Solved

Mutl-Field Search PHP

Posted on 2013-01-08
4
258 Views
Last Modified: 2013-01-09
I have a multi-field search and trying to return results based on what was chosen.  Right now, my fields are not being handled properly on the results page and the query isn't running with the conditions.

Search Page:
<?php

$programid = "2036";

require_once($_SERVER['DOCUMENT_ROOT']."/includes/verifyaccess.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/mainfunctions.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/header.php");

?>

<span class="sectitle">Contact Management Search Form</span><br /><br />

<form action="searchresults.php" method="POST">
	<table width="100%" cellspacing="0" cellpadding="0" border="0">
		<tr>
			<td class="td_leftCol3" width="175px">Account Code:</td>
			<td class="td_rightCol"><input type="text" name="kdaccount" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Company Name:</td>
			<td class="td_rightCol"><input type="text" name="name" class="formFields"></td>
		</tr>	
		<tr>
			<td class="td_leftCol3" width="175px">Company Phone:</td>
			<td class="td_rightCol"><input type="text" name="phone" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Location:</td>
			<td class="td_rightCol"><input type="text" name="town" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Contact Name:</td>
			<td class="td_rightCol"><input type="text" name="contactname" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Contact Phone:</td>
			<td class="td_rightCol"><input type="text" name="contactphone" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">State:</td>
			<td class="td_rightCol">
				<select name="state" class="formFields">
					<option value="">Select a State...</option>
					<?php 
					$sql = mysql_query("SELECT stateid, state FROM dw_states ORDER BY state");
					
					if(mysql_num_rows($sql) > 0)
						{
						while($stateData = mysql_fetch_array($sql))
							{
							echo '<option value = "'.$stateData['stateid'].'">'.$stateData['state'].'</option>';
							}
						}
					?>
			</td>
		</tr>
		<?php if($groupid == '901' || $groupid == '910' || $groupid == '929' || $groupid == '999')
			{
			echo '
			<tr>
				<td class="td_leftCol3" width="175px">SIC Code:</td>
				<td class="td_rightCol">
					<select name="sic" class="formFields">
						<option value="">Select a SIC Code...</option>';
						
						$sql2 = mysql_query("SELECT sic4, sic4desc FROM dw_names_sic GROUP BY sic4 ORDER BY sic4 ASC");
						
						if(mysql_num_rows($sql2) > 0)
							{
							while($sicData = mysql_fetch_array($sql2))
								{
								echo '<option value = "'.$sicData['sic4'].'">'.$sicData['sic4desc'].'</option>';
								}
							}
				echo '
					</select>
				</td>
			</tr>';
			}
		?>
		<tr>
			<td class="td_leftCol3" width="175px">Referred By:</td>
			<td class="td_rightCol">
				<select name="referral" class="formFields">
					<option value="">Select Referral...</option>
					<?php
					$sql3 = mysql_query("SELECT refid, referredby FROM pr_referral ORDER BY referredby");
					
					if(mysql_num_rows($sql2) > 0)
						{
						while($referralData = mysql_fetch_array($sql3))
							{
							echo '<option value = "'.$referralData['refid'].'">'.$referralData['referredby'].'</option>';
							}
						}
					echo '
				</select>
			</td>	
		</tr>';
		?>
		
		<tr>
			<td class="td_leftCol3" width="175px">Result/Prospect/All:</td>
			<td class="td_rightCol">
				<select name="comptype" class="formFields">
					<option value="1">All</option>
					<option value="2">Prospect</option>
					<option value="3">Result</option>
				</select>
			</td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Status:</td>
			<td class="td_rightCol">
				<select name="kstatus" class="formFields">
					<option value="1">All</option>
					<option value='2'>Active</option>
					<option value='3'>Deactivated</option>
					<option value='4'>On Hold</option>			
				</select>
			</td>
		</tr>
		<?php if($groupid == '901' || $groupid == '910' || $groupid == '929' || $groupid == '999')
			{
			echo '
			<tr>
				<td class="td_leftCol3" width="175px">Sales Rep:</td>
				<td class="td_rightCol">
					<select name="nlrep" class="formFields">
						<option value="">Select a Rep...</option>';
						
						$sql4 = mysql_query("SELECT krep, ckname FROM pr_resp WHERE hidden = '0' and itresp = '0' and (responsibility = '2' OR responsibility = '4') ORDER BY ckname");
						
						if(mysql_num_rows($sql4) > 0)
							{
							while($repData = mysql_fetch_array($sql4))
								{
								echo '<option value="'.$repData['krep'].'">'.$repData['ckname'].'</option>';
								}
							}
						echo '
					</select>
				</td>
			</tr>';
			}
		?>
		<tr>
			<td colspan="2">&nbsp;</td>
		</tr>
		<tr>
			<td colspan="2" align="center"><input type="submit" name="submit" value = "Search!"></td>
		</tr>
	</table>
</form>

