0

I am very new to sql and php world and I need to extract some data from the database according to the user id who is viewing the page. The sql code is as follow:

SELECT woo_order_id AS Orders, wp_byt_cruise_booking.ID AS Booking, woo_status AS Status, first_name AS Guest_1st_Name, last_name AS Guest_Name, email, post_title AS Retreat_Complete_Title, DATE_FORMAT(wp_byt_cruise_booking.created, "%D %b %Y") _Booking_Date_, DATE_FORMAT(cruise_date, "%D %b %Y") AS Retreat_Arrival_Date, total_cruise_price AS Retreat_Price, cart_price AS Deposit_Paid, FORMAT(earnings, 2) AS Earnings, DATE_FORMAT(start_date, "%D %b %Y") AS Payout_Request, DATE_FORMAT(end_date, "%D %b %Y") AS Payout_Date
FROM wp_byt_cruise_booking
INNER JOIN wp_posts ON cruise_id=wp_posts.ID
LEFT JOIN wp_byt_car_rental_availabilities ON woo_order_id=season_name
WHERE woo_status ='processing' OR woo_status ='completed'
AND post_author=1
ORDER BY _Booking_Date_;

For the last but one line, I want to add a variable which will automatically detect the user viewing the page. Something like: AND post_author = current_user

How can this be achieved by integrating some php code into this sql query?

Thanks in advance for the help

RiggsFolly
  • 93,638
  • 21
  • 103
  • 149
Lena
  • 19
  • 3
    You should always use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) in either the `MYSQLI_` or `PDO` API. – Alive to die - Anant Sep 13 '22 at 05:00
  • Are you using Woocommerce for Wordpress ? If yes, please check `wp_get_current_user()` and its usage – Ken Lee Sep 13 '22 at 06:15
  • u can do somehting like this: $query = $db->query("SELECT * FROM table WHERE post_author = '" . $current_user . "'") – bobi Sep 13 '22 at 06:29
  • @bobi Why? Code vulnerable to SQL injection is not even easier to read or maintain. There's absolutely no gain in that. – Álvaro González Sep 13 '22 at 07:39

0 Answers0