Hey,
Wrote I quick script to filter results from database.
It kinda works but not sure if this is best or even secure way to do it.
I know mysqli has function 'bind_params', but failed to make it work.
<form action="" method="get">
<input type="checkbox" name="data" value="3" />
<input type="submit" />
<?php
if( empty($_GET['data']) ) {
die("GET empty"); }
$mysqli = new mysqli('localhost', 'user', 'password', 'database');
$statement = "SELECT * FROM table1 WHERE id=" . $_GET['data'];
$result = $mysqli->query($statement);
while( $row = $result->fetch_assoc() ) {
echo $row['id'];
echo "<br/>";
echo $row['text'];
if ($row['img'] != NULL)
echo "<img src=" . $row['img'] . " > ";
}
?>
So just basic checkbox interface, when selected one of checkboxes and submitted, script queries database with matching ID from GET, returns results and loops through them.
Inside loop checks for associated image src, if not present ignores field.
I want to use this fucntions logic in my project but not sure if secure nor best/easiest way to do this.
Obviously will improve interface, naming of variables etc.