86Stang Posted February 8, 2010 Share Posted February 8, 2010 I've got a keyword, category, start_date and end_date fields that I want the user to pick from but I'm having a hell of a time putting it into a 'master query' based on what they've entered. I'm trying something like this: if (isset($keyword_search)) { $keyword_qry = "WHERE title LIKE '%$keyword_search%' OR info LIKE '%$keyword_search%'"; } else { $keyword_qry = ""; } if (isset($category_search)) { $category_qry = "WHERE category LIKE '%$category_search%'"; } else { $category_qry = ""; } $qry = "SELECT * FROM table " . $keyword_qry . $category_qry; $result = mysql_query($qry) or die("Doh!"); but I know this isn't right because I have multiple WHEREs. Any help would be greatly appreciated! Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/ Share on other sites More sharing options...
MRushton Posted February 8, 2010 Share Posted February 8, 2010 Perhaps something like: $where = array(); foreach ($_POST['search'] as $key => $value) { if (!ctype_alpha($key)) { continue(); } $where[] = $key . " LIKE '%" . mysql_real_escape_string($value) . "%'"; } $sql = 'SELECT * FROM table WHERE ' . implode(' OR ', $where); With the HTML being something like: ... <input type="text" name="search['keyword']" /> <input type="text" name="search['category']" /> ... Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/#findComment-1008999 Share on other sites More sharing options...
jl5501 Posted February 8, 2010 Share Posted February 8, 2010 there are many ways of going about this 1 is to define the whereclause initially as 'where ' and then each time you want to add something you say if $whereclause == 'where ' $whereclause .= yournewcondition else $whereclause .= ' and '. yournew condition another way is to define the initial where clause as ' where 1 = 1' and then for each new condition $whereclause .= ' and '. yournewcondition Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/#findComment-1009000 Share on other sites More sharing options...
Psycho Posted February 8, 2010 Share Posted February 8, 2010 $where = ''; if (isset($keyword_search) || isset($category_search)) { $where_clause = array(); if (isset($keyword_search)) { $where_clause[] = "(title LIKE '%$keyword_search%' OR info LIKE '%$keyword_search%')"; } if (isset($category_search)) { $where_clause[] = "category LIKE '%$category_search%'"; } $where = implode(' AND ', $where_clause); } $qry = "SELECT * FROM table {$where}"; $result = mysql_query($qry) or die("Doh!"); NOTE: contained the keyword search in parens. Otherwise teh ANDs and ORs may not always react as you would want. Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/#findComment-1009012 Share on other sites More sharing options...
86Stang Posted February 8, 2010 Author Share Posted February 8, 2010 Thanks so much for the help! It's throwing this error though: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(title LIKE '%test%' OR info LIKE '%test%') AND category LIKE '%%'' at line 1 Any thoughts? Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/#findComment-1009042 Share on other sites More sharing options...
Psycho Posted February 8, 2010 Share Posted February 8, 2010 Thanks so much for the help! It's throwing this error though: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(title LIKE '%test%' OR info LIKE '%test%') AND category LIKE '%%'' at line 1 Any thoughts? Looks like $category_search is set as an empty string. I wrote my code using the same logic you had. You should add a secondary check to ensure the value is not an empty string. Personally, I prefer to echo the query to the page when it fails (in the development phase) so I can ensure it is as I expect. $where = ''; if (isset($keyword_search) || isset($category_search)){ $where_clause = array(); if (isset($keyword_search) && !empty($keyword_search)) { $where_clause[] = "(title LIKE '%{$keyword_search}%' OR info LIKE '%{$keyword_search}%')"; } if (isset($category_search) && !empty($category_search)) { $where_clause[] = "category LIKE '%{$category_search%}'"; } $where = implode(' AND ', $where_clause); } $qry = "SELECT * FROM table {$where}"; $result = mysql_query($qry) or die("Doh!"); Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/#findComment-1009088 Share on other sites More sharing options...
