Solved

I need to create a dynamic search with php and mysql that has multiple items to search from. i.e for a car company make(one field ), color(with a database supplied list)

Posted on 2008-06-24
4
857 Views
Last Modified: 2013-12-12
I am a beginner at php and mysql. I already know how to create a database and do some simple php but I want to build a dynamic search that use multiple choice like for a car site make(with dymanic generated drop down), color(with dymanic generated drop down) etc can anyone help. I am starting from scratch
0
Comment
Question by:nbham29
  • 2
4 Comments
 
LVL 1

Assisted Solution

by:morristhebear
morristhebear earned 200 total points
ID: 21857911
You can populate the dropdown boxes when the page is initially loaded, then when the page is submitted you can use the $_POST array to get the values and build an SQL query to select data from your database.

Put the code snippet I've posted into a file called search.php (or a different filename, and change the value in the form action field) and test it.  You will see the query being changed when the dropdown box is changed and submitted.



<?php

	

	if (isset($_POST['submitted'])) {

		$color = $_POST['color'];

		$query = "SELECT * FROM cars WHERE color = '$color'";

		//	Show the query on the page for debugging purposes.

		var_dump ($query);

		//	Do whatever you need to here.

	}
 

?>

<form action="search.php" method="post">

	<select name="color">

		<option value="red">Red</option>

		<option value="yellow">Yellow</option>

	</select>

	<input type="hidden" name="submitted" value="1" />

	<input type="submit" name="submit" value="Search" />

</form>

Open in new window

0
 
LVL 108

Assisted Solution

by:Ray Paseur
Ray Paseur earned 300 total points
ID: 21858502
nbham29: Get yourself some good tutorial and reference material ASAP.  I recommend the books from SitePoint.  In particular, you need this one: http://www.sitepoint.com/books/phpmysql1/

The book matrix is here: http://www.sitepoint.com/books/library/

In the example code snippet above, the PHP syntax is not quite right, but once it is operational you are naked in the wilderness and at risk for a SQL injection attack.  To wit, if someone comes to your script with a post request that gives you this input, your data base is toast.  Don't think it won't happen.  There are bad guys all over the internet.

The SitePoint books can help you avoid those problems by designing your applications correctly from the outset.  I use them and depend on them.

Best of luck, ~Ray
$_POST[color] = "Red; DROP TABLE cars"

Open in new window

0
 
LVL 1

Expert Comment

by:morristhebear
ID: 21858937
Just as a note, I in no way intended for the snippet I provided above to be used in a production environment (hence it's messyness!).  I know it's open to XSS, etc.  I was merely throwing some hints in the general direction which nbham29 should be looking to.

I agree with you though Ray.  Designing something properly from the ground up to be secure is the best way...
0
 

Accepted Solution

by:
nbham29 earned 0 total points
ID: 21861681
I will check the book out and I will see how it works out. Thanks ray. I will look the book over it in the next little day or so and I will see how it works out.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will explain how to display the first page of your Microsoft Word documents (e.g. .doc, .docx, etc...) as images in a web page programatically. I have scoured the web on a way to do this unsuccessfully. The goal is to produce something …
These days socially coordinated efforts have turned into a critical requirement for enterprises.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to count occurrences of each item in an array.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now