CODEWITHSUNDEEP
phphtmlmysqlsql
Volterony
Volterony

Reputation: 127

Select data within a date range using form

I would like to search a mysql database for a list of products that have been inserted between a date range. Say I have a table called product which has: id, name, brand, and datecreated, I can do this in mysql:

select id, name, brand, datecreated 
  from product 
 where datecreated between '2013-09-12' and '2013-10-10'
 order by datecreated desc;

This will obviously return the desired result either in Mysql or within php.

However I would like to define the date range in the select statement with a form which asks the user for the to and from dates. Not sure what the method will be either ?

    <form action="?" method="">
        <div id="dates">
            <label for="searchdates">Enter your dates here:</label>
            <br>
            <label for="fromdate">From:<textarea id="fromdate" name="fromdate" rows="1" cols="5"></textarea></label>
            <lablel for="todate">To:<textarea id="todate" name="todate" rows="1" cols="5"></textarea></label>
        </div>
        <div><input type="submit" value="Search"/></div>
    </form>

So what I am unsure of is how the user defined date range from the form can be added/inserted to the select statement to return the data within the defined date range?

Cheers Volterony

Upvotes: 0

Views: 5763

Answers (2)

Nick Coons
Nick Coons

Reputation: 3692

The user-submitted values would come in as $_POST['fromdate'] and $_POST['todate'], or $_GET['fromdate'] and _$GET['todate'], depending on whether your form method above was post or get (I'd generally recommend post in case there is a specific reason for using get, like wanting to bookmark the page).

So your code to handle this could look something like this (assuming $pdo is your database PDO object):

$fromdate = new DateTime( $_POST['fromdate'] );
$todate   = new DateTime( $_POST['todate'] );

$query = <<<SQL
  SELECT id, name, brand, datecreated
    FROM product
   WHERE datecreated BETWEEN :fromdate AND :todate
   ORDER BY datecreated desc
SQL;

$result = $pdo->prepare( $query );
$result->execute( array(
    ":fromdate" => $fromdate->format( "Y-m-d" ),
    ":todate"   => $todate->format( "Y-m-d" );
));

$rows = $result->fetchAll( PDO::FETCH_ASSOC ):

$rows now contains an array of all of the rows of your table that match the specified criteria.

Upvotes: 1

danmullen
danmullen

Reputation: 2510

The exact syntax depends on how you're interacting with your database (MySQLi, PDO, etc.). You basically need to take the POSTed form values, do some straightforward validation to make sure that the user hasn't entered anything dangerous, then insert the values into the query:

$from = mysqli_real_escape_string($_POST['fromdate']);
$to = mysqli_real_escape_string($_POST['todate']);
$sql = "select id, name, brand, datecreated from product where datecreated between '$from' and 
'$to' order by datecreated desc";

The action on the form would be whichever page you place the above code in - it could be the same page as the form. In that case, the action would be <?php echo basename($_SERVER['PHP_SELF']); ?> and the method would be POST.

Upvotes: 0

Related Questions