0

I haven't found anything related to this question so I decided to post it.

The thing is as the title says, when I click a button, I make an jquery ajax call to test.php and I get a name returned in a div, and each time I click the button again I get a different name from my DB, ONLY if my SQL says ORDER BY RAND();

If I change it to ORDER BY column_name ASC; then, click the button, make the ajax call and return the result as JSON, it only shows the first name of the column. And somehow it makes sense.

This will work every time I click the button and show:

SELECT * FROM table WHERE names = '(whatever parameter I pass)' ORDER BY RAND();

This will ONLY show the first name in the table no matter how much I click the button:

SELECT * FROM table WHERE names = '(whatever parameter I pass)' ORDER BY names ASC";

(so I will only get let's say, ANDY).

Same for DESC, and I will only get let's say "Zamora".

I'm sure a lot of people have struggled with this. Cheers!

Tim Morton
  • 2,614
  • 1
  • 15
  • 23
Ed91gg
  • 307
  • 3
  • 13
  • 2
    Isn't that expected behavior from any SQL query using ORDER? What do you expect to see? – Daniel H.J. Dec 07 '17 at 23:51
  • 1
    You're fixated on the query, when the problem is more likely how you're returning the results. Show some code, or your question will get voted down. – Tim Morton Dec 07 '17 at 23:53
  • 1
    I'm here for the PHP tag and I'm not seeing any PHP code. Every second press sounds like it should increment the offsetting of results by 1? (See LIMIT clause) – Scuzzy Dec 07 '17 at 23:57
  • Your code is vulnerable to SQL injections. It is not recommended to pass variables directly into SQL command. – Flash Thunder Dec 08 '17 at 00:09
  • select * is bad https://stackoverflow.com/questions/3639861/why-is-select-considered-harmful –  Dec 08 '17 at 01:06
  • 1
    Imagine a deck of cards. Shuffle it and reveal the top card. Jack of diamonds. Shuffle it and reveal the top card. 2 of hearts. Repeat. You probably get different cards every time. Now take the same deck and arrange the cards in order of value and suit, reveal the top card. Ace of spades. Now sort it again. Reveal the top card. Ace of spades. Sort it again. Ace of spades every time... – chiliNUT Dec 08 '17 at 01:20
  • Thanks for your comments people, sorry for not showing more code, I think it'll be useless since I'm trying to fix something that does work but not how I want.. PHP tag is because I'm using PHP here as my backend.. As @chiliNUT said.. it will always return Ace of spades it it's ordered by ASC. What I'm trying to do is every time I click the button I'll get the next value of the column from my DB. As I do with order by RAND. – Ed91gg Dec 08 '17 at 03:25
  • @FlashThunder What would you recommend me to look for on the web to have something similiar to that? I'm using mysqli and msql_real_escape_string, plus, before deploying this site I'll check everything out regarding security. – Ed91gg Dec 08 '17 at 03:27
  • So the first thing that catches my attention is that you're only getting 1 result. Two possible reasons: `LIMIT 1` in your query or your php is only iterating through 1 result. It appears to be the latter. If you're only wanting one result, you'll have to specify *which* result you want by setting the `LIMIT` clause accordingly. Google "sql limit offset" – Tim Morton Dec 09 '17 at 00:23
  • @Ed91gg I guess that msql_real_escape_string should do the job... you may read some articles about "sql injection php" on google or something like that... you need to give some code that displays it (javascript?) ... it's hard to tell how to help you... but... I noticed something weird in your code: the `"` after `ASC` word... maybe that's the problem? – Flash Thunder Dec 09 '17 at 12:54
  • @FlashThunder Yeah of course I'll get the security before deploying. The " is not the problem, but I forgot to write both " in this code I'm showing. I already "kind of" fixed it. I will always get one result as chilliNUT said. So, I passed the column to a while loop and load that while loop inside – Ed91gg Dec 09 '17 at 20:56

0 Answers0