Open in new window



Result Page:

<?php

$programid = "2036";

require_once($_SERVER['DOCUMENT_ROOT']."/includes/verifyaccess.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/mainfunctions.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/expFunctions.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/header.php");

//Make sure search for was submitted properly

if(isset($_POST['submit'])) 
	{
    //define the list of fields
    $fields = array('kdaccount', 'name', 'phone', 'town', 'state', 'sic', 'referral', 'kstatus', 'nlrep');
	
	//put conditionals in an array
    $conditions = array();
	
	foreach($fields as $field)
		{
        // if the field is set and not empty
        if(isset($_POST[$field]) && $_POST['field'] != '') 
			{
			// create a new condition while escaping the value inputed by the user (SQL Injection)
			$conditions[] = "`$field` LIKE '%" . mysql_real_escape_string($_POST[$field]) . "%'";
			}
		}

	// builds the query
	$query = "SELECT name, kdaccount FROM dw_names ";
		
	// if there are conditions defined
	if(count($conditions) > 0) 
		{
		// append the conditions
		$query .= "WHERE " . implode (' AND ', $conditions);
		}
	
	$result = mysql_query($query);
	echo $query . '<br />';
	}

Open in new window

<?php

$programid = "2036";

require_once($_SERVER['DOCUMENT_ROOT']."/includes/verifyaccess.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/mainfunctions.php");
require_once($_SERVER['DOCUMENT_ROOT']."/includes/header.php");

?>

<span class="sectitle">Contact Management Search Form</span><br /><br />

<form action="searchresults.php" method="POST">
	<table width="100%" cellspacing="0" cellpadding="0" border="0">
		<tr>
			<td class="td_leftCol3" width="175px">Account Code:</td>
			<td class="td_rightCol"><input type="text" name="kdaccount" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Company Name:</td>
			<td class="td_rightCol"><input type="text" name="name" class="formFields"></td>
		</tr>	
		<tr>
			<td class="td_leftCol3" width="175px">Company Phone:</td>
			<td class="td_rightCol"><input type="text" name="phone" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Location:</td>
			<td class="td_rightCol"><input type="text" name="town" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Contact Name:</td>
			<td class="td_rightCol"><input type="text" name="contactname" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Contact Phone:</td>
			<td class="td_rightCol"><input type="text" name="contactphone" class="formFields"></td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">State:</td>
			<td class="td_rightCol">
				<select name="state" class="formFields">
					<option value="">Select a State...</option>
					<?php 
					$sql = mysql_query("SELECT stateid, state FROM dw_states ORDER BY state");
					
					if(mysql_num_rows($sql) > 0)
						{
						while($stateData = mysql_fetch_array($sql))
							{
							echo '<option value = "'.$stateData['stateid'].'">'.$stateData['state'].'</option>';
							}
						}
					?>
			</td>
		</tr>
		<?php if($groupid == '901' || $groupid == '910' || $groupid == '929' || $groupid == '999')
			{
			echo '
			<tr>
				<td class="td_leftCol3" width="175px">SIC Code:</td>
				<td class="td_rightCol">
					<select name="sic" class="formFields">
						<option value="">Select a SIC Code...</option>';
						
						$sql2 = mysql_query("SELECT sic4, sic4desc FROM dw_names_sic GROUP BY sic4 ORDER BY sic4 ASC");
						
						if(mysql_num_rows($sql2) > 0)
							{
							while($sicData = mysql_fetch_array($sql2))
								{
								echo '<option value = "'.$sicData['sic4'].'">'.$sicData['sic4desc'].'</option>';
								}
							}
				echo '
					</select>
				</td>
			</tr>';
			}
		?>
		<tr>
			<td class="td_leftCol3" width="175px">Referred By:</td>
			<td class="td_rightCol">
				<select name="referral" class="formFields">
					<option value="">Select Referral...</option>
					<?php
					$sql3 = mysql_query("SELECT refid, referredby FROM pr_referral ORDER BY referredby");
					
					if(mysql_num_rows($sql2) > 0)
						{
						while($referralData = mysql_fetch_array($sql3))
							{
							echo '<option value = "'.$referralData['refid'].'">'.$referralData['referredby'].'</option>';
							}
						}
					echo '
				</select>
			</td>	
		</tr>';
		?>
		
