Solved

why does this query execute fine in MySQL but not using mysql_query()?

Posted on 2011-02-27
6
349 Views
Last Modified: 2013-12-13
the following query
set @num := 0, @shop_id := NULL;


select shop_id, date
from (
   select shop_id, date,
      @num := if(@shop_id = shop_id, @num + 1, 1) as row_number,
      @shop_id := shop_id as dummy
  from products
  order by shop_id, date DESC
) as x where x.row_number <= 10;

Open in new window

executes fine when I run it through phpMyAdmin, but when I run it against the same database using
$query = "SET @num :=0,
@shop_id := NULL ;
SELECT shop_id, date
FROM (
SELECT shop_id, date, @num := IF( @shop_id = shop_id, @num +1, 1 ) AS row_number, @shop_id := shop_id AS dummy
FROM products
ORDER BY shop_id, DATE DESC
) AS x
WHERE x.row_number <=10;";

$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());

Open in new window

I get
Query: SET @num :=0, @shop_id := NULL ; SELECT shop_id, date FROM ( SELECT shop_id, date, @num := IF( @shop_id = shop_id, @num +1, 1 ) AS row_number, @shop_id := shop_id AS dummy FROM products ORDER BY shop_id, DATE DESC ) AS x WHERE x.row_number <=10; 
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '; SELECT shop_id, date FROM ( SELECT shop_id, date, @num := IF( @shop_id = shop_' at line 2

Open in new window

what am I doing wrong? I noticed that if I remove the user variable initialization line ('SET' etc.) the query executes, but obviously not with the correct result.
0
Comment
Question by:bitt3n
  • 3
  • 3
6 Comments
 
LVL 27

Expert Comment

by:Lukasz Chmielewski
ID: 34993089
It appears that you cannot execute multiple ";" spearated queries in one mysql_query.
http://www.php.net/manual/en/function.mysql-query.php#16878
You have to do that one at a time.
0
 
LVL 27

Accepted Solution

by:
Lukasz Chmielewski earned 500 total points
ID: 34993094
Try like this:

$query = "SET @num :=0, @shop_id := NULL ;";
$result = mysql_query($query);
$query = "SELECT shop_id, date
FROM (
SELECT shop_id, date, @num := IF( @shop_id = shop_id, @num +1, 1 ) AS row_number, @shop_id := shop_id AS dummy
FROM products
ORDER BY shop_id, DATE DESC
) AS x
WHERE x.row_number <=10;";

$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());

Open in new window

0
 

Author Comment

by:bitt3n
ID: 34993128
thanks that works. I foolishly didn't realize the variables would persist between the calls to mysql_query().

I'm curious, given the fact that mysql_query() only accepts one query at a time, how a sql injection is ever possible, since my understanding is that the injection occurs when someone adds a second query to the first when submitting data, as in

'; DROP DATABASE;

or whatever.
0
Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

 

Author Closing Comment

by:bitt3n
ID: 34993129
thanks!
0
 
LVL 27

Expert Comment

by:Lukasz Chmielewski
ID: 34993147
Good point. This is the prevention for executing multiple queries. You cannot drop database in mysql_query, but you can add string variables ' or 1= 1 '.
0
 

Author Comment

by:bitt3n
ID: 34993187
ah that makes sense thanks again
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Determining creation & modification dates on MySQL tables 4 38
php convert date format 3 21
PHP AJAX Wordpress 9 19
Decrypt string by php 7 29
Introduction HTML checkboxes provide the perfect way for a web developer to receive client input when the client's options might be none, one or many.  But the PHP code for processing the checkboxes can be confusing at first.  What if a checkbox is…
Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question