mdvignesh Posted April 30, 2011 Share Posted April 30, 2011 problem is when i select unpaid in drop down box it not show the expected result. I dont know wats wrong here I doubt $reg .=" AND status=0 "; find wats wrong Thanks a lot <?php include("connection.php"); $reg=""; if(isset($_POST['filter'])) { if($_POST['sel'] == "0") { $reg .=" AND status=0 "; } elseif($_POST['sel'] == "1") { $reg .=" AND status=1 "; } elseif($_POST['sel'] == "3") { $reg .=" AND (status=0 OR status=1) "; // echo "<a href='vudetails.php?regno=".$qry2['reg_no']."'>".$qry2['name']."</a>"; } $filter=mysql_query("SELECT * FROM stu_details WHERE dept LIKE '%".$_POST['dept']."%' OR course LIKE '%".$_POST['cors']."%' OR YEAR LIKE '%".$_POST['year']."%' OR room_no LIKE '%".$_POST['dept']."%' OR reg_no LIKE '%".$_POST['dept']."%' OR doj BETWEEN '".$_POST['dept']."' AND '".$_POST['dept']."'".$reg); while($f2=mysql_fetch_array($filter)) { echo "<a href='vudetails.php?regno=".$f2['reg_no']."' >".$f2['name']."</a> <br />"; } } ?> <html><head><title>Filter</title></head> <script type="text/javascript" src="datetimepicker.js"> </script> <script type="text/javascript"> function validate() { var a=document.forms['form']['dept'].value; if (a==null || a=="") { alert("Please enter a search."); return false; } /*else { return true; }*/ } </script> <form name="form" action="" method="post"> <table border="0"> <tr><td> <select name="sel"> <option value="3">All </option> <option value="0">Unpaid </option> <option value="1">Paid </option> </select> <tr><td> Department: <input type="text" name="dept"> <tr><td> Course: <input type="text" name="cors"> <tr><td> Year: <input type="text" name="year"> <tr><td> Room No: <input type="text" name="roomno"> <tr><td> Register No: <input type="text" name="regno"> <tr><td> Date of Join: <input type="text" name="doj" id="from"> <a href="javascript:NewCal('from','ddmmyyyy')"> <img src="cal.gif" width="16" height="16" border="0" alt="Pick a date"></a> To: <input type="text" name="datto" id="todat"> <!--<tr><td>Date: <input text="text" id="dp" name="dp" size="25">--> <a href="javascript:NewCal('todat','ddmmyyyy')"> <img src="cal.gif" width="16" height="16" border="0" alt="Pick a date"></a> <tr><td> <!--<input type="submit" name="filter" value="Filter" onclick="return validate()">--> <input type="submit" name="filter" value="Filter" onclick="validate()"> </table> </form> </html> [attachment deleted by admin] Quote Link to comment https://forums.phpfreaks.com/topic/235180-variable-concatenation/ Share on other sites More sharing options...
wildteen88 Posted April 30, 2011 Share Posted April 30, 2011 You code sets $reg to the string " AND status=0 "; if you select Unpaid from the drop down box. And it is inserting this value into your query correctly. Could you explain what you mean by unexpected result. The problem is not so much to do with your PHP code, but your SQL query. Although placing raw user input into query is not recommended for security reasons, you should be validating/sanitizing your user input. Quote Link to comment https://forums.phpfreaks.com/topic/235180-variable-concatenation/#findComment-1208612 Share on other sites More sharing options...
mdvignesh Posted April 30, 2011 Author Share Posted April 30, 2011 You code sets $reg to the string " AND status=0 "; if you select Unpaid from the drop down box. And it is inserting this value into your query correctly. Could you explain what you mean by unexpected result. The problem is not so much to do with your PHP code, but your SQL query. Although placing raw user input into query is not recommended for security reasons, you should be validating/sanitizing your user input. When i select unpaid i want only unpaid students that is the status field is 0 and when i select paid the status is 1 without giving any inputs in text box I will attach the whole program and DB [attachment deleted by admin] Quote Link to comment https://forums.phpfreaks.com/topic/235180-variable-concatenation/#findComment-1208626 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.