2

I'm a bit of a beginner at sql but I believe this should work. I'm doing it step by step so this isn't the complete code yet but I've hit a problem. Basically what I'm trying to do is use the array created from the form:

<form action="search.php" method="post">
<input type="checkbox" name="features[]" value="Texture" >Textures<br />
<input type="checkbox" name="features[]" value="Items" >Items<br />
<input type="checkbox" name="features[]" value="GUI" >Gui<br />
</form

And create what will be end up being a query for my database. Here's the PHP code:

<?php

    $button = $_POST['submit'];
    $features = $_POST['features'];

    if ($button){

    //connect
    mysql_connect("server","username","password");
    mysql_select_db("rdm");

    foreach ($features){

    $x++;

    if ($x=1)
    $construct .= "feature LIKE '$features[$x]'";
    else
    $construct .= " OR feature LIKE '$features[$x]'";
    }

    $construct = "SELECT * FROM Textures WHERE '$construct';

    echo $construct;

    ?>

My understanding is this should echo out the variable $construct, which will contain the text "SELECT * FROM Textures WHERE feature LIKE ... and then the first value in the features array, followed by the other values.

Any help as to why this isn't working would be fantastic! As I say, I'm pretty new to this so sorry if this is a silly mistake.

Thanks in advance!

Improve this question
6
  • You forgot your closing double-quote on the line before your echo. Commented Feb 14, 2011 at 19:41
  • You have incorrect syntax on your foreach. Commented Feb 14, 2011 at 19:43
  • You have an unmatched brace from if ($button){ Commented Feb 14, 2011 at 19:46
  • 1
    As a side note, I guess you should escape your input values: xkcd.com/327 Commented Feb 14, 2011 at 19:50
  • You're assigning a value with if ($x=1) instead of comparing values. Commented Feb 14, 2011 at 19:59

3 Answers 3

Reset to default
3

Your query string will be generated wrong:

if ($x=1)

This isn't a comparison, it's setting x to 1, so your query will have no 'OR' conditions in it. A better method to do your query generation is:

$query_conditions = array()
foreach($_POST['features'] as $feature) {
     $query_conditions[] = "'" . mysql_real_escape_string($feature) . "'"
}
$where_in_clause = implode(',', $query_conditions);
$query = "SELECT * FROM Textures WHERE feature IN ($where_in_clause)";
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Try this:

// implode the features array into a string, adding quotes
$featuresString = "'".implode("','", $features)."'";
// build the query
$construct = "SELECT * FROM Textures WHERE feature IN (".$featuresString.")";
Improve this answer

Comments

0

You have a couple of syntax errors in there. Notably, the line with SQL does not close the double quote or use a semi-colon at the end of the line. There is also a missing bracket at the end of your if block.

This code will accomplish the task as stated:

$button = isset($_POST['submit']) ? true : false;
$features = isset($_POST['features']) ? $_POST['features'] : false;

if ($button && is_array($features)) {
        $construct = 'SELECT * FROM Textures WHERE feature IN  ("'.implode('","', $features ).'")';
    echo $construct;
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.