I have a filtration system for my MySQL that is based off of URL parameters. One of my parameters needs to be used several times sometimes.
I.E. Sometimes the url may be localhost/?certifications=VALUE&certifications=VALUE2
All of the values for certifications is stored together in my database as value 1, value 2, value 3, etc.
My filter works if one value is listed in the records but once there are multiple and they are seperated by a comma it doesn't work.
I tried using this code I wrote to make a statement for each certification parameter used, but its failing and I don't know why.
if(isset($_GET['certifications'])) {
foreach ($_GET['certifications']) {
$certifications = mysqli_real_escape_string($conn,$_GET['certifications']);
$conditions .= " AND certifications='$certifications'";
}}
What would cause this to not work?
Are there other ways to get multiple values from one database column with the same url parameters?
Full Code
<div id="search">
<h2>Filter Results</h2>
<form method="get" action="test.php">
<h3>Certifications</h3>
<label><input type="checkbox" name="certifications" value ="washington"/>Washington</label>
<label><input type="checkbox" name="certifications" value ="new york"/>New York</label>
<label><input type="checkbox" name="certifications" value ="virginia"/>Virginia</label>
<label><input type="checkbox" name="certifications" value ="florida" />Florida</label>
<label><input type="checkbox" name="certifications" value ="georgia" />Georgia</label>
<label><input type="checkbox" name="certifications" value ="utah" />Utah</label>
<h3>Signage</h3>
<label><input type="checkbox" name="signage" value ="1" /><span class="label">Top Sign</label>
<h3>State</h3>
<select name="state">
<option>Select State</option>
<option value="AL">Alabama</option>
<option value="AK">Alaska</option>
<option value="AZ">Arizona</option>
<option value="AR">Arkansas</option>
<option value="CA">California</option>
<option value="CO">Colorado</option>
<option value="CT">Connecticut</option>
<option value="DE">Delaware</option>
<option value="DC">District Of Columbia</option>
<option value="FL">Florida</option>
<option value="GA">Georgia</option>
<option value="HI">Hawaii</option>
<option value="ID">Idaho</option>
<option value="IL">Illinois</option>
<option value="IN">Indiana</option>
<option value="IA">Iowa</option>
<option value="KS">Kansas</option>
<option value="KY">Kentucky</option>
<option value="LA">Louisiana</option>
<option value="ME">Maine</option>
<option value="MD">Maryland</option>
<option value="MA">Massachusetts</option>
<option value="MI">Michigan</option>
<option value="MN">Minnesota</option>
<option value="MS">Mississippi</option>
<option value="MO">Missouri</option>
<option value="MT">Montana</option>
<option value="NE">Nebraska</option>
<option value="NV">Nevada</option>
<option value="NH">New Hampshire</option>
<option value="NJ">New Jersey</option>
<option value="NM">New Mexico</option>
<option value="NY">New York</option>
<option value="NC">North Carolina</option>
<option value="ND">North Dakota</option>
<option value="OH">Ohio</option>
<option value="OK">Oklahoma</option>
<option value="OR">Oregon</option>
<option value="PA">Pennsylvania</option>
<option value="RI">Rhode Island</option>
<option value="SC">South Carolina</option>
<option value="SD">South Dakota</option>
<option value="TN">Tennessee</option>
<option value="TX">Texas</option>
<option value="UT">Utah</option>
<option value="VT">Vermont</option>
<option value="VA">Virginia</option>
<option value="WA">Washington</option>
<option value="WV">West Virginia</option>
<option value="WI">Wisconsin</option>
<option value="WY">Wyoming</option>
</select>
<br>
<input class="submit_filter" type="submit" name="formSubmit"/>
</form>
</div>
<div id="count">
<?php
