Guest Jack Reno Posted January 13, 2009 Report Share Posted January 13, 2009 I'm very new to php and mysql, so you'll have to excuse my code. (it feels sloppy to me) Anyhow, working on a random database project, and here is what I ran into: Today I decided that I wanted a multiple input search option, and spent the day searching for examples and tutorials with little result. What examples I did find ran through what seemed like an eternity of conditional statements to execute various queries. What I eventually came up with finally satisfied mysql and I'm fetching results as I hoped. My question(s) however now revolve around the legitimacy of my coding. I.E. is this the proper way of handling multiple variables? search.php: mysql_connect("fdb1.agilityhoster.com",$username,$password); mysql_select_db($database) or die( "Unable to select database"); $corp_raw=@$_POST["corp"]; $corp_strip=mysql_real_escape_string($corp_raw); $corp_trim=trim($corp_strip); $corp_search=strtoupper($corp_trim); // fetch and process data from form, can this be streamlined? if($corp_search=="") //handle empty values within the form, is this redundant? { $corp_search="%%"; } $ceo_raw=@$_POST["ceo"]; $ceo_strip=mysql_escape_string($ceo_raw); $ceo_trim=trim($ceo_strip); $ceo_search=strtoupper($ceo_trim); if($ceo_search=="") { $ceo_search="%%"; } $ticker_raw=@$_POST["ticker"]; $ticker_strip=mysql_escape_string($ticker_raw); $ticker_trim=trim($ticker_strip); $ticker_search=strtoupper($ticker_trim); if($ticker_search=="") { $ticker_search="%%"; } $status_search=@$_POST["status"]; $type_search=@$_POST["type"]; $limit=10; $query="SELECT * FROM ipo1 WHERE UPPER(corp) LIKE '%$corp_search%' AND UPPER(ticker) LIKE '%$ticker_search%' AND UPPER(ceo) LIKE '%$ceo_search%' AND status LIKE '%$status_search%' AND type LIKE '%$type_search%'"; $numrows=mysql_query($query) or die("query on numrows line failed"); $num=mysql_num_rows($numrows); if ($num == 0) { echo " Sorry, your search returned zero results. Modify your search and try again.";} //question regarding this block if (empty($i)) { $i=0; } $query.=" limit $i,$limit"; $result=mysql_query($query) or die("query on result line failed"); $count=1 + $i; // why is the above code seemingly nessecary to avoid mysql_fetch_array() and mysql_num_rows() errors? while ($row= mysql_fetch_array($result)) { $corp = $row["corp"]; $ticker = $row["ticker"]; echo "$corp" ; echo "$ticker"; $count++ ; } .... etc. html for search form: Corporation: Ticker: Ceo Status: Active Closed Scam No Go Any Type of Offering: IPO Bond Loan Joke Any It is possibly relevant to note: At no point do I want this search to search for 1 value OR another, rather functioning as a search refiner. I had problems executing the query when 1 or more fields were empty until i added the value "%%" to the tags. (left blank prior) It seems to work fine with or without the if statements near the top of the php script, I just haven't changed it yet. This script does exactly what I want it to in its current form, it just doesn't feel right. Is the value "%%" in my option tags a legitimate way of handling the "Any" option? Can you offer me any tips that might streamline my php, so it doesn't feel so 'clunky'? Sorry for the newb questions, any insight would be appreciated. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.