Craig Saunders Posted January 9, 2009 Share Posted January 9, 2009 Hello, I'm a noob at php coding and I have an online page that I custom built to both insert data into a database table from an html form file stored on my computer and to search the same database table from an online html form file. Everything works just fine, but I'm wondering if there's an easier way of writing the code. I want the user to be able to search names and dates for my churches cemetery, but also be able to search generic information like all entries that have the death month of June or all entries that include the word rey and have the birth year of 1964. Here's the code: <html> <body> <?php mysql_connect("", "", "") or die(mysql_error()); mysql_select_db("") or die(mysql_error()); /*This function explains itself*/ function filtering($input){ $a = trim($input); $a = mysql_real_escape_string($a); return $a; } /*This function filters the input from the user and inserts it into a section of the mySQL code*/ function filtering2($input){ $a = trim($input); $a = mysql_real_escape_string($a); if($a == ""){ return $a; } else { $a = "LIKE '%$a%'"; return $a; } } /*This function explains itself also*/ function checkingblanks($input){ $a = explode(" ",$input,3); if($a[1] == ""){ $a = ""; return $a; } else { return $input; } } /*This function takes all the input from all the fields, checks first if they're blank (the user isn't searching for blanks, but if the form is left blank then the field is blank), then adds AND into the mix so that it can be input into the mySQL code.*/ function procand($a,$b,$c,$d,$e,$f,$g,$h,$i,$j,$k,$l,$m,$n){ if($a == ""){ } else{ $str = $a." AND "; } if($b == ""){ } else{ $str .= $b." AND "; } if($c == ""){ } else{ $str .= $c." AND "; }if($d == ""){ } else{ $str .= $d." AND "; }if($e == ""){ } else{ $str .= $e." AND "; }if($f == ""){ } else{ $str .= $f." AND "; }if($g == ""){ } else{ $str .= $g." AND "; }if($h == ""){ } else{ $str .= $h." AND "; }if($i == ""){ } else{ $str .= $i." AND "; }if($j == ""){ } else{ $str .= $j." AND "; }if($k == ""){ } else{ $str .= $k." AND "; }if($l == ""){ } else{ $str .= $l." AND "; }if($m == ""){ } else{ $str .= $m." AND "; }if($n == ""){ $str = substr($str,0,(strLen($str)-4));/*This gets rid of the last "AND_" */ } else{ $str .= $n; } return $str; } /*This function is similar to procand() but takes the full date information(mmddyyyy) and inputs it into a parentheses so that the full date or a partial date can be searched*/ function procor($a,$b,$c,$d, $e,$f,$g, $h,$i,$j, $k,$l,$m,$n){ /*This if statement declares the full or partial birth date wraped in parentheses*/ if($e == "" && $f == "" && $g == ""){ $bdate = ""; } else{ if($e == ""){ $par = ""; } else{ $par = "("; $bdate = $par.$e." AND "; } if($f == ""){ } else{ if($par == "("){ $par2 = ""; } else{ $par2 = "("; } $bdate .= $par2.$f." AND "; } if($g == ""){ $bdate = substr($bdate,0,(strLen($bdate)-5)); /*This line takes out the last "_AND_" so that you're not stuck with (field LIKE 'blah' AND ) OR*/ $bdate .= ") OR "; } else{ if($par2 == "("){ $par3 = ""; } else{ $par3 = "("; } $bdate .= $par3.$g.") OR "; } } /*this does the same for the death date*/ if($h == "" && $i == "" && $j == ""){ $ddate = ""; } else{ if($h == ""){ $dpar = ""; } else{ $dpar = "("; $ddate = $dpar.$h." AND "; } if($i == ""){ } else{ if($dpar == "("){ $dpar2 = ""; } else{ $dpar2 = "("; } $ddate .= $dpar2.$i." AND "; } if($j == ""){ $ddate = substr($ddate,0,(strLen($ddate)-5)); $ddate .= ") OR "; } else{ if($dpar2 == "("){ $dpar3 = ""; } else{ $dpar3 = "("; } $ddate .= $dpar3.$j.") OR "; } } if($a == ""){ } else{ $str = $a." OR "; }if($b == ""){ } else{ $str .= $b." OR "; } if($c == ""){ } else{ $str .= $c." OR "; }if($d == ""){ } else{ $str .= $d." OR "; } $str .=$bdate; $str .=$ddate; if($k == ""){ } else{ $str .= $k." OR "; }if($l == ""){ } else{ $str .= $l." OR "; }if($m == ""){ } else{ $str .