$slider = tep_db_query("select slider_config_value, slider_config_id from " . TABLE_SLIDER_CONFIG . " ");
while ($theslider = tep_db_fetch_array($slider)) {
$autoStart = $theslider['slider_config_value'];
}
What I'm trying to do is select the slider_config_value for certain slider_config_id with code as short as possible. Because I know I could use 'where slider_config_id = ...' but I'd have to have a query for each of em.
What I need is someting like
$autoStart = $theslider['slider_config_value', '1'];
$loop = $theslider['slider_config_value', '22'];
$margin = $theslider['slider_config_value', '4'];
etc.
I have been trying to find a solution, but haven't dealt with this before.
$slider = tep_db_query("select slider_config_value, slider_config_id from " . TABLE_SLIDER_CONFIG . " ");
$slider_configs = array();
while ($theslider = tep_db_fetch_array($slider)) {
$slider_configs[$theslider['slider_config_id']] = $theslider['slider_config_value'];
}
$autoStart = $slider_configs[1];
$loop = $slider_configs[22];
$margin = $slider_configs[4];
Related
I have an website there are 5 categories, i only want to show the 1-4 category only in the new posts..how can I edit the code to do this job? thanks
Here is my code, and I do that in my sql by using following code:
SELECT * FROM `ff_se` WHERE Wid in ('1','2','3','4')"
but i dont know how to do that in php code. following is my part of php code:
$this->TableSe = 'ff_se';
$this->TableSeWord = 'ff_se_word';
$this->TableSeSupport = 'ff_se_support';
$this->TableSePost = 'ff_se_post';
$this->TableSePostTableId = 'ff_se_post_tableid';
public function GetAjaxList($Get){
$Results = array();
$Get = $this->StrToGBK($Get);
$Page = $Get['page'] ? intval($Get['page']):0;
$Where = '';
$Order = 'S.updateline';
if($Get['type'] == 'New'){
$Order = 'S.dateline';
}else if($Get['type'] == 'Hot'){
$Order = 'S.updateline';
if($this->Config['PluginVar']['ListHotVal']){
$Where .= ' and (S.support_count >= '.$this->Config['PluginVar']['ListHotVal'].' OR S.comment_count >= '.$this->Config['PluginVar']['ListHotVal'].')';
}
if($this->Config['PluginVar']['ListHotDataline']){
$Where .= ' and S.dateline >= '.strtotime("-".$this->Config['PluginVar']['ListHotDataline']." hours",time());
}
}else if($Get['type'] == 'Nearby'){//
$Order = 'S.updateline';
if($Get['lng'] && $Get['lat']){
$SquarePoint = $this->GetReturnSquarePoint($Get['lng'],$Get['lat'],$this->Config['PluginVar']['Distance']);
$Where .= ' and S.lat <> 0 and S.lat > '.$SquarePoint['right-bottom']['lat'].' and S.lat < '.$SquarePoint['left-top']['lat'].' and S.lng > '.$SquarePoint['left-top']['lng'].' and S.lng < '.$SquarePoint['right-bottom']['lng'];
}else{
return $Results;
}
}
if($_GET['wid']){
$Where .= ' and S.wid = '.intval($_GET['wid']);
}
$Where .= ' and S.display = 1 and S.fast_add_display = 1';
$Where = preg_replace('/and/','where',$Where,1);
$this->Config['PluginVar']['ListNum'] = $this->Config['PluginVar']['ListNum'] ? $this->Config['PluginVar']['ListNum'] : 10;
$Limit = 'LIMIT '.($Page * $this->Config['PluginVar']['ListNum']).','.$this->Config['PluginVar']['ListNum'];
$FetchSql = 'SELECT W.title as Ttitle,S.* FROM '.DB::table($this->Tablese).' S LEFT JOIN '.DB::table($this->TableSeWord).' W on W.id = S.wid '.$Where .' order by topdateline > '.time().' desc,'.$Order.' desc,S.dateline desc '.$Limit;
$Results = $this->ListFormat(DB::fetch_all($FetchSql));
return $Results;
}
I think you should try and understand the code first before you modify it ... but anyway:
You would only need to append the condition to the where clause generated in the PHP code.
