?
Solved

Mutl-Field Search PHP

Posted on 2013-01-08
4
Medium Priority
?
267 Views
Last Modified: 2013-01-09
I have a multi-field search and trying to return results based on what was chosen.  Right now, my fields are not being handled properly on the results page and the query isn't running with the conditions.

Search Page:
<?php

$programid = "2036";

require_once($_SERVER['DOCUMENT_ROOT']."/includes/verifyaccess.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/mainfunctions.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/header.php");

?>

<span class="sectitle">Contact Management Search Form</span><br /><br />

<form action="searchresults.php" method="POST">
	<table width="100%" cellspacing="0" cellpadding="0" border="0">
		<tr>
			<td class="td_leftCol3" width="175px">Account Code:</td>
			<td class="td_rightCol"><input type="text" name="kdaccount" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Company Name:</td>
			<td class="td_rightCol"><input type="text" name="name" class="formFields"></td>
		</tr>	
		<tr>
			<td class="td_leftCol3" width="175px">Company Phone:</td>
			<td class="td_rightCol"><input type="text" name="phone" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Location:</td>
			<td class="td_rightCol"><input type="text" name="town" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Contact Name:</td>
			<td class="td_rightCol"><input type="text" name="contactname" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Contact Phone:</td>
			<td class="td_rightCol"><input type="text" name="contactphone" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">State:</td>
			<td class="td_rightCol">
				<select name="state" class="formFields">
					<option value="">Select a State...</option>
					<?php 
					$sql = mysql_query("SELECT stateid, state FROM dw_states ORDER BY state");
					
					if(mysql_num_rows($sql) > 0)
						{
						while($stateData = mysql_fetch_array($sql))
							{
							echo '<option value = "'.$stateData['stateid'].'">'.$stateData['state'].'</option>';
							}
						}
					?>
			</td>
		</tr>
		<?php if($groupid == '901' || $groupid == '910' || $groupid == '929' || $groupid == '999')
			{
			echo '
			<tr>
				<td class="td_leftCol3" width="175px">SIC Code:</td>
				<td class="td_rightCol">
					<select name="sic" class="formFields">
						<option value="">Select a SIC Code...</option>';
						
						$sql2 = mysql_query("SELECT sic4, sic4desc FROM dw_names_sic GROUP BY sic4 ORDER BY sic4 ASC");
						
						if(mysql_num_rows($sql2) > 0)
							{
							while($sicData = mysql_fetch_array($sql2))
								{
								echo '<option value = "'.$sicData['sic4'].'">'.$sicData['sic4desc'].'</option>';
								}
							}
				echo '
					</select>
				</td>
			</tr>';
			}
		?>
		<tr>
			<td class="td_leftCol3" width="175px">Referred By:</td>
			<td class="td_rightCol">
				<select name="referral" class="formFields">
					<option value="">Select Referral...</option>
					<?php
					$sql3 = mysql_query("SELECT refid, referredby FROM pr_referral ORDER BY referredby");
					
					if(mysql_num_rows($sql2) > 0)
						{
						while($referralData = mysql_fetch_array($sql3))
							{
							echo '<option value = "'.$referralData['refid'].'">'.$referralData['referredby'].'</option>';
							}
						}
					echo '
				</select>
			</td>	
		</tr>';
		?>
		
		<tr>
			<td class="td_leftCol3" width="175px">Result/Prospect/All:</td>
			<td class="td_rightCol">
				<select name="comptype" class="formFields">
					<option value="1">All</option>
					<option value="2">Prospect</option>
					<option value="3">Result</option>
				</select>
			</td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Status:</td>
			<td class="td_rightCol">
				<select name="kstatus" class="formFields">
					<option value="1">All</option>
					<option value='2'>Active</option>
					<option value='3'>Deactivated</option>
					<option value='4'>On Hold</option>			
				</select>
			</td>
		</tr>
		<?php if($groupid == '901' || $groupid == '910' || $groupid == '929' || $groupid == '999')
			{
			echo '
			<tr>
				<td class="td_leftCol3" width="175px">Sales Rep:</td>
				<td class="td_rightCol">
					<select name="nlrep" class="formFields">
						<option value="">Select a Rep...</option>';
						
						$sql4 = mysql_query("SELECT krep, ckname FROM pr_resp WHERE hidden = '0' and itresp = '0' and (responsibility = '2' OR responsibility = '4') ORDER BY ckname");
						
						if(mysql_num_rows($sql4) > 0)
							{
							while($repData = mysql_fetch_array($sql4))
								{
								echo '<option value="'.$repData['krep'].'">'.$repData['ckname'].'</option>';
								}
							}
						echo '
					</select>
				</td>
			</tr>';
			}
		?>
		<tr>
			<td colspan="2">&nbsp;</td>
		</tr>
		<tr>
			<td colspan="2" align="center"><input type="submit" name="submit" value = "Search!"></td>
		</tr>
	</table>
</form>

