usernames from Moodle and i want to see the id's they correspond to. Because it is impratical to $array=('user1','user'2....), and the size/contents may vary, i've found a useful function around here that seems to do what i need:

function apply_quotes($item)
{
return "'".mysql_real_escape_string($item)."'";
}

$dataClip=array_map("apply_quotes",$dataClip);
$allUsers=array_map("apply_quotes",$allUsers);

Outputting $allUsers gives me this:

Array ( [0] => 'guest
' [1] => 'admin
' [2] => 'xpto.xy
' [3] => 'a.maia
' [4] => 'd.mano
' [5] => 'a.cabral
' [6] => 'd.mateus
' )

//$allUsers gets me all usernames of Moodle, $dataClip gets me all usernames from an url xml file. 
$results=array_intersect((array)$dataClip,(array)$allUsers);

Output of $results:

Array ( [0] => 'a.cabral
' [1] => 'a.maia
' [54] => 'd.mateus
' )

list($usernamewhere,$usernameparams)=$DB->get_in_or_equal($results,SQL_PARAMS_NAMED,'username');
             $sql="SELECT u.id AS userid,u.username
                   FROM {user} u
                   WHERE u.username {$usernamewhere}";
                   $users=$DB->get_records_sql($sql,$usernameparams);
                   foreach($users as $user){
                       echo $user->userid. ' - ' . $user->username.'<br/>';
                       }

EDIT: And after the query, I get no output. Is there a solution to this?

Was it helpful?

Solution

try this

  $sql="SELECT u.id AS userid
        FROM user u
        WHERE u.username  IN('".implode(',',$results)."')";

  • you missed single quotes.

  • dont give aliase name in where clause

  • dont use {} in mysql

EDIT:

change this

  $userids = $DB->get_records_sql($sql);
  echo $userids;

to

  $userids = $DB->get_recordset_sql($sql);
  foreach ($userids as $ids) {

        $userid = $ids->userid;

        echo $userid;
    }

OTHER TIPS

{} is specific to Moodle, it replaces the table name with the full table name - database + prefix.

http://docs.moodle.org/dev/Data_manipulation_API#moodle_database::get_records_sql.28.29

$DB->get_records_sql() returns an array of objects

For the original question, you are getting a syntax error because the usernames are not enclosed in quotes.

The correct way to do this is

$usernames = array('username1', 'username2', ... );
list($usernamewhere, $usernameparams) = $DB->get_in_or_equal($usernames, SQL_PARAMS_NAMED, 'username');
$sql = "SELECT u.id AS userid, u.username
        FROM {user} u
        WHERE u.username {$usernamewhere}";
$users = $DB->get_records_sql($sql, $usernameparams);
foreach ($users as $user) {
    echo $user->userid . ' - ' . $user->username . '<br />';
}

SQL doesn't accetps the syntax. Remove the AS in the WHERE part:

$sql="SELECT u.id AS userid
  FROM {user} u
  WHERE u.username IN(".implode(',',$results).")";

The correct one is 

$sql="SELECT u.id AS userid
FROM user u
WHERE u.username IN('".implode(',',$results)."')";
  • you are using {} for the table name but its not a PHP variable
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top