SHARE
TWEET

Untitled

a guest Feb 20th, 2019 59 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. SELECT * FROM `database` WHERE `brand` LIKE "%' . $brand . '%" AND `type` LIKE "%' . $type. '%" AND `price` LIKE "%' . $price . '%"
  2.    
  3. AND `price` LIKE "*";
  4.    
  5. <?php
  6. $sql = 'SELECT * FROM `database`';
  7. $where = array();
  8. if ($brand !== '') $where[] = '`brand` LIKE "%'.$brand.'%"';
  9. if ($type !== '')  $where[] = '`type` LIKE "%'.$type.'%"';
  10. if ($price !== '') $where[] = '`price` LIKE "%'.$price.'%"';
  11. if (count($where) > 0) {
  12.   $sql .= ' WHERE '.implode(' AND ', $where);
  13. } else {
  14.   // Error out; must specify at least one!
  15. }
  16. // Run $sql
  17.    
  18. <?php
  19.     $fields = array(
  20.         // Form    // SQL
  21.         'brand' => 'brand',
  22.         'type'  => 'type',
  23.         'price' => 'price',
  24.     );
  25.  
  26.     $sql  = 'SELECT * FROM `database`';
  27.     $comb = ' WHERE ';
  28.     foreach($fields as $form => $sqlfield)
  29.     {
  30.         if (!isset($_POST[$form]))
  31.             continue;
  32.         if (empty($_POST[$form]))
  33.             continue;
  34.         // You can complicate your $fields structure and e.g. use an array
  35.         // with both sql field name and "acceptable regexp" to check input
  36.         // ...
  37.  
  38.         // This uses the obsolete form for mysql_*
  39.         $sql .= $comb . $sqlfield . ' LIKE "%'
  40.              . mysql_real_escape_string($_POST[$form])
  41.              . '"';
  42.         /* To use PDO, you would do something like
  43.              $sql .= $comb . $sqlfield . 'LIKE ?';
  44.              $par[] = $_POST[$form];
  45.         */
  46.         $comb = ' AND ';
  47.     }
  48.     // Other SQL to go here
  49.     $sql .= " ORDER BY brand;";
  50.  
  51.     /* In PDO, after preparing query, you would bind parameters
  52.        - $par[0] is value for parameter 1 and so on.
  53.        foreach($par as $n => $value)
  54.            bindParam($n+1, '%'.$value.'%');
  55.     */
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top