Select from 3 tables mysql

Question

Select from 3 tables mysql

Navigation

#1 by (0 votes)

0

I have a query that already brings information from 2 tables, but I need to add to the statement that brings me information from the table called locales to bring the name of the place that is identified with id from the table equipos

This is the SQL statement that I have in which it brings me the names of the computers that are with id in the divisiones table, but I need you to bring me from the table the id del local to get the name

SELECT

divisiones.start_date AS Fecha_Inicio,
  divisiones.tipo_liga AS Tipo_de_liga, 
  divisiones.zona_delegado AS Delegado, 
  divisiones.id_eq1 AS Equipo_1,
  eq1.name_eq AS Nombre_E1,
  divisiones.id_eq2 AS Equipo_2, 
  eq2.name_eq AS Nombre_E2,
  divisiones.id_eq3 AS Equipo_3, 
  eq3.name_eq AS Nombre_E3,
  divisiones.id_eq4 AS Equipo_4, 
  eq4.name_eq AS Nombre_E4,
  divisiones.id_eq5 AS Equipo_5, 
  eq5.name_eq AS Nombre_E5,
  divisiones.id_eq6 AS Equipo_6, 
  eq6.name_eq AS Nombre_E6,
  divisiones.id_eq7 AS Equipo_7, 
  eq7.name_eq AS Nombre_E7,
  divisiones.id_eq8 AS Equipo_8, 
  eq8.name_eq AS Nombre_E8,
  divisiones.id_eq9 AS Equipo_9,
  eq9.name_eq AS Nombre_E9,
  divisiones.id_eq10 AS Equipo_10,
  eq10.name_eq AS Nombre_E10

  FROM divisiones

  INNER JOIN equipos AS eq1
    ON divisiones.id_eq1 = eq1.id_eq
    INNER JOIN equipos AS eq2
    ON divisiones.id_eq2 = eq2.id_eq
    INNER JOIN equipos AS eq3
    ON divisiones.id_eq3 = eq3.id_eq
  INNER JOIN equipos AS eq4
    ON divisiones.id_eq4 = eq4.id_eq
    INNER JOIN equipos AS eq5
    ON divisiones.id_eq5 = eq5.id_eq
    INNER JOIN equipos AS eq6
    ON divisiones.id_eq6 = eq6.id_eq
  INNER JOIN equipos AS eq7
    ON divisiones.id_eq7 = eq7.id_eq
    INNER JOIN equipos AS eq8
    ON divisiones.id_eq8 = eq8.id_eq
    INNER JOIN equipos AS eq9
    ON divisiones.id_eq9 = eq9.id_eq
  INNER JOIN equipos AS eq10
    ON divisiones.id_eq10 = eq10.id_eq

  WHERE division_name = '$_POST[createPDF]'"

This is the equipment table, and I need you to bring the field local which is the id + the name that is in the same table.

Thanks and regards

mysql php join select

asked by 23.08.2018 в 11:31

source

1 answer

use img in wordpress main menu Open a temporary excel in python

score 0 · Accepted Answer

I need you to bring the field local which is the id + the name that is in the same table.

EDIT: with the additional information

the teams contain a field that is id_local

The following sentence would bring you the division, the team and its location:

SELECT

  divisiones.start_date AS Fecha_Inicio,
  divisiones.tipo_liga AS Tipo_de_liga, 
  divisiones.zona_delegado AS Delegado, 
  divisiones.id_eq1 AS Equipo_1,
  eq1.name_eq AS Nombre_E1,
  lq1.nombre_local AS Local_E1

FROM divisiones
  INNER JOIN equipos AS eq1 
    ON divisiones.id_eq1 = eq1.id_eq
  INNER JOIN locales AS lq1 
   ON lq1.id_local = eq1.id_local

This does not apply anymore:

The form of the id_local field is not clear to me, I just assumed that it is of the form <id_equipo>_<nombre_equipo> (an underscore as a separator). But with that example you can play until it squares, either using CONCAT_WS or just CONCAT if there is no separator.

Note1: It is not efficient that you have to do the JOIN against a function (which is evaluated in each row of the query) it would be easier for the teams to have a field id_local or the local field id_equipo .

NOTE2: The WHERE clause of the form

WHERE division_name = '$_POST[createPDF]'"

You have two problems:

First : when interpolating a variable entered by the user, which is not sanitized, you are exposed to an SQL injection. If someone sends you the POST value

division1';DROP TABLE divisiones;--

your sentence is interpreted as:

SELECT ... FROM divisiones  
WHERE division_name = 'division1';
DROP TABLE divisiones;
--' // la comilla final queda comentada y se ignora

That means that you eliminate the table. In fact you can do worse things.

You need to use a prepared sentence. I can not tell you exactly how to do it because I do not know if you are using mysqli or PDO , but it would have the form

$stmt = $conexion->prepare("SELECT *
  FROM divisiones
  WHERE division_name = ?");

Followed by (mysqli)

 $stmt->bind_param('s', $_POST['createPDF']);
 $result = $stmt->execute();

Or else (PDO):

 $stmt->bindValue(1, $_POST['createPDF'], PDO::PARAM_STR);
 $result = $stmt->execute();

The important thing is that you use a prepared statement and that, if you are using the old driver mysql , change yourself because it is discontinued and is insecure.

Second : $ _POST [createPDF] is incorrect. The variable to be sanitized is $ _POST ['createPDF']. If it's not quoted, PHP interprets it as a constant called createPDF , which does not exist (and throws an error below, only you're not seeing it because you must have disabled E_NOTICE ).