I am currently writing a search form in PHP for an SQL query. The user can enter information in any field (aslong as one has information in). Once the form is submitted the mySQL table is searched based on the criteria that they submitted.
The problem I am having is that each IF statement is running not just the one that matches exactly, e.g.
if I complete all 3 criteria I get a search for the first criteria, then the second and first and then again for the first second and third.
Any help is appreciated. (This is only for internal use so I know about the SQL security etc but it not important at this point).
<?php
require 'connectdb.php';
// if there is ONLY a value in the Floor Field
if (!empty($_POST['Floor']))
{
$result = mysqli_query($con, "SELECT * FROM issuelog WHERE floor='$_POST[Floor]'");
}
while($row = mysqli_fetch_array($result))
{
include("searchoutputform.php");
}
// if there is ONLY a value in the Floor Field
if (!empty($_POST['Floor']))
{
$result = mysqli_query($con, "SELECT * FROM issuelog WHERE floor='$_POST[Floor]'");
}
while($row = mysqli_fetch_array($result))
{
include("searchoutputform.php");
}
// if there is ONLY a value in the flat number Field
if (!empty($_POST['flatno']))
{
$result = mysqli_query($con, "SELECT * FROM issuelog WHERE flatnumber='$_POST[flatno]'");
}
while($row = mysqli_fetch_array($result))
{
include("searchoutputform.php");
}
// if there is a value in the floor and flatno field then do this:
if (!empty($_POST['Floor']) && (!empty($_POST['flatno'])))
{
$result = mysqli_query($con, "SELECT * FROM issuelog WHERE floor='$_POST[Floor]' AND flatnumber='$_POST[flatno]'");
}
while($row = mysqli_fetch_array($result))
{
include("searchoutputform.php");
}
// second if - if there is something in the floor, flatno and status field then do this:
if (!empty($_POST['Floor']) && (!empty($_POST['flatno']) && (!empty($_POST['status']))))
{
$result = mysqli_query($con, "SELECT * FROM issuelog WHERE floor='$_POST[Floor]' AND flatnumber='$_POST[flatno]' AND status='$_POST[status]'");
}
while($row = mysqli_fetch_array($result))
{
include("searchoutputform.php");
}
// if there is a value in the floor and status field then do this:
if (!empty($_POST['Floor']) && (!empty($_POST['status'])))
{
$result = mysqli_query($con, "SELECT * FROM issuelog WHERE floor='$_POST[Floor]' AND status='$_POST[status]'");
}
while($row = mysqli_fetch_array($result))
{
include("searchoutputform.php");
}
// CLOSE CONNECTION TO DATABASE
mysqli_close($con);
?>
What I think you mean by this is that if you enter a value for 'Floor' and 'flatno' and 'status' then you are getting back results for all queries. This is because the other two if statements (than the one you want) specify only that the two fields in question need filling, but not that the third must be empty. So all if conditions are met. You need to specify in each that for that condition to run, the others should be empty.
