43

I'm trying to work with AJAX autocompletes and I am having a few problems with getting the two languages to work in synergy.

When I replace all the issets with only one $_POST, the snippet below will work, however by adding another $_POST, I get an error on line 5.

require_once '../Configuration.php';
if (isset($_POST['search_term'] . $_POST['postcode']) == true && empty ($_POST['search_term'] . $_POST['postcode']) == false) {
    $search_term = mysql_real_escape_string($_POST['search_term'] . $_POST['postcode']);
    $query = mysql_query("SELECT `customer_name`,`postcode` FROM `Customers` WHERE `customer_name` LIKE '$search_term%' ");
    while(($row = mysql_fetch_assoc($query)) !== false) {
        //loop
        echo '<li>',$row['customer_name'] . $row['postcode'] '</li>';
    }
}

Any advice on why it is throwing this error would be much appreciated. Thanks.

I understand I should be using mysqli, I am just trying to get the logic first :)

JavaScript:

Primary.js:

$(document).ready(function() {
    $('.autosuggest').keyup(function() {
        var search_term = $(this).attr('value');
        var postcode = $_GET['postcode'];
        //alert(search_term); takes what is typed in the input and alerts it
        $.post('ajax/search.php', {search_term:search_term, postcode:postcode},     function (data) {
            $('.result').html(data);
            $('.result li').click(function() {
                var result_value = $(this).text();
                $('.autosuggest').attr('value', result_value);
                $('.result').html('');
                
            });
        });
    });
});
Improve this question
1
  • 1
    One isset per array index. By the way isset == true is redundant. Commented Jan 23, 2013 at 9:48

4 Answers 4

Reset to default
99

The parameter(s) to isset() must be a variable reference and not an expression (in your case a concatenation); but you can group multiple conditions together like this:

if (isset($_POST['search_term'], $_POST['postcode'])) {
}

This will return true only if all arguments to isset() are set and do not contain null.

Note that isset($var) and isset($var) == true have the same effect, so the latter is somewhat redundant.

Update

The second part of your expression uses empty() like this:

empty ($_POST['search_term'] . $_POST['postcode']) == false

This is wrong for the same reasons as above. In fact, you don't need empty() here, because by that time you would have already checked whether the variables are set, so you can shortcut the complete expression like so:

isset($_POST['search_term'], $_POST['postcode']) && 
    $_POST['search_term'] && 
    $_POST['postcode']

Or using an equivalent expression:

!empty($_POST['search_term']) && !empty($_POST['postcode'])

Final thoughts

You should consider using filter functions to manage the inputs:

$data = filter_input_array(INPUT_POST, array(
    'search_term' => array(
        'filter' => FILTER_UNSAFE_RAW,
        'flags' => FILTER_NULL_ON_FAILURE,
    ),
    'postcode' => array(
        'filter' => FILTER_UNSAFE_RAW,
        'flags' => FILTER_NULL_ON_FAILURE,
    ),
));

if ($data === null || in_array(null, $data, true)) {
    // some fields are missing or their values didn't pass the filter
    die("You did something naughty");
}

// $data['search_term'] and $data['postcode'] contains the fields you want

Btw, you can customize your filters to check for various parts of the submitted values.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

One note - as of PHP 5.5.0 empty() also explicitly supports expressions.
You've way far advanced for me haha, I am literally just learning PHP. Thanks
13

The parameters of isset() should be separated by a comma sign (,) and not a dot sign (.). Your current code concatenates the variables into a single parameter, instead of passing them as separate parameters.

So the original code evaluates the variables as a unified string value:

isset($_POST['search_term'] . $_POST['postcode']) // Incorrect

While the correct form evaluates them separately as variables:

isset($_POST['search_term'], $_POST['postcode']) // Correct
Improve this answer

Comments

9

You just need:

if (!empty($_POST['search_term']) && !empty($_POST['postcode']))

isset && !empty is redundant.

Improve this answer

Comments

3

Use the php's OR (||) logical operator for php isset() with multiple operator e.g

if (isset($_POST['room']) || ($_POST['cottage']) || ($_POST['villa'])) {

}
Improve this answer

1 Comment

This is wrong, and would generate notices if $_POST['room'] is set and the rest isn't. You need to wrap all of these in a single isset and pass the last two variables as arguments, or you need to wrap them in an isset of their own.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.