You could do that by adding THE LINE MARKED "THIS LINE IS NEW" after this line:
$Where = '';
And this is the relevant part of the code:
$Where = '';
$Order = 'S.updateline';
if($Get['type'] == 'New'){
$Where .= ' and S.wid in (1,2,3,4)'; //THIS LINE IS NEW
$Order = 'S.dateline';
}else .......
As you can see any redundant initial "and"s are replaced with "where" here:
$Where = preg_replace('/and/','where',$Where,1);
so this should work - assuming that $Get['type'] == 'New' means that this is a new post which I can only guess.
I'm having an issue preparing a SQL statement:
$statement = $conexion->prepare(
'SELECT * FROM celulares
WHERE (MARCA = :marca )
AND
(CATEGORIA = :categoria1 OR CATEGORIA = :categoria2 OR CATEGORIA = :categoria3)
AND
(CATEGORIA2 = :categoria1 OR CATEGORIA2 = :categoria2 OR CATEGORIA2= :categoria3)
AND
(CATEGORIA3 = :categoria1 OR CATEGORIA3 = :categoria2 OR CATEGORIA3 = :categoria3)');
Giving placeholders values with this:
$statement->execute(array(':categoria1' => $categoria1,
':categoria2' => $categoria2,
':categoria3' => $categoria3,
':marca' => $query
));
$query value may variate when my application begins depending on some results:
if ($entrada == "LG") {
if ($query == "") {
$query = "LG";
} else {
$query = $query . ' OR MARCA = "LG" ';
}
}
if ($entrada == "APPLE") {
if ($query == "") {
$query = "APPLE";
} else {
$query = $query . ' OR MARCA = "APPLE" ';
}
}
if ($entrada == "HUAWEI") {
if ($query == "") {
$query = "HUAWEI";
} else {
$query = $query . ' OR MARCA = "HUAWEI" ';
}
}
I tried a lot of things, but none of those worked out it returns an empty array, the only one who works was changing this line of my prepared statement:
WHERE (MARCA = :marca OR MARCA = :marca2 OR MARCA = :marca3 )
And as many "MARCA" as results, i think it's not the best way to do it
UPDATED:
Now trying with IN Statement in my Query (Thanks you all for helping me)
Now it looks like:
$marcas = array("LG", "HUAWEI"); (Static values for test)
$inQuery = implode(',', array_fill(0, count($marcas), '?'));
$statement = $conexion->prepare(
'SELECT * FROM celulares
WHERE (MARCA = IN (' . $inQuery . '))
AND
(CATEGORIA = :categoria1 OR CATEGORIA = :categoria2 OR CATEGORIA = :categoria3)
AND
(CATEGORIA2 = :categoria1 OR CATEGORIA2 = :categoria2 OR CATEGORIA2= :categoria3)
AND
(CATEGORIA3 = :categoria1 OR CATEGORIA3 = :categoria2 OR CATEGORIA3 = :categoria3)');
foreach ($marcas as $k => $marca) {
$statement->bindValue(($k+1), $marca);
}
$statement->bindValue(':categoria1', $categoria1);
$statement->bindValue(':categoria2', $categoria2);
$statement->bindValue(':categoria3', $categoria3);
$statement->execute();
Getting: Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: mixed named and positional parameters
Trying to fix it
You can simplify your query:
SELECT * FROM celulares
WHERE (MARCA = :marca )
AND (:categoria1,:categoria2,:categoria3)
IN (
(CATEGORIA,CATEGORIA2,CATEGORIA3),
(CATEGORIA,CATEGORIA3,CATEGORIA2),
(CATEGORIA2,CATEGORIA,CATEGORIA3),
(CATEGORIA2,CATEGORIA3,CATEGORIA),
(CATEGORIA3,CATEGORIA,CATEGORIA2),
(CATEGORIA3,CATEGORIA2,CATEGORIA)
)
This way you only pass in the categories once, and compare it against the six possible permutations of three categories.