For example, make your first condition this:
if ((!empty($_POST['Floor']))&&(empty($_POST['flatno']))&&(empty($_POST['status']))){
And repeat this for all conditions. If I haven't explained this well enough let me know and I'll clarify why
Try this It will help you and why writing the same while condition these many times just add once in the last:
<?php
require 'connectdb.php';
// second if - if there is something in the floor, flatno and status field then do this:
if (!empty($_POST['Floor']) && (!empty($_POST['flatno']) && (!empty($_POST['status']))))
{
$result = mysqli_query($con,"SELECT * FROM issuelog WHERE floor='$_POST[Floor]' AND flatnumber='$_POST[flatno]' AND status='$_POST[status]'");
}
// if there is a value in the floor and flatno field then do this:
if (!empty($_POST['Floor']) && (!empty($_POST['flatno'])))
{
$result = mysqli_query($con,"SELECT * FROM issuelog WHERE floor='$_POST[Floor]' AND flatnumber='$_POST[flatno]'");
}
// if there is a value in the floor and status field then do this:
if (!empty($_POST['Floor']) && (!empty($_POST['status'])))
{
$result = mysqli_query($con,"SELECT * FROM issuelog WHERE floor='$_POST[Floor]' AND status='$_POST[status]'");
}
// if there is ONLY a value in the Floor Field
if (!empty($_POST['Floor']))
{
$result = mysqli_query($con,"SELECT * FROM issuelog WHERE floor='$_POST[Floor]'");
}
// if there is ONLY a value in the flat number Field
if (!empty($_POST['flatno']))
{
$result = mysqli_query($con,"SELECT * FROM issuelog WHERE flatnumber='$_POST[flatno]'");
}
// if there is ONLY a value in the flat number Field
if (!empty($_POST['status']))
{
$result = mysqli_query($con,"SELECT * FROM issuelog WHERE flatnumber='$_POST[status]'");
}
while($row = mysqli_fetch_array($result))
{
include( "searchoutputform.php" );
}
// CLOSE CONNECTION TO DATABASE
mysqli_close($con);
?>
Related
/* To sort the id and limit the post by 40 */
$sql = "SELECT * FROM requests";
$result = $conn->query($sql);
$sqlall= "SELECT * FROM requests ";
$resultall = $conn->query($sqlall);
$i = 0;
if ($result->num_rows > 0) {
// Output data of each row
$idarray= array();
while($row = $result->fetch_assoc()) {
echo "<br>";
// Create an array to store the
// id of the blogs
array_push($idarray,$row['id']);
}
}
else {
echo "0 results";
}
?>
<?php
for($x = 1; $x < 40; $x++) {
// This is the loop to display all the stored blog posts
if(isset($x)) {
$query = mysqli_query(
$conn,"SELECT * FROM `requests`");
$res = mysqli_fetch_array($query);
$email1 = $res['email1'];
$msg1= $res['msg1'];
$subject1 = $res['subject1'];
$name1 = $res['name1'];
$id = $res['id'];
the output is 40 cards reading data from the first row in my database. can anyone help?
I'm using xampp.
This code is to show the loop, but if anyone wants the full code is here
You are storing all the IDs in the array $idarray, but then you don't really use them properly. You loop over them, but you just run SELECT * FROM requests` 40 more times, and always extract the same first row. You never use the ID to change the query.
But it really makes no sense to run lots of separate queries anyway. If you just want the first 40 rows then use MySQL's LIMIT keyword. It usually works best when combined with ORDER BY as well. Something like this:
$sql = "SELECT * FROM requests ORDER BY id LIMIT 40";
$result = $conn->query($sql);
while ($res = $result->fetch_assoc()) {
$email1 = $res['email1'];
$msg1 = $res['msg1'];
$subject1 = $res['subject1'];
$name1 = $res['name1'];
$id = $res['id'];
//example output, just for demo:
echo $email1." ".$msg1." ".$subject1." ".$name1." ".$id;
}
Documentation: https://dev.mysql.com/doc/refman/8.0/en/limit-optimization.html
I'm trying to select items for my different category table but its shows only the i use with If() and I'm trying to use elseif
if($get_idy='Cars'){
$sel = mysqli_query($con,"SELECT * FROM item WHERE category='Cars' ");
}elseif($get_idy='Trucks'){
$sel = mysqli_query($con,"SELECT * FROM item WHERE category='Trucks' ");
}
while($row= mysqli_fetch_array($sel))
{
Can someone help?
You have put wrong if condition in your code.Single "=" assign the value in variable and double "==" check variable value is same or not. It should be like below.
if($get_idy=='Cars'){
$sel = mysqli_query($con,"SELECT * FROM item WHERE category='Cars' ");
} elseif($get_idy=='Trucks'){
$sel = mysqli_query($con,"SELECT * FROM item WHERE category='Trucks' ");
} else{
echo "The category is empty";
}
while($row= mysqli_fetch_array($sel))
{
}
You could have done like this instead checking condition for every category,
$sel = mysqli_query($con,"SELECT * FROM item WHERE category='".$get_idy."'");
while($row= mysqli_fetch_array($sel)) {
//Your code here.
}
Please start using PDO as your sql is vulnerable to SQL Injections
Update: posted this update based on your comment
if(isset($get_idy)) {
$sel = mysqli_query($con,"SELECT * FROM item WHERE category='".$get_idy."'");
while($row= mysqli_fetch_array($sel)) {
//Your code here.
