2 WHERE's - Is this possible?

[erme]

Is this possible?

 

SELECT * FROM $Table WHERE ID='blah' & County='blah'

[akitchin]

the MySQL manual has some good information on syntax. there are also a bunch of tutorials online to help you with simple query syntax, so google works wonders.

 

WHERE ID='blah' AND County='blah'

[erme]

Thanks for that.

 

Do you know what i've done wrong with this? (new to SQL)

 

SELECT * FROM $Table (isset($_GET['id'][0]))?"WHERE ID='".mysql_real_escape_string($_GET['id'])."'":"" AND (isset($_GET['county'][0]))?"County='".mysql_real_escape_string($_GET['county'])."'":""

[akitchin]

the formatting you've got there is extremely convoluted. why not break it out and use some proper if()-else blocks and see if you can get it working that way?

[erme]

if()-else for this? 

[akitchin]

yes - that's what your whole parenthesized portion of the query is: short-hand notation for an if-else conditional block. if you don't understand what if/else statements are, you need to read the PHP manual section on Control Structures. if you don't understand those, you can't possibly hope to string together a proper query based on URL variables.

[erme]

OK not sure how that would work but this works

 

(isset($_GET['id'][0]))?"WHERE ID='".mysql_real_escape_string($_GET['id'])."'":""

 

its just when I add this to it that it doesn't work:

 

AND (isset($_GET['county'][0]))?"County='".mysql_real_escape_string($_GET['county'])."'":"";

 

All I want to know is what I'm doing wrong. Thanks

[akitchin]

if you want the honest truth, what you're doing wrong is trying to edit a script without any understanding whatsoever of what the current script is doing.

[erme]

I'm trying to get the output:

 

WHERE ID='dev002' AND County='devon'

 

from:

 

/code.php?id=dev002&county=devon

 

 

Without the added code the output is WHERE ID='dev002'

[akitchin]

i'm aware of what you're trying to do; it just doesn't seem you're actually interested in learning how, you appear to just want a chunk you can copy/paste. and frankly, that doesn't do anyone any good, because if it suddenly needs to be changed, you'll just come back instead of understanding how to change it yourself. teach a man to fish and all that.

 

anyway, in the interest of solving this thread, you need (as i mentioned) an if-else statement:

 

if (isset($_GET['id']))
{
  $where_clause = "WHERE ID='{$_GET['id']}'";
}

if (isset($_GET['county']))
{
  if (empty($where_clause))
    $where_clause = "WHERE County='{$_GET['county']}'";
  else
    $where_clause .= " AND County='{$_GET['id']}'";
}

echo $where_clause;

 

now here's where your homework is: you need to find out how to get $where_clause in the correct spot to make the query work correctly. it's worth mentioning that this isn't validating the input at all, leaving your script extremely vulnerable to attacks.

[erme]

Thanks for that.

 

I'm a graphics designer. I've been given this project as a one off.

 

Managed to get that code working, however it only works for one or the other e.g.

 

/code.php?id=dev002

/code.php?county=devon

 

How can I combine it so this works

 

/code.php?id=dev002&county=devon

 

 

[erme]

Think I've got it working myself:

 

if (isset($_GET['id']) && isset($_GET['county']))
{
  $extrapart = "WHERE ID='{$_GET['id']}' AND County='{$_GET['county']}'";
}