How can i add and display the sum of a column from database. Even i dont know whether this is working or not.
i am using this, but no results are on the screen.
$sql = "SELECT SUM(vote_up)FROM blog WHERE username='shail' and deleted='0' ";
is this a database question or a php question?
to determine if it’s a database question, run your query right in mysql, i.e. not from php
$sql = "SELECT SUM(vote_up)FROM blog WHERE username=‘shail’ and deleted=‘0’ " ";
P.S I strongly recommend you to bind values in where clause as your current code has big security vulnerability.
i am using filtering before entering these parameters into the database. I am allowing only alphabets, nothing else.
did you test your query outside of php yet?
@shail_arya ohh then that might be the problem you have…you are filtering for alphabetic values but you are passing a integer value " 0 " in your second parameter to query. (deleted=‘0’).
Anyway i am not sure what is the best method of security. filtering variables or binding variables to query. any thoughts on this @r937 ?
No… I think you are about to tell me something scary.
Ok… i have a general question here… Filtering or any other method for security is required at the point where we are taking inputs from the user… right?
Yes it is required when we take input from users. I thought your last object is that. But this is a query you are going to use by your self only you don’t have to do that.BTW do you want to show these result in PHP page or are you just querying inside mysql