}
} else {
echo "The category is empty";
}
code:
<?php
if($affiliated == '')
{
echo $affiliated;
}
else
{
$sql = "select * from all_university where university_id = '$affiliated'";
$result = mysqli_query($link,$sql);
while ($row = mysqli_fetch_array($result))
{
$short_name = $row['short_name'];
}
}
?>
In my database table having field name affiliated and it having two different value in different row one row having 'integer' value and another having 'text' value. I want to display different value i.e. if $affiliated having integer value it print integer else print text. So, how can I fix this problem ?
Thank You
First you need to check $affiliated is numeric or not and check my comment at every line
//check for integer
if (is_numeric($affiliated)) {
//condition for integer
// any number multiply by 1 equal to that number
$where = " WHERE concat('',university_id * 1) = university_id";
} else {
//condition for text
$where = " WHERE concat('',university_id * 1) != university_id";// here use not equal to condition
}
$sql = "select * from all_university" . $where;// pass $where accouding to avove condition
$result = mysqli_query($link, $sql);
while ($row = mysqli_fetch_array($result)) {
$short_name = $row['short_name'];
}
How can I make in PHP, that from my SQL baze are written all data, if value parent is not 0 from the same table, it find value from the line, which is the same idas parent.
I check this but I want data from one table.
Similar as below written, but in one query:
$query = "SELECT * FROM posts ORDER BY date DESC;";
$result = $mysqli->query($query);
while($rez = $result->fetch_assoc()) {
$query="SELECT * FROM ".$dbPrefix."posts WHERE
id=".$rez['parent']."";
$parents = $mysqli->query($query);
while($parent = $parents->fetch_assoc()) {
$parentName=$parent['name'];
}
}
I'm trying to use a php variable as a search term when querying a mysql database, first I get the variables from the HTML form:
<?php
//Create variables
$vals = array($_POST["id_number"], $_POST["id_name"], $_POST["id_submitname"]);
$keys = array('idno_1', 'name_2', 'subname_3');
//combine keys to arrays
$var = array_combine($keys, $vals);
//santise variables
$variables = filter_var_array($var, FILTER_SANITIZE_STRING);
$idno = $variables['idno_1'];
$name = $variables['name_2'];
$subname = $variables['subname_3'];
After connecting to the database I run the query:
//Select entry from table and display
if (!$idno == '')
{
$sql = "SELECT * FROM `healthsafety` WHERE ID = '$idno'";
$result = mysqli_query($connection, $sql);
}
elseif (!$name == '')
{
$result = mysqli_query($connection, "SELECT * FROM `healthsafety` WHERE LOWER (nameinvolved) = LOWER ('$name')");
}
else
{
$result = mysqli_query($connection, "SELECT * FROM `healthsafety` WHERE LOWER (submitbyname) = LOWER ('$subname')");
}
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
It is not returning anything from the db, when I select * FROM without trying to use the variable as a search it displays all entries ok, am I making an error when passing the variable to the query? I've tried different combinations of quotes, back ticks and using other variables for the query. Any help would be greatly appreciated!
LOWER is a function and the arguments needs to be wrapped in parentheses.
Your query should look like:
$result = mysqli_query($connection, "SELECT * FROM `healthsafety`
WHERE LOWER(nameinvolved) = LOWER('$name')");
For easier debugging, I'd first print out the query:
$query = "SELECT * FROM `healthsafety`
WHERE LOWER(nameinvolved) = LOWER('$name')";
echo $result;
... and then run it manually using the MySQL Interactive shell or using web interfaces like phpMyAdmin. That could help you isolate the issue further and then figure out what's wrong.
First you needed to be sure that all data are correct. then Try this:
if (isset($idno) && !$idno == '')
{
$sql = "SELECT * FROM `healthsafety` WHERE ID = $idno";
$result = mysqli_query($connection, $sql);
}
else if (isset($name) && !$name == '')
{
$result = mysqli_query($connection, "SELECT * FROM `healthsafety` WHERE LOWER (nameinvolved) = LOWER ('$name')");
}
else
{
$result = mysqli_query($connection, "SELECT * FROM `healthsafety` WHERE LOWER (submitbyname) = LOWER ('$subname')");
}
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);