That being said, this is a sign that your database is in very poor shape. Generally speaking having any kind of "column2", "column3" system is a sign that you need to restructure your database - the kind of queries you end up with, like the above, are only going to get worse.
Specifically, in this case, just adding CATEGORIEA4 would increase the amount of permutations you need to define from 6 to 24!!
EDIT: I completely missed the part about :marca and IN - I was too focussed on the bad state of the database with regard to categories, sorry!
Well, i fix it, probably it's not the best way to solve it but i have this now:
I fill array with entries from POST
$query = array();
$index = 0;
foreach ($_POST as $entrada) {
switch($entrada) {
case "SAMSUNG":
$query[] = "SAMSUNG";
break;
case "LG":
$query[] = "LG";
break;
case "APPLE":
$query[] = "APPLE";
break;
case "HUAWEI":
$query[] = "HUAWEI";
break;
}
}
$inQuery = str_repeat('?,', count($query) - 1) . '?';
Here's my new query: Problem was that i was mixing "?" with placeholders (:) which not is recommended
$statement = $conexion->prepare(
"SELECT * FROM celulares
WHERE ( MARCA IN($inQuery))
AND
(CATEGORIA = ? OR CATEGORIA = ? OR CATEGORIA = ?)
AND
(CATEGORIA2 = ? OR CATEGORIA2 = ? OR CATEGORIA2= ?)
AND
(CATEGORIA3 = ? OR CATEGORIA3 = ? OR CATEGORIA3 = ?)");
Then i bindValues like that
$c = 0;
foreach ($query as $q => $queries) {
$c++;
$statement->bindValue(($q+1), $queries);
}
$statement->bindValue($c+1, $categoria1);
$statement->bindValue($c+2, $categoria2);
$statement->bindValue($c+3, $categoria3);
$statement->bindValue($c+4, $categoria1);
$statement->bindValue($c+5, $categoria2);
$statement->bindValue($c+6, $categoria3);
$statement->bindValue($c+7, $categoria1);
$statement->bindValue($c+8, $categoria2);
$statement->bindValue($c+9, $categoria3);
$statement->execute();
$resultados = $statement->fetchAll();
I did many test with a lot of querys and it's working fine, probably it's a "dirty" solution but i'll continue learning
Thanks u all for helping me!
I have some problem with getting results from VFP database results... The time which is taking by my php script is veeeery long - about 30 minutes, but it should be much shorter...
So there is the code which is responsible for taking database results:
$connect = odbc_connect("RIS", "", "", SQL_CUR_USE_DRIVER) or die("Error in connection ". odbc_errormsg($connect));
$array = array();
$info = array();
$from = $_GET['from'];
$to = $_GET['to'];
$rez_nap = odbc_exec($connect, "
select
pacientid as pac_pk,
datanapr,
ocered,
rtgapparat,
doctor as doc_naprav,
pk_na,
data_opis,
arst_opis as id_arst_opis
from
napravlenie
where
not arst_opis == '0000' and
not arst_opis == '' and
datanapr between {^".$from."} and {^".$to."}
") or die(odbc_errormsg());
while($row_nap = odbc_fetch_array($rez_nap))
{
echo "<pre>";
var_dump($row_nap);
$rez_opis = odbc_exec($connect, "
select
opis as opisanie,
doctor as doc_opis
from
opisanie_rtg
where
pacientid = '".$row_nap["pac_pk"]."' and
data = '".$row_nap["data_opis"]."' and
ocered = '".$row_nap["ocered"]."'