= $m." OR "; }if($n == ""){ $str = substr($str,0,(strLen($str)-3)); } else{ $str .= $n; } return $str; } /*The begining of the big if statement. It first checks if it's searching or inserting, then it does the inserting else the searching.*/ if($_GET['id'] != "search"){ if($_GET['id'] == ""){ /*id hidden*/ $last = filtering($_GET['last']); $first = filtering($_GET['first']); $middle = filtering($_GET['middle']); $special = filtering($_GET['special']); $month = filtering($_GET['month']); $day = filtering($_GET['day']); $year = filtering($_GET['year']); $dmonth = filtering($_GET['dmonth']); $dday = filtering($_GET['dday']); $dyear = filtering($_GET['dyear']); $veteran = filtering($_GET['veteran']); $section = filtering($_GET['section']); $block = filtering($_GET['block']); $cell = filtering($_GET['cell']); mysql_query("INSERT INTO cemetery(last_name, first_name, middle_name, special_info, birth_month, birth_day, birth_year, death_month, death_day, death_year, vet, section, block, cell) VALUES('$last', '$first', '$middle', '$special', '$month', '$day', '$year', '$dmonth', '$dday', '$dyear', '$veteran', '$section', '$block', '$cell')") or die(mysql_error()); echo "Entry Created!"; } else { echo "Entry Failed!"; } } elseif($_GET['id'] == "search"){ /*This is where the process where I take the input from the search form and input it into the mySQL code so that the user gets the exact search that they want*/ $last = "last_name ".filtering2($_GET['last']); $first = "first_name ".filtering2($_GET['first']); $middle = "middle_name ".filtering2($_GET['middle']); $special = "special_info ".filtering2($_GET['special']); $month = "birth_month ".filtering2($_GET['month']); $day = "birth_day ".filtering2($_GET['day']); $year = "birth_year ".filtering2($_GET['year']); $dmonth = "death_month ".filtering2($_GET['dmonth']); $dday = "death_day ".filtering2($_GET['dday']); $dyear = "death_year ".filtering2($_GET['dyear']); $veteran = "vet ".filtering2($_GET['veteran']); $section = "section ".filtering2($_GET['section']); $block = "block ".filtering2($_GET['block']); $cell = "cell ".filtering2($_GET['cell']); $all = filtering($_GET['and']); $some = filtering($_GET['or']); $last = checkingblanks($last); $first = checkingblanks($first); $middle = checkingblanks($middle); $special = checkingblanks($special); $month = checkingblanks($month); $day = checkingblanks($day); $year = checkingblanks($year); $dmonth = checkingblanks($dmonth); $dday = checkingblanks($dday); $dyear = checkingblanks($dyear); $veteran = checkingblanks($veteran); $section = checkingblanks($section); $block = checkingblanks($block); $cell = checkingblanks($cell); /*This is where everything is put together*/ $sql = "SELECT * FROM cemetery WHERE "; if($all == "checked" && $some == ""){ /*$all and $some are values taken from a checkbox input type. if $all is checked then all entries are searched together, and if $some is checked then all entries are searched seperatly*/ $added = procand($last,$first,$middle,$special,$month,$day,$year,$dmonth,$dday,$dyear,$veteran,$section,$block,$cell); } elseif($some == "checked" && $all == ""){ $added = procor($last,$first,$middle,$special,$month,$day,$year,$dmonth,$dday,$dyear,$veteran,$section,$block,$cell); } else{ echo "You must check one box or the other."; exit; } if($added == ""){ echo "Please insert data into one of the fields."; exit; } else { $sql = $sql.$added; } $query = mysql_query($sql) or die(mysql_error()); $row_sql = mysql_fetch_assoc($query); $total = mysql_num_rows($query); echo " /*This is the output table for the search. Very basic right now.