86Stang Posted February 8, 2010 Author Share Posted February 8, 2010 That works for a blank search (nothing in either field but when I put something in one of the fields, such as 'test' in the category field, I get the same syntax error: category LIKE '%test%'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE '%test%'' at line 1 Could this be because it's not actually inserting the word WHERE in there anywhere? Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/#findComment-1009100 Share on other sites More sharing options...
86Stang Posted February 8, 2010 Author Share Posted February 8, 2010 I think that was it. This seems to be working as I want it to: $where = ''; if (isset($keyword_search) || isset($category_search)) { $where_clause = array(); if (isset($keyword_search) && !empty($keyword_search)) { $where_clause[] = "(title LIKE '%$keyword_search%' OR info LIKE '%$keyword_search%')"; } if (isset($category_search) && !empty($category_search)) { $where_clause[] = "event_type LIKE '%$category_search%'"; } $where = implode(' AND ', $where_clause); } if ($where <> '') { $where_param = "WHERE "; } $qry = "SELECT * FROM test_events {$where_param} {$where}"; $result = mysql_query($qry) or die("Doh!"); If there's a better way to do that, feel free to enlighten me!! Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/#findComment-1009103 Share on other sites More sharing options...
Psycho Posted February 8, 2010 Share Posted February 8, 2010 Oh, I accidentally removed the actual WHERE text that I was defining. It would make sense to move that inside the first IF statement instead of doing another comparison: $where = ''; if (isset($keyword_search) || isset($category_search)){ $where_clause = array(); if (isset($keyword_search) && !empty($keyword_search)) { $where_clause[] = "(title LIKE '%{$keyword_search}%' OR info LIKE '%{$keyword_search}%')"; } if (isset($category_search) && !empty($category_search)) { $where_clause[] = "category LIKE '%{$category_search%}'"; } $where = "WHERE " . implode(' AND ', $where_clause); } $qry = "SELECT * FROM table {$where}"; $result = mysql_query($qry) or die("Doh!"); Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/#findComment-1009125 Share on other sites More sharing options...
86Stang Posted February 8, 2010 Author Share Posted February 8, 2010 That's originally where I put it but it keeps throwing a syntax error when all fields are blank so I moved it outside the if. Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/#findComment-1009127 Share on other sites More sharing options...
roopurt18 Posted February 8, 2010 Share Posted February 8, 2010 I realize you may be past this point in your search for help, but I usually build queries like so: <?php /** * Demonstrates query building with all fields required * * @param string $last_login * @param string $user_group */ function find_user_by_login_and_group( $last_login, $user_group ) { // validation $last_login = strtotime( $last_login ); if( in_array( $last_login, array( -1, false ), true ) ) throw new Exception( '$last_login is invalid' ); if( ! preg_match( '/[a-z][a-z0-9_]+/i', $user_group ) ) throw new Exception( '$user_group is invalid' ); $last_login = date( 'Y-m-d H:i:s', $last_login ); // escaping $last_login = mysql_real_escape_string( $last_login ); $user_group = mysql_real_escape_string( $user_group ); $select_stmt = " SELECT * FROM `users` WHERE `group`={$user_group} AND `last_login`>={$last_login} "; // Now run the query... } /** * Demonstrates query building with optional fields * * @param string $fname * @param string $lname * @param int $age */ function find_user( $fname = null, $lname = null, $age = null ) { $wheres = array(); if( is_string( $fname ) ) { if( strpos( $fname, '%' ) !== false ) $join = ' LIKE '; else $join = ' = '; $wheres[] = "`fname` {$join} " . mysql_real_escape_string( $fname ); } if( is_string( $lname ) ) { if( strpos( $lname, '%' ) !== false ) $join = ' LIKE '; else $join = ' = '; $wheres[] = "`lname` {$join} " . mysql_real_escape_string( $lname ); } if( is_int( $age ) ) { $wheres[] = "`age`={$age}"; } $wheres = count( $wheres ) > 0 ? " WHERE " . implode( ' AND ', $wheres ) : " "; $select_stmt = " SELECT * FROM `users` {$wheres} "; // Now run the query... } ?> Quote Link to comment https://forums.phpfreaks.com/topic/191394-how-do-you-build-a-query-from-a-number-of-search-fields/#findComment-1009132 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.