		<tr>
			<td class="td_leftCol3" width="175px">Result/Prospect/All:</td>
			<td class="td_rightCol">
				<select name="comptype" class="formFields">
					<option value="1">All</option>
					<option value="2">Prospect</option>
					<option value="3">Result</option>
				</select>
			</td>
		</tr>
		<tr>
			<td class="td_leftCol3" width="175px">Status:</td>
			<td class="td_rightCol">
				<select name="kstatus" class="formFields">
					<option value="1">All</option>
					<option value='2'>Active</option>
					<option value='3'>Deactivated</option>
					<option value='4'>On Hold</option>			
				</select>
			</td>
		</tr>
		<?php if($groupid == '901' || $groupid == '910' || $groupid == '929' || $groupid == '999')
			{
			echo '
			<tr>
				<td class="td_leftCol3" width="175px">Sales Rep:</td>
				<td class="td_rightCol">
					<select name="nlrep" class="formFields">
						<option value="">Select a Rep...</option>';
						
						$sql4 = mysql_query("SELECT krep, ckname FROM pr_resp WHERE hidden = '0' and itresp = '0' and (responsibility = '2' OR responsibility = '4') ORDER BY ckname");
						
						if(mysql_num_rows($sql4) > 0)
							{
							while($repData = mysql_fetch_array($sql4))
								{
								echo '<option value="'.$repData['krep'].'">'.$repData['ckname'].'</option>';
								}
							}
						echo '
					</select>
				</td>
			</tr>';
			}
		?>
		<tr>
			<td colspan="2">&nbsp;</td>
		</tr>
		<tr>
			<td colspan="2" align="center"><input type="submit" name="submit" value = "Search!"></td>
		</tr>
	</table>
</form>

Open in new window

0
Comment
Question by:t3chguy
  • 2
  • 2
4 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38757000
At line 39 on the Results page, I would echo the $query to make sure I was getting what I wanted.
0
 
LVL 1

Author Comment

by:t3chguy
ID: 38757507
I did a few lines down but the query is nit what I want...its excluding the where clause
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 38757558
You had $_POST['field'] instead of $_POST[$field] on line 23 above.  Here is a simple test file showing it works.  Save as a PHP file and try it.  I have a bunch of things commented out so I could test the functions without a database.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
 "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<title>PHP Multi-Field Search</title>
</head>
<body>
<h1>PHP Multi-Field Search</h1>
<?php

$programid = "2036";

//require_once($_SERVER['DOCUMENT_ROOT']."/includes/verifyaccess.php");
//require_once($_SERVER['DOCUMENT_ROOT']."/includes/mainfunctions.php");
//require_once($_SERVER['DOCUMENT_ROOT']."/includes/expFunctions.php");
//require_once($_SERVER['DOCUMENT_ROOT']."/includes/header.php");

//Make sure search for was submitted properly

if(isset($_POST['submit'])) 
	{
		echo "<pre>";
    //define the list of fields
    $fields = array('kdaccount', 'name', 'phone', 'town', 'state', 'sic', 'referral', 'kstatus', 'nlrep');
		var_dump($fields);
		echo "</pre>";
	//put conditionals in an array
    $conditions = array();
		
	foreach($fields as $field)
		{
        // if the field is set and not empty
        //if(isset($_POST[$field]) && $_POST['field'] != '') 
        if(isset($_POST[$field]) && $_POST[$field] != '') 
			{
			// create a new condition while escaping the value inputed by the user (SQL Injection)
			//$conditions[] = "`$field` LIKE '%" . mysql_real_escape_string($_POST[$field]) . "%'";
			$conditions[] = "`$field` LIKE '%" . $_POST[$field] . "%'";
			}
		}

	// builds the query
	$query = "SELECT name, kdaccount FROM dw_names ";
		
	// if there are conditions defined
	if(count($conditions) > 0) 
		{
		// append the conditions
		$query .= "WHERE " . implode (' AND ', $conditions);
		}
	
	//$result = mysql_query($query);
	echo $query . '<br />';
	}
?>
<form action="" method="post">
<input type="text" name="kdaccount" value="kdaccount" /><br>
<input type="text" name="name" value="name" /><br>
<input type="text" name="phone" value="phone" /><br>
<input type="text" name="town" value="town" /><br>
<input type="text" name="state" value="state" /><br>
<input type="text" name="sic" value="sic" /><br>
<input type="text" name="referral" value="referral" /><br>
<input type="text" name="kstatus" value="kstatus" /><br>
<input type="text" name="nlrep" value="nlrep" /><br>
<input type="submit" name="submit" /><br>
</form>
</body>
</html>

Open in new window

0
 
LVL 1

Author Closing Comment

by:t3chguy
ID: 38758684
That did it!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
File submission to SQL Server 1 38
mysqli 3 19
Could you possibly point why this Codeigniter method is been called twice? 7 24
javascript date picker in php while loop 5 24
This article will explain how to display the first page of your Microsoft Word documents (e.g. .doc, .docx, etc...) as images in a web page programatically. I have scoured the web on a way to do this unsuccessfully. The goal is to produce something …
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now