Open in new window



Result Page:

<?php

$programid = "2036";

require_once($_SERVER['DOCUMENT_ROOT']."/includes/verifyaccess.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/mainfunctions.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/expFunctions.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/header.php");

//Make sure search for was submitted properly

if(isset($_POST['submit'])) 
	{
    //define the list of fields
    $fields = array('kdaccount', 'name', 'phone', 'town', 'state', 'sic', 'referral', 'kstatus', 'nlrep');
	
	//put conditionals in an array
    $conditions = array();
	
	foreach($fields as $field)
		{
        // if the field is set and not empty
        if(isset($_POST[$field]) && $_POST['field'] != '') 
			{
			// create a new condition while escaping the value inputed by the user (SQL Injection)
			$conditions[] = "`$field` LIKE '%" . mysql_real_escape_string($_POST[$field]) . "%'";
			}
		}

	// builds the query
	$query = "SELECT name, kdaccount FROM dw_names ";
		
	// if there are conditions defined
	if(count($conditions) > 0) 
		{
		// append the conditions
		$query .= "WHERE " . implode (' AND ', $conditions);
		}
	
	$result = mysql_query($query);
	echo $query . '<br />';
	}

Open in new window

<?php

$programid = "2036";

require_once($_SERVER['DOCUMENT_ROOT']."/includes/verifyaccess.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/mainfunctions.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/header.php");

?>

<span class="sectitle">Contact Management Search Form</span><br /><br />

<form action="searchresults.php" method="POST">
	<table width="100%" cellspacing="0" cellpadding="0" border="0">
		<tr>
			<td class="td_leftCol3" width="175px">Account Code:</td>
			<td class="td_rightCol"><input type="text" name="kdaccount" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Company Name:</td>
			<td class="td_rightCol"><input type="text" name="name" class="formFields"></td>
		</tr>	
		<tr>
			<td class="td_leftCol3" width="175px">Company Phone:</td>
			<td class="td_rightCol"><input type="text" name="phone" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Location:</td>
			<td class="td_rightCol"><input type="text" name="town" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Contact Name:</td>
			<td class="td_rightCol"><input type="text" name="contactname" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Contact Phone:</td>
			<td class="td_rightCol"><input type="text" name="contactphone" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">State:</td>
			<td class="td_rightCol">
				<select name="state" class="formFields">
					<option value="">Select a State...</option>
					<?php 
					$sql = mysql_query("SELECT stateid, state FROM dw_states ORDER BY state");
					
					if(mysql_num_rows($sql) > 0)
						{
						while($stateData = mysql_fetch_array($sql))
							{
							echo '<option value = "'.$stateData['stateid'].'">'.$stateData['state'].'</option>';
							}
						}
					?>
			</td>
		</tr>
		<?php if($groupid == '901' || $groupid == '910' || $groupid == '929' || $groupid == '999')
			{
			echo '
			<tr>
				<td class="td_leftCol3" width="175px">SIC Code:</td>
				<td class="td_rightCol">
					<select name="sic" class="formFields">
						<option value="">Select a SIC Code...</option>';
						
						$sql2 = mysql_query("SELECT sic4, sic4desc FROM dw_names_sic GROUP BY sic4 ORDER BY sic4 ASC");
						
						if(mysql_num_rows($sql2) > 0)
							{
							while($sicData = mysql_fetch_array($sql2))
								{
								echo '<option value = "'.$sicData['sic4'].'">'.$sicData['sic4desc'].'</option>';
								}
							}
				echo '
					</select>
				</td>
			</tr>';
			}
		?>
		<tr>
			<td class="td_leftCol3" width="175px">Referred By:</td>
			<td class="td_rightCol">
				<select name="referral" class="formFields">
					<option value="">Select Referral...</option>
					<?php
					$sql3 = mysql_query("SELECT refid, referredby FROM pr_referral ORDER BY referredby");
					
					if(mysql_num_rows($sql2) > 0)
						{
						while($referralData = mysql_fetch_array($sql3))
							{
							echo '<option value = "'.$referralData['refid'].'">'.$referralData['referredby'].'</option>';
							}
						}
					echo '
				</select>
			</td>	
		</tr>';
		?>
		