") or die(odbc_errormsg());
while($row_desc = odbc_fetch_array($rez_opis))
{
$op = explode('##$', $row_desc['opis']);
$opisanie = iconv( "cp1257", "utf-8", trim( addslashes($op[1]) ) );
$t_nr_i = substr($op[0], 12);
$ttt = explode("[", $t_nr_i);
if ( strlen($ttt[0]) > 12 )
{
$tt_nr_is = explode("-", $ttt[0]);
$t_nr_is_t = substr($tt_nr_is[0], 0, 8);
$t_nr_is_t_2 = substr($tt_nr_is[0], 8, 5);
$row_desc["nr_is"] = $t_nr_is_t."-".$t_nr_is_t_2;
}
else
{
$t_nr_is_t = substr($ttt[0], 0, 8);
$t_nr_is_t_2 = substr($ttt[0], 8, 5);
$row_desc["nr_is"] = $t_nr_is_t."-".$t_nr_is_t_2;
}
$row_desc['opis'] = $opisanie;
/////////////////////////////////////////////////////////////////////////////////////////////////////
$rez_apparat = odbc_exec($connect, "
select
kod,
gruppa,
imy,
prefiks
from
apparatura
where
kod = '".$row_nap["rtgapparat"]."'
") or die("Error in apparatura.dbf - ". odbc_errormsg($connect));
while($row_apparat = odbc_fetch_array($rez_apparat))
{
$rez_app_gruppa = odbc_exec($connect, "
select
gruppa,
prefiks,
apparati
from
apparat_gruppa
where
gruppa = '".$row_apparat["gruppa"]."'
") or die(error_logs("Error in apparat_gruppa.dbf - ".odbc_errormsg($connect)));
while($row_app_gruppa = odbc_fetch_array($rez_app_gruppa))
{
$rez_personal = odbc_exec($connect, "
select
s_name as doc_opis_name,
f_name as doc_opis_surname
from
personal
where
number = '".$row_nap["id_doc_opis"]."'
") or die(error_logs("Error in personal.dbf - ".odbc_errormsg($connect)));
while($row_personal = odbc_fetch_array($rez_personal))
{
$row_personal["doc_opis_name"] = iconv("cp1257", "utf-8", trim($row_personal["doc_opis_name"]));
$row_personal["doc_opis_surname"] = iconv("cp1257", "utf-8", trim($row_personal["doc_opis_surname"]));
$row_personal["filial"] = "r15";
$info[] = array_merge($row_nap, $row_desc, $row_apparat, $row_app_gruppa, $row_personal);
}
}
}
}
}
echo json_encode($info);
odbc_close($connect);
the database has about ~80-90k rows with data, and I'm using odbc driver to connect to VFP database, also the database is on the remote server... Any advices what I'm doing wrong? Because I can't figure what I'm doing wrong... Thanks for any advice and help!
P.S Also I need to convert that response into JSON and then save it to MySQL database...
EDIT 1
I have the second indexes:
pacientid, data_opis, ocered into the pacient table, opisanie and napravlenie
I'm running a comparison of some data using PHP to access MySQL tables. The script takes well over an hour to run. We're dealing with about 100k rows in the source data and 300k in each of the target tables, i.e. two tables.
There's no more than 10 columns total in each table.
