Ask a question    Sign Up Sign In
  1. Home
  2. php - Search Form with One or More (Multiple) Parameters

303 votes
1 answers

php - Search Form with One or More (Multiple) Parameters

Get the solution ↓↓↓

Solution:

This is easiest to do when using PDO, not mysqli, as your database API.

Build theWHERE clause dynamically. My recommended approach is to push each condition onto an array, and then useimplode() to concatenate all the conditions, connecting them withAND orOR as is your preference.

$wheres = array();
$params = array();
if (!empty($_GET['id'])) {
    $wheres[] = 'a.uid = :uid';
    $params[':uid'] = $_GET['id'];
}
if (!empty($_GET['major'])) {
    $wheres[] = 'a.major = :major';
    $params[':major'] = $_GET['major'];
}
if (!empty($_GET['name'])) {
    $wheres[] = 'b.name LIKE :name';
    $params[':name'] = '%'.$_GET['name'].'%';
}
// And so on for all parameters

$sql = "SELECT * 
        FROM user_details AS a
        JOIN user AS b ON a.uid = b.id";
if (!empty($wheres)) {
    $sql .= " WHERE " . implode(' AND ', $wheres);
}
$stmt = $db->prepare($sql);
$stmt->execute($params);

Then display the results as in your original code.

while ($student = $stmt->fetch()) {
    ...
}



681
votes

Answer

Solution:

If you aren't going to change anything in the database - you are just selecting - go ahead and use GET instead of POST. The advantage of this is that it is going to allow you to save the URL as your search string. You can also refresh the search without getting the resubmit post alert. You just want to make sure that you parameterize your values before you send them to the database. I would normally send those values through sanitize functions, such as a regex that makes sure you only have letters if you expect letters, or a numbers if you expected numbers.

On the same page (all search): (I am just going to outline this for you.) 

<form action="<?= $_SERVER["REQUEST_URI"]; ?>" method="GET">
    <input name="major" value="<?= $_GET["major"]; ?>" />
    <select name="college">
        <option value="1" <?PHP if( $_GET["college"] == 1 ) echo 'selected="true"'; ?>>Business</option>
    </select>
</form>

<?PHP
if( ! empty( $_GET ) ){
    if (isset($_GET['major'])) {
       $wheres[] = 'a.major = :major';
       $params[':major'] = $_GET['major'];
    }
    if (isset($_GET['name'])) {
       $wheres[] = 'b.name LIKE :name';
       $params[':name'] = '%'.$_GET['name'].'%';
    }
    // And so on for all parameters

    $sql = "SELECT * 
        FROM user_details AS a
        JOIN user AS b ON a.uid = b.id";
    if (!empty($wheres)) {
        $sql .= " WHERE " . implode(' AND ', $wheres);
    }
    $stmt = $db->prepare($sql);
    $stmt->execute($params);
}
?>

Now you can display your data.

edit: I wrote the other half of the answer, and then he wrote the 2nd half, so I just incorporated it...

Also, the next level of sophistication in this would be to take the PHP out of the search file and to put it into another file. When you press the search button in your form, you'd use AJAX to call the PHP elements. Then the PHP file would return the results via Ajax. You could return either the HTML preformatted, or JSON and let something like JQuery display it for you.

Write your answer



Share solution ↓

Additional Information:
Link To Source
People are also looking for solutions of the problem: uncaught mysqli_sql_exception

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Similar questions

Find the answer in similar questions on our website.

933 php - File format or extension invalid PHPExcel
79 Print informative, well formatted mysql errors in PHP
31 php - How to enhance SilverStripe FullTextSearchable search results?
527 php - I honestly have no clue how to formulate this pass-by-reference conundrum
454 php - ask about advance search when user select all something?
787 Form action is not using the PHP file?
422 php - .htaccess prevents POST form from working
913 php - More efficient way to grab MySQL row populated with single value
400 php - Cakephp 2.8.4 ignoring hasMany
712 Including a html form in a php script

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.





About the technologies asked in this question

PHP

PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites. The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/


JQuery

JQuery is arguably the most popular JavaScript library with so many features for modern development. JQuery is a fast and concise JavaScript library created by John Resig in 2006. It is a cross-platform JavaScript library designed to simplify client-side HTML scripting. Over 19 million websites are currently using jQuery! Companies like WordPress, Facebook, Google, IBM and many more rely on jQuery to provide a kind of web browsing experience.
https://jquery.com/


MySQL

DBMS is a database management system. It is designed to change, search, add and delete information in the database. There are many DBMSs designed for similar purposes with different features. One of the most popular is MySQL. It is a software tool designed to work with relational SQL databases. It is easy to learn even for site owners who are not professional programmers or administrators. MySQL DBMS also allows you to export and import data, which is convenient when moving large amounts of information.
https://www.mysql.com/


HTML

HTML (English "hyper text markup language" - hypertext markup language) is a special markup language that is used to create sites on the Internet. Browsers understand html perfectly and can interpret it in an understandable way. In general, any page on the site is html-code, which the browser translates into a user-friendly form. By the way, the code of any page is available to everyone.
https://www.w3.org/html/

Welcome to programmierfrage.com

programmierfrage.com is a question and answer site for professional web developers, programming enthusiasts and website builders. Site created and operated by the community. Together with you, we create a free library of detailed answers to any question on programming, web development, website creation and website administration.

Get answers to specific questions

Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.

Help Others Solve Their Issues

Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.