[ahsanalishahid]

function getfriendswallposts($wallpostids)
{
	foreach($wallpostids as $i => $v)
	{
		$query = "SELECT * FROM wall where wallpostid = '$v' ";
		$get = mysql_query($query) or die(mysql_error());
		while($row = mysql_fetch_assoc($get) )
		{
			$user = $row['user_id']; //
			
		}

}

}
$wallpostids is an array. Is there any way that without using a loop, using a single query, can I pass a set of values to get result from the database.

I hope u get my point what I wanna ask. sorry for my bad english

This post has been edited by ahsanalishahid: 19 August 2011 - 08:45 AM

[codeprada]

MySQL has a comparison operator called IN. It handles multiple values and returns the row if one of those values is located in the column being checked.
The following example checks whether 'hello' or 'world' is located in the column field and if so the row is returned.

SELECT * FROM `table` WHERE `column` IN('hello', 'world');

To convert your array into a valid PHP has a function called implode. This separates the elements of an array then joins them into a string based on the separator provided.

<?php
$array = array('hello', 'world');
echo (implode(',', $array));
?>

To get a valid SQL query we'll have to do something like this

<?php
$array = array('hello', 'world');
$query = "SELECT * FROM `table` WHERE `column` IN('" . implode("','", $array) . "')";
echo $query;
?>

[CTphpnwb]

Of course, if you're going to do that then you had better be sure the data is safe. Better yet, use PDO.

[codeprada]

Using Prepared Statements with implode's going to be a bit tricky since the quotes that separate the values are going to be escaped making it one long string to MySQL.

The only thing I can think of is using array_walk then manually escaping the array elements yourself.

[AdaHacker]

codeprada, on 19 August 2011 - 12:15 PM, said:

Using Prepared Statements with implode's going to be a bit tricky since the quotes that separate the values are going to be escaped making it one long string to MySQL.

That's not necessary. You can just generate an array of unnamed place-holders and insert that into the string. It's especially easy in this case, where all the parameters get passed to the IN clause.

$array = array('hello', 'world');
$placeholders = implode(', ', array_fill(0, count($array), '?'));
$query = "SELECT * FROM `table` WHERE `column` IN ($placeholders)";
$statement = $pdo->prepare($query);
$statement->execute($array);

[ahsanalishahid]

Thanks all I got the point