Here is the script:
$query = "SELECT bbva_check_deductions.empno, bbva_check_deductions.idr, bbva_check_deductions.current1, bbva_job.paygroup
FROM bbva_check_deductions
LEFT JOIN bbva_job
ON bbva_check_deductions.empno = bbva_job.file_nbr
ORDER BY current1 DESC, EmpNo DESC, IDR DESC";
$result_set = mysql_query($query,$connection);
while ($result = mysql_fetch_assoc($result_set)) {
$emplid = compare_filter($result['empno']);
$oldCode = compare_filter($result['idr']);
$origCode = $oldCode;
$payGroup = compare_filter($result['paygroup']);
$codes = array('DC6', 'HTH', 'DM4', '4UP', 'DC1', 'DC3', 'DC4', 'DEN', 'DCR', 'MDR', 'PRK', 'VIS', '41K');
//CALCULATE WEEK NO
if ($payGroup == "J2C") {$week = 24;}
elseif ($payGroup == "J2E") {$week = 26;}
else {$week = 22;}
//QUERY TRANSLATION TABLE FOR TRANSLATED VALUE
$translate_query = "SELECT * FROM translation WHERE sourceValue = '{$oldCode}'
AND sourceField LIKE '%ded_code%' LIMIT 1";
$translate_result_set = mysql_query($translate_query, $connection);
if (mysql_num_rows($translate_result_set) > 0) {
$translate_result = mysql_fetch_assoc($translate_result_set);
$oldCode = compare_filter($translate_result['translatedValue']);
}
//DETERMINE IF MEMO
if ($oldCode == "GTL" || $oldCode == "BLI" || $oldCode == "BLT" || $oldCode == "HIC" || $oldCode == "DM4") {
$queryField = "memo_code"; $queryTable = "pf_check_memo";
} else {
$queryField = "deduction_code"; $queryTable = "pf_check_deductions";
}
$compare_query = "SELECT {$queryField}, amount_field_for_payroll
FROM {$queryTable}
WHERE empl_id = {$emplid}
AND {$queryField} LIKE '%{$oldCode}%'
AND week_number = {$week}
LIMIT 1";
$compare_result_set = mysql_query($compare_query, $connection);
if (mysql_num_rows($compare_result_set) != 0) {
$compare_result = mysql_fetch_assoc($compare_result_set);
//PREP COMPARE FIELDS
$amount = compare_filter($result['current1']);
$compare_amount = compare_filter($compare_result['amount_field_for_payroll']);
$negCodes = array('DC6', 'HTH', 'DM4', '4UP', 'DC1', 'DC3', 'DC4', 'DEN', 'DCR', 'MDR', 'PRK', 'VIS', '41K');
if (in_array($oldCode,$negCodes)) {$compare_amount = $compare_amount * -1;}
//AMOUNT COMPARE
direct_compare_basic($amount,$compare_amount,"amount","bbva_check_deductions","Y",$origCode,$oldCode);
} else {$content .= $emplid . $separator . "" . $separator . "Emplid + Deduction Code + Pay Group" . $separator . 'bbva_check_deductions' .
$separator . field_prep($emplid . " - " . $oldCode . " - " . $payGroup) . $separator . "No Record Found in PF for week {$week}" . $separator . "Y" . $separator . "Y" .
$separator . $origCode . $separator . $oldCode . $break;}
Then it just writes to a .CSV file.
My functions do not call any additional queries, just formatting stuff. I'm running InnoDB tables and have indexes for all columns being used. My PC is running WAMP, it's got 16G of RAM and a quad core processor. The HDD is 7200 RPM.
Seems like it is taking far too long to me. Any ideas?
I currently have a php page that grabs information from a database and produces HTML with data attributes that are filled in by from the MySQL query. The database is going to be used to search, with many different options for searches.
What I need help with is knowing a way so to organize how the many variables are handled. It's a really big mess of code, and even with all the comments I put it gives me a headache trying to figure out how to add another variable to the search.
All the variables, except for the LIMIT to which row and how many results, are optional. So if someone leaves everything except that blank, I still want it to function as well as if they meticulously filled in all the fields.
Here's what I have, with 6 variables.
<?php
$product_size = "(".$_GET['size']." BETWEEN productsizeDOWN AND productsizeUP)"; // This code sets the variable to input into the MySQL string based on the URL
$product_size_check = $_GET['size']; // the _checks check are used to see if the value is or isn't empty using if statements below
$manufacturer = $_GET['manufacturer'];
$product_manufacterer_check = $_GET['manufacturer']; // _check
$product_invisible = "(hideproduct = '".$_GET['invisible']."')"; // Checks if product is hidden
$product_invisible_check = $_GET['invisible']; // _check
$product_instock_check = $_GET['instock']; // _check
$product_limit0 = $_GET['startat']; // This is the first number after LIMIT; the row to start in.
$product_limit1 = $_GET['results']; // This is how many results to load.
$manufacturer_array = explode(",", $manufacturer); // The manufacturer comes in as "Nike,Addidas,Rebok" and is turned into an array
$manufacturer_imploded = implode("' OR productmanufacturer = '", $manufacturer_array); // Puts it back together with "OR productmanufacturer =" between each name.
$product_manufacterer = ("(productmanufacturer = '".$manufacturer_imploded."')"); // formats it so it can be directly inserted into MySQL string with a WHERE in front.
if($product_invisible_check == ""){
$product_invisible = "";
}else{$where = "WHERE ";}; //Useless code that I havn't deleted that I tried to use when I searched the entire database
if($product_size_check == ""){
$product_size = "";
}else{$where = "WHERE ";};
if($product_manufacterer_check == ""){
$product_manufacterer = "";
}else{$where = "WHERE ";};
if($product_instock_check == "N"){
$product_instock = "(stockstatus <= '0' AND donotallowbackorders = 'Y') AND "; // Checks if product is in stock (Allowing backordering OR stock >1)
$where = "WHERE ";
}
elseif($product_instock_check == "Y") {
$product_instock = "(stockstatus > '0' OR donotallowbackorders = 'N') AND ";
$where = "WHERE ";
}
else {
$product_instock = "";
};
$sql="Select * FROM ioa7pd_Products WHERE ".$product_instock.$product_size."AND".$product_manufacterer_and.$product_manufacterer."".$product_invisible." LIMIT ".$product_limit0.", ".$product_limit1; // The end result of it all.
echo $sql;
?>
When the URL is
test.php?size=5&manufacturer=Nike,Addidas,Rebok&invisible=N&instock=Y&startat=0&results=30
the resulting SQL query is
Select * FROM ioa7pd_Products WHERE (stockstatus > '0' OR donotallowbackorders = 'N') AND (5 BETWEEN productsizeDOWN AND productsizeUP)AND(productmanufacturer = 'Nike' OR productmanufacturer = 'Addidas' OR productmanufacturer = 'Rebok')(hideproduct = 'N') LIMIT 0, 30
But I plan to add more options to the search.
My main question is simply: What way can I organize this to make it simple to add more variables? Tiered if statements?
Travesty has been helping me with my code and has really been great in organizing it.
Here is the current code. It needs to be secure to prevent injection.
// Database connection
$con = mysql_connect("[CENSORED]","[CENSORED]","[CENSORED]")
or die("Could not connect: " . mysql_error());
mysql_select_db("[CENSORED]") or die('Could not select database');
// Begin organization of URL variables into MYSQL Query
$get_size = $_GET['size'];
$get_manufacturer = $_GET['manufacturer'];
$get_invisible = $_GET['invisible'];
$get_instock = $_GET['instock'];
$get_sex = $_GET['sex'];
$get_startat = $_GET['startat'];
$get_results = $_GET['results'];
if ($get_size != ""){
$all_selectors[] = "(".$get_size." BETWEEN productsizeDOWN AND productsizeUP)"; // Add to array if size is not blank.
};
if ($get_manufacturer != ""){
$manufacturer_exploded = explode(",", $get_manufacturer);
$manufacturer_imploded = implode("' OR productmanufacturer = '", $manufacturer_exploded);
$all_selectors[] = ("(productmanufacturer = '".$manufacturer_imploded."')");
};
if ($get_invisible != ""){
$all_selectors[] = "(hideproduct = '".$get_invisible."')";
};
if($get_instock == "N" or $get_instock == "n"){
$all_selectors[] = "(stockstatus <= '0' AND donotallowbackorders = 'Y')";
}elseif($get_instock == "Y" or $get_instock == "y") {
$all_selectors[] = "(stockstatus > '0' OR donotallowbackorders = 'N')";
};
if ($get_startat != "" or $get_results != ""){
$number_results = "LIMIT ".$get_startat.", ".$get_results;
} else {
$number_results = "LIMIT 0, 15";
};
// All variables are now in an array, except "startat" and "results"
$all_selectors0 = "WHERE ".implode(" AND ", $all_selectors);
// Create SQL query
$sql="Select * FROM sadsads_Products ".$all_selectors0." ".$number_results;
I would do something more like this. It's not tested and probably not 100% complete...you may need to do some further customization, particularly with adding more special cases to the switch statement, but this will make adding more variables much easier:
REMOVED OLD EXAMPLE, SEE UPDATED EXAMPLE BELOW
One key thing to note is that you aren't sanitizing your database inputs. Your code is vulnerable to SQL injection. My example above helps to solve that, but this code isn't fully tested, so you should ensure that all user input is sanitized before using it in any query.
If your field names don't match up with your MySQL columns (which it looks like they don't), then you can fix them with an associative array:
$columns = array(
// [form field] => [mysql column]
'size' => 'product_size',
'manufacturer' => 'product_manufacturer',
'invisible' => 'hideproduct'
// ...
);
And then in your switch statement, do something more like this:
$whereClause[] = "{$columns[$key]} = '{$value}'";
FINAL UPDATE:
DOCUMENTED SAMPLE - has plenty of comments and extra stuff to make it work on Codepad
EXACT WORKING CODE - you should be able to copy and paste this (and add your DB credentials) and it should work:
$con = mysqli_connect("[CENSORED]", "[CENSORED]", "[CENSORED]") or die("Could not connect: ". mysqli_error());
mysqli_select_db("[CENSORED]") or die("Could not select database");
$columns = array(
'size' => 'product_size',
'manufacturer' => 'product_manufacturer',
'invisible' => 'hideproduct'
);
$whereClause = array();
$limit = array("startat" => 0, "results" => 15);
foreach ($_GET as $key=>$value) {
$key = mysqli_real_escape_string($key);
if (is_array($value)) {
for ($i = 0; $i < count($value); $i++) {
$value[$i] = mysqli_real_escape_string($value[$i]);
}
} else {
$value = mysqli_real_escape_string($value);
}
switch ($key) {
case 'size':
$whereClause[] = "({$value} BETWEEN productsizeDOWN AND productsizeUP)";
break;
case 'startat':
case 'results':
$limit[$key] = $value;
break;
case 'instock':
$whereClause[] = "(stockstatus ". ($value == 'N' ? "<=" : ">") ." '0' ". ($value == 'N' ? "AND" : "OR") ." donotallowbackorders = '". ($value == 'N' ? "Y" : "N") ."')";
break;
default: {
if (is_array($value)) {
$whereClause[] = "{$columns[$key]} IN ('". implode("', '", $value) ."')";
} else {
$whereClause[] = "{$columns[$key]} = '{$value}'";
}
}
}
}
$sql = "SELECT * FROM ioa7pd_Products". (empty($whereClause) ? "" : " WHERE ". implode(" AND ", $whereClause)) ." LIMIT {$limit['startat']}, {$limit['results']}";
echo $sql;
after
else {
$product_instock = "";
};
do:
$limit = '';
if( !empty($product_limit0) && !empty($product_limit1) )
$limit = " LIMIT $product_limit0, $product_limit1";
$sql="Select * FROM ioa7pd_Products WHERE ".$product_instock.$product_size."AND".$product_manufacterer_and.$product_manufacterer."".$product_invisible." $limit"; // The end result of it all.
echo $sql;
If you have separate params in $_GET, you would have to traverse with multiple if statements. you can pass the params as an array into $_GET, with numeric keys, that would help a bunch.