Solved

How to split a string to use in query

Posted on 2009-05-14
6
195 Views
Last Modified: 2013-12-12
I have a dynamic string $str

the string is based on a text box where users enter the zip code and separate it by comma
so in textbox they enter
92331, 92334, 92335
and the str will then be
$str = "92331, 92334, 92335";
now I want to take that string and use it in query like this
mysql_query(select * from mytable where zip=923341 or zip = 92334 or zip = 92335)

how can I do that. I cant hardcode it as it has to depend on what users enter in the textbox.

Thanks
0
Comment
Question by:syedasimmeesaq
  • 4
6 Comments
 
LVL 51

Accepted Solution

by:
Ryan Chong earned 250 total points
ID: 24391658
you can simply try use "In" clause instead... like:

mysql_query("select * from mytable where zip in (".$str.") ) ";
0
 
LVL 7

Assisted Solution

by:ycTIN
ycTIN earned 250 total points
ID: 24391723
if you are trust the user input is always correctly , you can direct execute sql using IN
otherwise you may check the input like below

<?php
$str = "92331, 92334, 92335";
 
//validate and reformat input
$ids = explode(',',$str);
foreach ($ids as &$id) {
	if (!is_numeric($id)) {
		die('in valid input');
	}
	$id = trim($id);
}
 
//execute
if (empty($ids)) {
	die("no input");
} else {
	$ids_str = implode(',',$ids);
	$sql = "SELECT * FROM `mytable` WHERE `zip` IN ($ids_str)";
	
	echo $sql;
}
?>

Open in new window

0
 
LVL 9

Author Comment

by:syedasimmeesaq
ID: 24391949
HI I tested the sql and it gives me results from the first zip only in the string.
so if the string is like this
$str = "92331, 92334";
it will give results for 92331
but if the string is like
$str = "92334, 92331";
it will give results only for 92334

Thanks
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 9

Author Comment

by:syedasimmeesaq
ID: 24391969
could it be because I should rather be formatting the query like this

$sql_query = "select * from $table where `zip` IN ('92331','92334')";

where as with the current format, ut is putting the query like this
$sql_query = "select * from $table where `zip` IN (92331,92334)";
see the quote ' is missing.
how would I do that
thanks


0
 
LVL 9

Author Comment

by:syedasimmeesaq
ID: 24391982
never mind..got it.
Thanks guys
0
 
LVL 9

Author Closing Comment

by:syedasimmeesaq
ID: 31581767
thanks
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
mysqli_query() expects parameter 1 to be msqli, string given in 4 65
Read a remote csv file from a https URL 8 49
XML extra information 8 29
AJAX pass along a variable 3 46
Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question