You are here: Re: [PHP] A little disturbing query !!! « PHP « IT news, forums, messages
Re: [PHP] A little disturbing query !!!

Posted by Jochem Maas on 03/13/05 22:30

AN@S wrote:
> Hello,
> I have a query that I'm unable to work it out, each time I run it I get
> some error, I need your help.
>
> I have a webtemplates table which contains some basic information about
> each template (author, price, description, ...etc). I created a search
> form that a user can use to search by type(by description, author,
> ..etc) he chooses the type he want (radio button) then types his
> searchterm, and the following query works very fine:
>
> $query = "SELECT * FROM templates where ".$_POST[searchtype]." LIKE
> '%".$_POST[searchterm]."%'";
>
> But now I need the search to be more advanced, the user may enter a
> price range to find results within a range of two numbers, I have added
> to the form two textfields the first for the low price ($lprice) the
> second for the high price ($hprice).. the 'price' field is located in
> the same table (templates).
>
> Now I want to add to the query to make it does the following:
>
> - if the user doesn't type any price range, the above query will be
> executed.
>
> - if he typed a price range, it'll be taken into consideration with the
> within the cretirea he wanted.
>
> for example, he may search for templates authored by John and their
> prices are between 30 and 50.
>
> I'm a php newbie, so I got error messages each time I try to extend my
> simple query, I hope I can find some assistance here :)

basically no want to add a dynamic number of search criteria (bits of the WHERE
clause) to a base query. lets assume that you just want to AND the search criteria.

<?php

$qry = 'SELECT * FROM templates'; // better to specify the fields you want.
$where = array();

// I leave the error checking out for simplicity...
// you are checking/sanitizing the user submitted values before using them I hope.
// e.g. that searchtype is a field, searchterm has quotes/etc escaped, lprice &
// hprice are actually numeric, greater than zero, etc.

if (isset($_POST['searchtype']) && isset($_POST['searchterm'])) {
$where[] = '{$_POST['searchtype']} LIKE %{$_POST['searchterm']}%'";
}

if (isset($_POST['lprice'])) {
// the following expression is a ternary operator - alternative form of
// an 'if' statement
$where[] = isset($_POST['hprice'])
? "price >= $_POST['lprice'] AND price <= $_POST['hprice']";
: "price >= $_POST['lprice']";
}

if (count($where)) {
$qry .= ' WHERE '.join(' AND ',$where);
}

?>

play with this code. use echo, print(), print_r(), var_dump() etc to find
out what it does. look up functions you don't know (e.g. possibly join())
in the manual.... then if you get stuck, by all means ask questions :-)

have fun.

>
> Thank You,
>

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация