1173 posts
  • Has been part of the Envato Community for over 5 years
  • Located in Australia
  • Has sold $10,000+ on Envato Market
  • Has been a beta tester for an Envato feature
+3 more
Motionreactor says
I may be confused, but could you just use NOT BETWEEN '$start_date' AND '$end_date' to exclude rows with dates from a certain range? Then you wouldn’t need an ‘id’ specifier.

+1,

[edit]

OR maybe use $_REQUEST['id'] :p, Good Luck

I hope he is actually doing some input cleaning? Not just grabbing the GET or POST directly? Otherwise you’re open to SQL injection attacks.

28 posts
  • Has been part of the Envato Community for over 4 years
  • Has referred 1+ members
  • Has sold $1,000+ on Envato Market
  • Has collected 10+ items on Envato Market
+3 more
steinikallinn says
Any ideas?

Well, you could solve this on a code level instead. You could check if an ‘id’ has been set, and that set id matches something the query returned, then skip that id and continue with the next.

Example:
$sql = mysql_query("... the first query you presented ...");
while($data = mysql_fetch_array($sql))
{
    if(isset($_GET['id']) && $data['id'] == $_GET['id'])
      continue;

    // and then rest of your code...
}

Just to save you some time on this matter until a permanent query fix has been made. Btw, this if-check prevents SQL injection because you only compare it with database results instead of including it into the query

2010 posts
  • Has referred 50+ members
  • Has sold $500,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+9 more
bitfade says
you just need to enclose 2nd and 3rd conditions into “()”, like this

select * from table where id != 32 and ( condition1 or condition2);
btw, as already told, do not ever use user provided values into query without sanitize first.
1173 posts
  • Has been part of the Envato Community for over 5 years
  • Located in Australia
  • Has sold $10,000+ on Envato Market
  • Has been a beta tester for an Envato feature
+3 more
Motionreactor says
you just need to enclose 2nd and 3rd conditions into “()”, like this

select * from table where id != 32 and ( condition1 or condition2);
btw, as already told, do not ever use user provided values into query without sanitize first.

What is the reasoning for this? is there a rule when you should use it?

2010 posts
  • Has referred 50+ members
  • Has sold $500,000+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+9 more
bitfade says
What is the reasoning for this? is there a rule when you should use it?
coz you’ll need to consider operators precedence too: AND is evaluated before OR, so even if ID != $id is false, if condition2 is true then the where clause will be true, which is wrong.
240 posts
  • Has referred 1+ members
  • Has sold $10,000+ on Envato Market
  • Has collected 1+ items on Envato Market
  • Has been part of the Envato Community for over 4 years
+2 more
phpdude says

Brackets…use them!

SELECT * FROM `table` WHERE ( (`start` BETWEEN ‘2010-02-03 00:00:00’ AND ‘2010-04-03 00:00:00’) OR (`end` BETWEEN ‘2010-02-03 00:00:00’ AND ‘2010-04-03 00:00:00’) ) AND `id` = ‘5’

1277 posts
  • Has been part of the Envato Community for over 7 years
  • Has referred 100+ members
  • Has sold $40,000+ on Envato Market
  • Interviewed on an Envato blog
+7 more
rondog says
you just need to enclose 2nd and 3rd conditions into “()”, like this

select * from table where id != 32 and ( condition1 or condition2);
btw, as already told, do not ever use user provided values into query without sanitize first.

Thanks guys for all these suggestions. I will try them tonight. Regarding sanitizing, I always do except this is an admin panel for one guy so if he wants to SQL inject his own database go for it lol.

I am running mysql_real_escape_string on login and passwords and some other fields where the user will be inputting big blocks of text

1277 posts
  • Has been part of the Envato Community for over 7 years
  • Has referred 100+ members
  • Has sold $40,000+ on Envato Market
  • Interviewed on an Envato blog
+7 more
rondog says
Brackets…use them! SELECT * FROM `table` WHERE ( (`start` BETWEEN ‘2010-02-03 00:00:00’ AND ‘2010-04-03 00:00:00’) OR (`end` BETWEEN ‘2010-02-03 00:00:00’ AND ‘2010-04-03 00:00:00’) ) AND `id` = ‘5’

Well that did the trick…go parens! Thanks dudes

Helpful Information

  • Please read our community guidelines. Self promotion and discussion of piracy is not allowed.
  • Open a support ticket if you would like specific help with your account, deposits or purchases.
  • Item Support by authors is optional and may vary. Please see the Support tab on each item page.

Most of all, enjoy your time here. Thank you for being a valued Envato community member.

Post Reply

Format your entry with some basic HTML. Read the Full Details, or here is a refresher:

<strong></strong> to make things bold
<em></em> to emphasize
<ul><li> or <ol><li> to make lists
<h3> or <h4> to make headings
<pre></pre> for code blocks
<code></code> for a few words of code
<a></a> for links
<img> to paste in an image (it'll need to be hosted somewhere else though)
<blockquote></blockquote> to quote somebody

:grin: :shocked: :cry: Complete List of Smiley Codes

by
by
by
by
by
by