0

I am running this SQL Query in PHP:

$stmt = $pdo_conn->prepare("SELECT * from porting order by field(status, 'Submitted', 'Rejected', 'Cancelled', 'Accepted') ");
$stmt->execute(array());
$records = $stmt->fetchAll(PDO::FETCH_ASSOC);

But i want to be able to add checkboxes to modify the query without refreshing the page

for example,

<input type="checkbox" name="status" value="Submitted" />
<input type="checkbox" name="status" value="Rejected" />
<input type="checkbox" name="status" value="Cancelled" />
<input type="checkbox" name="status" value="Accepted" />

so if the input with a value of 'Submitted' is checked the query will change to:

SELECT * from porting where status = 'Submitted'

and if both inputs with values 'Submitted' and 'Accepted' are checked, the query will be:

SELECT * from porting where status = 'Submitted' or status = 'Accepted'
Improve this question
3
  • 4
    You've told us what you want. Now tell us what you've tried. Commented Apr 30, 2014 at 14:21
  • What do you mean by "without refreshing the page"? Commented Apr 30, 2014 at 14:21
  • order by field(status, 'Submitted', 'Rejected', 'Cancelled', 'Accepted')? Commented Apr 30, 2014 at 14:22

2 Answers 2

Reset to default
2

Your checkboxes should use array syntax

<input type="checkbox" name="status[]" value="Submitted" />
<input type="checkbox" name="status[]" value="Rejected" />
<input type="checkbox" name="status[]" value="Cancelled" />
<input type="checkbox" name="status[]" value="Accepted" />

From there, you implode. 

$sql = "SELECT * from porting where status IN('".implode("', '", $_POST['status'])."')";

WARNING: The SQL query above IS VULNERABLE TO SQL INJECTION, but it should get you on the right track.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Curious. How does this handle the where status = 'Submitted' or status = 'Accepted'? More specifically, the or clause. Does your IN clause do that?
@Fred-ii- I believe that this answer is taking the liberty of assuming that the use of OR is not strictly required and therefore IN may be a suitable replacement.
@PatrickQ Was just stating what the OP asks in the question "and if both inputs with values 'Submitted' and 'Accepted' are checked, the query will be: SELECT * from porting where status = 'Submitted' or status = 'Accepted'"
@Fred-ii Yes "IN" is best choice here as it make your answer dynamic rather than specific. And also "IN" does same think as you think need in "OR".
@Pinu Thanks for clarifying that for me. I like understand how things work, cheers.
0 
$checkboxes = $_POST['status'];
if(count($checkboxes)) {
    $where_clause = ' where';
}
else {
    $where_clause = '';
}
foreach($checkboxes as $el) { $el = addslashes($el);
   $where_clause .= " status = '$el' or";
}
$where_clause = substr($where_clause, 0, -2);

$query = 'select * from porting' . $where_clause;

Finally, $query will contain a string like this:

select * from porting where status = 'Submitted' or status = 'Cancelled'

And you should use name="status[]" instead of name="status" if you want to send more than one values.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.