		<tr>
			<td class="td_leftCol3" width="175px">Result/Prospect/All:</td>
			<td class="td_rightCol">
				<select name="comptype" class="formFields">
					<option value="1">All</option>
					<option value="2">Prospect</option>
					<option value="3">Result</option>
				</select>
			</td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Status:</td>
			<td class="td_rightCol">
				<select name="kstatus" class="formFields">
					<option value="1">All</option>
					<option value='2'>Active</option>
					<option value='3'>Deactivated</option>
					<option value='4'>On Hold</option>			
				</select>
			</td>
		</tr>
		<?php if($groupid == '901' || $groupid == '910' || $groupid == '929' || $groupid == '999')
			{
			echo '
			<tr>
				<td class="td_leftCol3" width="175px">Sales Rep:</td>
				<td class="td_rightCol">
					<select name="nlrep" class="formFields">
						<option value="">Select a Rep...</option>';
						
						$sql4 = mysql_query("SELECT krep, ckname FROM pr_resp WHERE hidden = '0' and itresp = '0' and (responsibility = '2' OR responsibility = '4') ORDER BY ckname");
						
						if(mysql_num_rows($sql4) > 0)
							{
							while($repData = mysql_fetch_array($sql4))
								{
								echo '<option value="'.$repData['krep'].'">'.$repData['ckname'].'</option>';
								}
							}
						echo '
					</select>
				</td>
			</tr>';
			}
		?>
		<tr>
			<td colspan="2">&nbsp;</td>
		</tr>
		<tr>
			<td colspan="2" align="center"><input type="submit" name="submit" value = "Search!"></td>
		</tr>
	</table>
</form>

Open in new window

0
Comment
Question by:t3chguy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38757000
At line 39 on the Results page, I would echo the $query to make sure I was getting what I wanted.
0
 
LVL 1

Author Comment

by:t3chguy
ID: 38757507
I did a few lines down but the query is nit what I want...its excluding the where clause
0
 
LVL 84

Accepted Solution

by:
Dave Baldwin earned 2000 total points
ID: 38757558
You had $_POST['field'] instead of $_POST[$field] on line 23 above.  Here is a simple test file showing it works.  Save as a PHP file and try it.  I have a bunch of things commented out so I could test the functions without a database.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
 "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<title>PHP Multi-Field Search</title>
</head>
<body>
<h1>PHP Multi-Field Search</h1>
<?php

$programid = "2036";

//require_once($_SERVER['DOCUMENT_ROOT']."/includes/verifyaccess.php");
//require_once($_SERVER['DOCUMENT_ROOT']."/includes/mainfunctions.php");
//require_once($_SERVER['DOCUMENT_ROOT']."/includes/expFunctions.php");
//require_once($_SERVER['DOCUMENT_ROOT']."/includes/header.php");

//Make sure search for was submitted properly

if(isset($_POST['submit'])) 
	{
		echo "<pre>";
    //define the list of fields
    $fields = array('kdaccount', 'name', 'phone', 'town', 'state', 'sic', 'referral', 'kstatus', 'nlrep');
		var_dump($fields);
		echo "</pre>";
	//put conditionals in an array
    $conditions = array();
		
	foreach($fields as $field)
		{
        // if the field is set and not empty
        //if(isset($_POST[$field]) && $_POST['field'] != '') 
        if(isset($_POST[$field]) && $_POST[$field] != '') 
			{
			// create a new condition while escaping the value inputed by the user (SQL Injection)
			//$conditions[] = "`$field` LIKE '%" . mysql_real_escape_string($_POST[$field]) . "%'";
			$conditions[] = "`$field` LIKE '%" . $_POST[$field] . "%'";
			}
		}

	// builds the query
	$query = "SELECT name, kdaccount FROM dw_names ";
		
	// if there are conditions defined
	if(count($conditions) > 0) 
		{
		// append the conditions
		$query .= "WHERE " . implode (' AND ', $conditions);
		}
	
	//$result = mysql_query($query);
	echo $query . '<br />';
	}
?>
<form action="" method="post">
<input type="text" name="kdaccount" value="kdaccount" /><br>
<input type="text" name="name" value="name" /><br>
<input type="text" name="phone" value="phone" /><br>
<input type="text" name="town" value="town" /><br>
<input type="text" name="state" value="state" /><br>
<input type="text" name="sic" value="sic" /><br>
<input type="text" name="referral" value="referral" /><br>
<input type="text" name="kstatus" value="kstatus" /><br>
<input type="text" name="nlrep" value="nlrep" /><br>
<input type="submit" name="submit" /><br>
</form>
</body>
</html>

Open in new window

0
 
LVL 1

Author Closing Comment

by:t3chguy
ID: 38758684
That did it!
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question