Newbie select statement questions "WHERE"

Newbie select statement questions "WHERE"

am 24.04.2008 04:07:30 von revDAVE

NEWBIE! I have some GET data coming from a previous search form.

How do I add the WHERE part ?

orig:

$query_get1 = "SELECT p_First, p_id, p_Last, p_Lvl, p_Sel
FROM contacts";

------W / WHERE...???

$query_get1 = "SELECT p_First, p_id, p_Last, p_Lvl, p_Sel
FROM contacts
WHERE p_First like $_GET['p_First'] or p_Last like $_GET['p_Last']";


I tried various things that make errors:

where p_First like '%$_GET['p_First ']%'";
where p_First like ".$_GET['p_First ']."";
Etc...

How can I make this work?

--
Thanks - RevDave
Cool @ hosting4days . com
[db-lists]




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Newbie select statement questions "WHERE"

am 24.04.2008 04:18:18 von Robert Cummings

On Wed, 2008-04-23 at 19:07 -0700, revDAVE wrote:
> NEWBIE! I have some GET data coming from a previous search form.
>
> How do I add the WHERE part ?
>
> orig:
>
> $query_get1 = "SELECT p_First, p_id, p_Last, p_Lvl, p_Sel
> FROM contacts";
>
> ------W / WHERE...???
>
> $query_get1 = "SELECT p_First, p_id, p_Last, p_Lvl, p_Sel
> FROM contacts
> WHERE p_First like $_GET['p_First'] or p_Last like $_GET['p_Last']";
>
>
> I tried various things that make errors:
>
> where p_First like '%$_GET['p_First ']%'";
> where p_First like ".$_GET['p_First ']."";
> Etc...
>
> How can I make this work?


$escape = 'mysql_real_escape_string';

$query_get1 =
"SELECT "
." p_First, "
." p_id, "
." p_Last, "
." p_Lvl, "
." p_Sel "
."FROM "
." contacts "
."WHERE "
." p_First LIKE '".$escape( $_GET['p_First'] )."' "
." OR "
." p_Last LIKE '".$escape( $_GET['p_Last'] )."' ";

?>

But really... you're not doing any partial matching so don't bother with
'LIKE'. Just do the following:


$query_get1 =
"SELECT "
." p_First, "
." p_id, "
." p_Last, "
." p_Lvl, "
." p_Sel "
."FROM "
." contacts "
."WHERE "
." p_First = '".$escape( $_GET['p_First'] )."' "
." OR "
." p_Last = '".$escape( $_GET['p_Last'] )."' ";

?>

Cheers,
Rob.
--
http://www.interjinn.com
Application and Templating Framework for PHP


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php