*/ <table border=\"1\" bordercolor=\"#000000\"> <tr> <td width=\"10%\"><center>Last Name</center> </td> <td width=\"10%\"><center>First Name</center> </td> <td width=\"10%\"><center>Middle Name</center> </td> <td width=\"10%\"><center>Special Info</center> </td> <td width=\"10%\"><center>Birth</center> </td> <td width=\"10%\"><center>Death</center> </td> <td width=\"10%\"><center>Veteran</center> </td> <td width=\"10%\"><center>Section</center> </td> <td width=\"10%\"><center>Block</center> </td> <td width=\"10%\"><center>Cell</center> </td> </tr> "; if($total>0) { while ($row_sql = mysql_fetch_assoc($query)) {//echo out the results echo "<tr><td>" . $row_sql['last_name'] . "</td><td>" . $row_sql['first_name'] . "</td><td>" . $row_sql['middle_name'] . "</td><td>" . $row_sql['special_info'] . "</td><td>" . $row_sql['birth_month'] . "/" . $row_sql['birth_day'] . "/" . $row_sql['birth_year'] . "</td><td>" . $row_sql['death_month'] . "/" . $row_sql['death_day'] . "/" . $row_sql['death_year'] . "</td><td>" . $row_sql['vet'] . "</td><td>" . $row_sql['section'] . "</td><td>" . $row_sql['block'] . "</td><td>" . $row_sql['cell'] . "</td></tr>"; } } else{ echo "No results to display"; } echo " </table> "; } else { echo "You have found this page by error."; } ?> </body> </html> To me it just looks like a big mess of if statements. Link to comment https://forums.phpfreaks.com/topic/140130-help-clean-up-my-code/ Share on other sites More sharing options...
Mark Baker Posted January 9, 2009 Share Posted January 9, 2009 Well you can certainly simplify some of your functions, e.g. function procand() { // Accept any number of arguments for this function, and split them down into an array $args = func_get_args(); // Loop through each argument in turn foreach($args as $key => $value) { // Strip out any arguments that are empty values if(trim($value) == ""){ unset($args[$key]); } } // Return the list of valid (populated argument values as a string, with each separated by ' AND ') return implode(' AND ',$args); } // function procand() [/code] Link to comment https://forums.phpfreaks.com/topic/140130-help-clean-up-my-code/#findComment-733181 Share on other sites More sharing options...
Craig Saunders Posted January 9, 2009 Author Share Posted January 9, 2009 Thanks Mark! simplifying that function was easier than I thought. I tought myself how to make this page in about a week so I'm a little rough on the built in functions like func_get_args(). I'm now trying to figure out how to simplify procor() and it's giving me a headache but I know I'll find out how eventualy. Link to comment https://forums.phpfreaks.com/topic/140130-help-clean-up-my-code/#findComment-733205 Share on other sites More sharing options...
Mark Baker Posted January 9, 2009 Share Posted January 9, 2009 function procor() { // Accept any number of arguments for this function, and split them down into an array $args = func_get_args(); // Loop through each argument in turn foreach($args as $key => $value) { // Strip out any arguments that are empty values if(trim($value) == ""){ unset($args[$key]); } } // Return the list of valid (populated argument values as a string, with each separated by ' OR ') return implode(' OR ',$args); } // function procor() $birthDate = procand($month,$day,$year); if ($birthDate > '') { $birthDate = '('.$birthDate.')' } $deathDate = procand($dmonth,$dday,$dyear); if ($deathDate > '') { $deathDate = '('.$deathDate.')' } ... $added = procor($last,$first,$middle,$special,$birthDate,$deathDate,$veteran,$section,$block,$cell); Link to comment https://forums.phpfreaks.com/topic/140130-help-clean-up-my-code/#findComment-733244 Share on other sites More sharing options...
Craig Saunders Posted January 9, 2009 Author Share Posted January 9, 2009 You are awesome! I tried remaking the procor() function totaly, but I didn't even think to put the date variables through the procand() function. I did notice that there were a couple missing semicolins, but the code worked like a charm other than that. I think that's about all that I really needed to change unless someone has anything else to add. Link to comment https://forums.phpfreaks.com/topic/140130-help-clean-up-my-code/#findComment-733267 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.