0

I have created a form which queries a MySQL database and displays results. Now I want to be able to filter my results. I have: 

<input type="checkbox" name="multi_cif[]" value="<?php echo $g1 ?>"><font size="1" face="Arial, Helvetica, sans-serif">

In the output which is displaying all results via foreach and the variable $g1 is a MySQL query value (address). I want to be able to click these check boxes next to the results so when the user clicks the button labeled "Filter" only the results checked are displayed.

So far my code is as follows:

<?PHP
if (isset($_POST['Submit2']))
{
$stmt = $dbh->prepare('SELECT * FROM CIF WHERE address LIKE ?');
$stmt->execute(array("%$_POST[multi_cif]%"));
//$stmt->execute(array(":term" => "%" . $_POST["multi_cif"] . "%"));
//$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
/*while ($results = $stmt->fetch())  //WILL UNCOMENT AND ADD OR LIKE AFTER SINGLE QUERY WORKING
{
    echo $results['address'];
    echo $results['alternativeid'];
}*/
print_r($_POST);
$results = $stmt->fetch();
echo $results['address'];
echo $results['alternativeid'];
}
?>

The commented out stuff is other things I have tried. I am very close to my results. The results of the following code ends in:

 [multi_cif] => Array ( [0] => test.13ann.com [1] => testfortestltd444557.com.tw ) ) coralarray.ruhttp://mirror3.malwaredomains.com/files/domains.txt

So clearly "Array" is being passed as a value instead of the desired address assigned to multi[]. Could someone please explain why this is and help me fix it? I am new to PDO as of yesterday but have chosen to use it and re-work my other statements to implement prepared statements instead of dynamically building them. Thanks in advance!

Edited: I took some of Brad's advice but kept the statement without the additional "OR address LIKE ?" as right now I am only clicking one checkbox but still getting "Array" instead of "test.13.ann.com" Once I figure out why "Array" vs. value I will add the additional OR --thanks Brad for pointing out!

Improve this question
4
  • verify that it is not in your database that way... this is likely a problem with the code that inserts the record Commented Jul 19, 2013 at 14:57
  • 3
    You're passing an array in to a single LIKE comparison? Shouldn't this be ... address LIKE ? OR address LIKE ? then ->execute($_POST['multi_cif'])? (and, of course, add the % to each value within $_POST['multi_cif']) Commented Jul 19, 2013 at 15:01
  • Actually, since the input name is multi[] and the php is checking for multi_cif, it's probably checking '%%' Commented Jul 19, 2013 at 15:07
  • @aynber That is just a typo, I pasted the wrong section of code. <div align="left"><h2><input type="checkbox" name="multi_cif[]" value="<?php echo $g1 ?>"><font size="1" face="Arial, Helvetica, sans-serif"> is the correct with "multi_cif". I have 3 tables total that are queried and once I figure this out I plan to do this for the other two. Commented Jul 19, 2013 at 15:26

2 Answers 2

Reset to default
1

Try accessing the first array value, rather than the outer array -

$stmt->execute(array("%{$_POST['multi_cif'][0]}%"));

to do it dynamically you could try 

// create n number of placeholders based off number of $_POST['multi_cif']
$place_holders = implode(' OR', array_fill(0, count($_POST['multi_cif']), ' address LIKE ?'));

// create n number of values based off number of $_POST['multi_cif']
$values = '"%'. implode('%","%', $_POST['multi_cif']).'%"';
// explode the values into an array
$values = explode(',',$values);

$stmt = $dbh->prepare("SELECT * FROM CIF WHERE $place_holders");
$stmt->execute(array($values));
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Thank you very much this worked. I created it dynamically but using: $cif_num = count($multi_cif); while ($x < $cif_num) { $stmt = $dbh->prepare('SELECT * FROM CIF WHERE address= ?'); $stmt->execute(array("%$multi_cif[$x]%")); while ($results = $stmt->fetch()) { echo $results['address']; echo $results['alternativeid']; } $x++; }
I am now changing to change the like to an = but for some reason having issues with the results. In MySQL commandline my query SELECT * FROM CIF WHERE address = 'albface.com' works but not in PDO. This is just a side task to help me learn PDO. Anyone have any ideas why = won't work?
$stmt = $dbh->prepare('SELECT * FROM CIF WHERE address = ?'); $stmt->execute(array($multi_cif[$x])) should work. (remove the "%/%" in your current code)
ahhh right you are, again! I forgot to remove "%/%"...it's been a long week of coding. Thanks a bunch!
0

You were nearly there. You didn't concatenate your parameter correctly.

Try

<?php
if (isset($_POST['Submit2']))
{
   $term = "%" . $_POST["multi_cif"] . "%";
   $stmt = $dbh->prepare('SELECT * FROM CIF WHERE address LIKE ?');
   $stmt->execute(array($term));
   $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
   while ($rows = $stmt->fetch())  
   {
       echo $results['address'];
       echo $results['alternativeid'];
   }
}
?>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.