behzad n
Reputation: 249
search all in same query
table (book) ==> (keyid,name)
<form action="se.php">
<select>
<option value="1">book1</option>
<option value="2">book2</option>
<option value="3">book3</option>
<option value="????">All Book</option>
</select>
<input type="submit" name="search" value="search">
</form>
//se.php
$keyid=$_GET[keyid];
$sql=mysql_query("SELECT `name` FROM `book` WHERE `keyid`='$keyid'");
//end page
what i put in last option value (????) for sql query search all content???
Upvotes: 0
Views: 75
Answers (3)
m4t1t0
Reputation: 5731
Your code is very weak about protecting from sql injection. You should escape your inputs and never trust the values that you receive. Think about this value in your option:
<option value="';truncate table book;">All Book</option>
A good approach is the answer by @cojack
Upvotes: 1
cojack
Reputation: 2620
all
then:
$where = '';
if $keyid != all then {
$where = WHERE `keyid`= $keyid // escape value protect from sql injection!
}
mysql_query("SELECT `name` FROM `book` $where");
Upvotes: 2
Zagor23
Reputation: 1963
This should do it:
$keyid=mysql_real_escape_string($_GET[keyid]);
if(trim($keyid)!="")
$where = " `keyid`='$keyid' ";
else
$where = " 1 ";
$sql=mysql_query("SELECT `name` FROM `book` WHERE $where ");
Upvotes: 1
Related Questions
- PHP Query multiple search
- Search entire database in mysql using php
- How to search query in php?
- PHP search multiple table
- Searching multiple rows in MySQL database with PHP
- Mysql wide search
- search query in php using mysql
- search query in php
- search multiple fields from a single table in php mysql
- How to search multiple columns with one search using multiple inputs