Solved

Building sql select statement for results page using PHP

Posted on 2009-05-05
2
298 Views
Last Modified: 2013-12-12
I'm trying to concatenate a sql query string using PHP but not having much luck. I'm processing a form that has dropdown menus for minprice and maxprice (these will always have a value), minsqft and maxsqft dropdown menus (these will also always have a value). The PropertySubtype and Status are OK for this case.

I'm having the problem with the "optional" query terms: beds, waterview, and golf.  Beds is a dropdown menu with integer values BUT I would also like to make this field have some kind of a null value so that it won't affect the query results. Right now I have an empty value passed if the visitor picks "Select All."

For waterview, I'm looking for 'Yes' in the dB and the form's checkbox checked value is 'Yes'

For golf, the dB field contains comma separated values but the value I'm looking for is 'Golf Course Frontage' which is the checked value of the checkbox.
CASE "home":
$query = "SELECT * FROM Listings WHERE ListingPrice BETWEEN $minprice AND $maxprice AND SquareFootage BETWEEN $minsqft AND $maxsqft AND PropertySubtype1 = 'Site Bui' AND Status = 'Active' . "'";
 
if (!empty($beds))
{$query .= " AND Bedrooms = '" . $beds . "'";}
 
if (isset($waterview))
{$query .= " AND WATERVIEW LIKE '" . $waterview . "'";}
 
if (isset($golf))
{$query .= " AND PROPERTIES LIKE '" . $golf";}
 
break;

Open in new window

0
Comment
Question by:Benson_nc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
StraySod earned 500 total points
ID: 24304678
what exactly is your problem? the source you've posted looks ok except of the 2nd and 11th line, which should end like this:
2nd: AND Status = 'Active'";
and
11th: {$query .= " AND PROPERTIES LIKE '" . $golf. "'";}


what is the problem with your if statements? doesn't it work the way you want? what are the results?
how does the form HTML look like?

I'm not exactly sure what should we help you with :)
0
 

Author Comment

by:Benson_nc
ID: 24305755
Thanks for the correction. All is working now.  The only addition I had to make was to put %% around $golf since there was additional text in the dB field different from what I was looking for.
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to dynamically set the form action using jQuery.

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question