Select from database exploded ID's from array

I have an array of ID’s in one table associated with the companies a person is linked too.

The names of the companies are on another table and I’m trying to use the ID’s stored in the array to choose the companies from the other table and display them in name format.

Basically Im not sure how to get to the ID’s inside the array named, to select them from the Corporations table


<?php
$query  = "select Corporations from UserAdmin WHERE ID = $cID";
$result2 = mysql_query($query);
$rowu = mysql_fetch_array($result2, MYSQL_ASSOC); 
$corpIDs = explode(";",$rowu['Corporations']);

$q="select * from Corporations WHERE ID LIKE '%{$corpIDs}%'";
$result = mysql_query($q) or die(mysql_error());
while($g=mysql_fetch_assoc($result)){
?>
<ul style="position:relative; left:8px; font-size:13px; padding-top:15px;">
<li><a href="#"><?php echo $g['Name']?></a></li>
</ul>
<?php } ?>


This is the sort of thing I need to do but with the ID’s in the array its not working .


$q="select * from Corporations WHERE ID LIKE '%{$corpIDs}%'";


Is the answer to implode it again…


<?php
$query  = "select Corporations from UserAdmin WHERE ID = $cID";
$result2 = mysql_query($query);
$rowu = mysql_fetch_array($result2, MYSQL_ASSOC); 
$corpIDs = explode(";",$rowu['Corporations']);
$acorps = implode(',', $corpIDs); ?>

<ul style="position:relative; left:8px; font-size:13px; padding-top:15px;">
<?php $q=("select * from Corporations WHERE ID IN ('".$acorps."')");
$result = mysql_query($q) or die(mysql_error());
while($g=mysql_fetch_assoc($result)){
?>
<li><a href="#"><?php echo $g['Name']?></a></li>
<?php } ?>
</ul>

I dont get an error but only one comes out of the database when there should be 4 from 6.

When I use var_dump I am getting what seems the correct output


"select * from Corporations WHERE ID IN ('6,7,9,11') ORDER BY ID"

Sorry, got it in the end by taking the commas out.


<?php
$query  = "select Corporations from UserAdmin WHERE ID = $cID";
$result2 = mysql_query($query);
$rowu = mysql_fetch_array($result2, MYSQL_ASSOC); 
$corpIDs = explode(";",$rowu['Corporations']);
$acorps = implode(',', $corpIDs); ?>

<ul style="position:relative; left:8px; font-size:13px; padding-top:15px;">
<?php $q=("select * from Corporations WHERE ID IN (".$acorps.") ORDER BY ID");
$result = mysql_query($q) or die(mysql_error());
while($g=mysql_fetch_assoc($result)){
?>
<li><a href="#"><?php echo $g['Name']?></a></li>
<?php } ?>
</ul>


Please be aware that the mysql_* extension is now deprecated as of the current version of PHP and will very likely be removed from the next 5.x version and will likely not be in PHP 6.x (when it eventually is released). You should migrate over to either the mysqli_* extension or to PDO. PDO is a better choice as it doesn’t tie you down so much to a particular database server software.

Once you have migrated you should use Prepared Statements to prevent SQL Injection attacks. Have a read of this article from the PHP manual, it shows how to use prepared statements with PDO and also explains the principle.