PHP search with multiple fields

1
votes

I want to search data using ajax method with multiple fields search option (e.g. name, college, department, year, nationality e.t.c ). I have insert name for searching and rest of fields are empty than it went to foreach loop but this if (isset($_GET[$field]) && !empty($_GET['$field'])) condition not successful and went to else loop

  $fields = array(
  'name' => TRUE,
  'gender' => TRUE,
  'colf' => TRUE,
  'deptf' => TRUE,
  'natf' => TRUE,
  'fstatusf' => TRUE,
  'fyearf' => TRUE
  );
 foreach ($fields as $field => $like) {
  if (isset($_GET[$field]) && !empty($_GET['$field'])) {
    $value = $_GET[$field];
    $search[] = $field . ( $like ? ('LIKE "%' . $value . '%"') : ('="' . $value . '"') );
       }
 } 
  if ($search) {
  $sql = 'SELECT * FROM fmaf WHERE ' . implode(' or ' . $search);
  }

else{
$sql="SELECT * FROM fmaf";

    }
3
phpmysqlsearch
pass only those input fields which have been provided by user - Rahul
Please please please, don't forget to validate/sanitize user input (eg. $_GET) - Joaquín O

3 Answers

1
votes

At last i have found the solution and thanks to cFreed and other who help me. My main concern is that if user want to search with one field only or more than 1 field in that case below answer is helpful for me and may be also for someone:

if (empty($_GET['name']) && empty($_GET['gender']) && empty($_GET['colf']) && empty($_GET['deptf']) && empty($_GET['natf']) && empty($_GET['fstatusf']) && empty($_GET['fyearf']))
{
    $sql="select * from fmaf ";
}
else
{
 $wheres = array();

$sql = "select * from fmaf where ";

if (isset($_GET['name']) and !empty($_GET['name']))
{
    $wheres[] = "name like '%{$_GET['name']}%' ";
} 

if (isset($_GET['gender']) and !empty($_GET['gender']))
{
    $wheres[] = "gender = '{$_GET['gender']}'";
} 

if (isset($_GET['colf']) and !empty($_GET['colf']))
{
    $wheres[] = "college = '{$_GET['colf']}' ";
} 

if (isset($_GET['deptf']) and !empty($_GET['deptf']))
{
    $wheres[] = "department = '{$_GET['deptf']}' ";
} 

if (isset($_GET['natf']) and !empty($_GET['natf']))
{
    $wheres[] = "nationality = '{$_GET['natf']}' ";
} 

if (isset($_GET['fstatusf']) and !empty($_GET['fstatusf']))
{
    $wheres[] = "finalstatus = '{$_GET['fstatusf']}' ";
}

if (isset($_GET['fyearf']) and !empty($_GET['fyearf']))
{
    $wheres[] = "fyear = '{$_GET['fyearf']}' ";
} 

foreach ( $wheres as $where ) 
{
$sql .= $where . ' AND ';   //  you may want to make this an OR
  }
 $sql=rtrim($sql, "AND "); 

     }
0
votes

You need to build the query depending on the request. A toy example is this:

$sql = "select * from student where 1 = 1".(isset($name)?" AND name like '%$name%":"").(isset($country)?" AND country = '$country'":"").";";
0
votes

You may use a simple way, being able to face any case, like this:

// define searchable fields, with option for LIKE|EQUAL (TRUE|FALSE)
$fields = [
  'name' => TRUE,
  'country' => TRUE,
  'address' => TRUE,
  'gender' => FALSE,
  'state' => FALSE
];
foreach ($fields as $field => $like) {
  if (isset($_GET[$field]) AND !empty($_GET['$field'])) {
    $value = $_GET[$field];
    // prepare WHERE condition item, depending on LIKE option
    $search[] = $field . (
      $like ? ('LIKE "%' . $value . '%"') : ('="' . $value . '"')
    );
  }
}
if ($search) {
  $sql = 'SELECT * FROM student WHERE ' . implode(' AND ' . $search);
}