0

I researched a lot and found some solution ,probably not a convincing solution for me.Hence i am posting this question,Please help me

I Have A checkbox with same name and different values like

1.cate.php

<form action="mobile-phones-category.php" method="post">

<input type="checkbox" value="samsung" name="mobile[]"> sams

<input type="checkbox" value="nokia" name="mobile[]"> nolkia

<input type="submit" name="submit" value="SUBMIT" class="btn btn-primary pull-right">

</form>

2.) mobile-phones-category.php

I retrieve the values of check box on submit[array format] and want to search from db..I am using normal mysql_query(not pdos)

$search=$_POST["mobile"]; $search_string = implode(', ', $search); echo $search_string;

Here i Get something like Nokia,Sams

Next I write a single sql query include('connection.php');

$query = mysql_query("SELECT * FROM tablename where titles like '%$search_string%' ") or die(mysql_error());

What is happening is that only one value in the array is searched and not all the values in array..What changes should i Make so that all the array element should get searched

Thanks and regards

Improve this question
5
  • What are you trying to search for? Nokia, Sams or Nokia,Sams? Commented Aug 8, 2013 at 7:01
  • 1
    All mysql_* functions are officially deprecated (no longer supported/maintained) and will be removed in the future. You should update your code using PDO or MySQLi to ensure future functionality. Commented Aug 8, 2013 at 7:02
  • Also neither PDO, nor mysqli prevents sql injection itself. Read up on prepared statements. Commented Aug 8, 2013 at 7:05
  • @aman the thing is if i check two values and give submit , the values retrieved should include both nokia and sams Commented Aug 8, 2013 at 7:05
  • @PLB,@cryptic,Actually I used prepared statement in alomost all cases except this .... Commented Aug 8, 2013 at 7:36

2 Answers 2

Reset to default
1

Use IN keyword in your query instead of LIKE

$query = mysql_query("SELECT * FROM tablename where titles IN ($search_string)" ) or die(mysql_error());

Usage Example:

$query = mysql_query("SELECT * FROM tablename where titles IN ('Nokia','Sams')" ) or die(mysql_error());

This will give you records with title Nokia & Sams from the table.

Improve this answer
Sign up to request clarification or add additional context in comments.

12 Comments

i am getting error "Unknown column 'nokia' in 'where clause'"
$query = mysql_query("SELECT * FROM selling where titles IN ($search_string)" ) or die(mysql_error()); where selling=table name
Also it is not taking the second value sams(if i select both)...Then also i m getting error`Unknown column 'nokia' in 'where clause'
You need to enclose the string in single quotes.Like in the example shown in the answer.
$query =mysql_query("SELECT * FROM selling where titles IN ('$search_string')" ) or die(mysql_error()); here also i am able to get only nokia related value and not sams related value
|
0

Like User016 said, I would also recommend using the IN Statement. It searchs for several searchterms, splitted by a ,.

You can find the Doc there: http://dev.mysql.com/doc/refman/5.1/en/comparison-operators.html#function_in

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.