$countListings = mysqli_num_rows(mysqli_query($conn, "SELECT * FROM pilotOperators"));
echo "Total Listings: " . $countListings;
?>
</div>
<div id="results">
<?php
$start=0;
$limit=5;
if(isset($_GET['pg']))
{
$pg=$_GET['pg'];
$start=($pg-1)*$limit;
}
else {
$pg = 1;
}
$sql = mysql_query($query);
$conditions = "SELECT * FROM pilotOperators WHERE 1=1 ORDER BY id DESC";
# append condition for signage (if required)
if(isset($_GET['signage'])) {
$conditions .= " AND signage='1'";
}
# append condition for certifications (if required)
if(isset($_GET['certifications'])) {
$certifications = mysqli_real_escape_string($conn,$_GET['certifications']);
$conditions .= " AND certifications='$certifications'";
}
# append condition for state (if required)
if(isset($_GET['state'])) {
if($_GET['state'] != "Select State") {
$state = mysqli_real_escape_string($conn,$_GET['state']);
$conditions .= " AND state='$state'";
}
}
$conditions .= " Limit $start, $limit";
$result = mysqli_query($conn, $conditions);
while($row = mysqli_fetch_array($result))
{
echo "\n <table border='0' class='resultTable' width='75%'> \n";
echo "<tr> \n";
echo "<td width='120px'>Business: </td> \n";
echo "<td>" . $row['business'] . "</td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td width='120px'>Cars Available: </td> \n";
echo "<td>" . $row['cars'] . "</td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td>Name: </td> \n";
echo "<td>" . $row['name'] . "</td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td>Phone: </td> \n";
echo "<td>" . $row['phone'] . "</td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td>Alt. Phone: </td> \n";
echo "<td>" . $row['alt_phone'] . "</td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td>Fax: </td> \n";
echo "<td>" . $row['fax'] . "</td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td>Email: </td> \n";
echo "<td>" . $row['email'] . "</td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td>Website: </td> \n";
echo "<td><a href='" . $row['website'] . "' target='_blank'>" . $row['website'] . "</a></td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td>City: </td> \n";
echo "<td>" . $row['city'] . "</td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td>State: </td> \n";
echo "<td>" . $row['state'] . "</td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td>Certifications: </td> \n";
echo "<td>" . $row['certifications'] . "</td> \n";
echo "</tr> \n";
echo "<tr> \n";
echo "<td>Top Sign: </td> \n";
echo "<td>";
if($row['signage'] = 1) {
echo "Has Top Sign";
}
else {
echo "Top Sign Not Listed";
}
echo "</td> \n";
echo "</tr> \n";
echo "</table> \n\n";
}
$countconditions = "SELECT * FROM pilotOperators WHERE 1=1";
# append condition for signage (if required)
if(isset($_GET['signage'])) {
$countconditions .= " AND signage='1'";
}
# append condition for certifications (if required)
if(isset($_GET['certifications'])) {
$certifications = mysqli_real_escape_string($conn,$_GET['certifications']);
$countconditions .= " AND certifications='$certifications'";
}
# append condition for state (if required)
if(isset($_GET['state'])) {
if($_GET['state'] != "Select State") {
$state = mysqli_real_escape_string($conn,$_GET['state']);
$countconditions .= " AND state='$state'";
}
}
$rows = mysqli_num_rows(mysqli_query($conn, $countconditions));
$total=ceil($rows/$limit);
echo "<div id='paginationLinks'> \n";
if($pg>1)
{
$q2 = http_build_query(array_merge($_GET, ["pg" => $pg-1]));
echo "<a href='index.php?".$q2."' class='paginationButton'>PREVIOUS</a> \n";
}
if($pg!=$total)
{
$q = http_build_query(array_merge($_GET, ["pg" => $pg+1]));
echo "<a href='index.php?".$q."' class='paginationButton'>NEXT</a> \n";
}
echo "<ul class='page'> \n";
for($i=1;$i<=$total;$i++)
{
if($i==$pg) { echo "<li class='current'>".$i."</li> \n"; }
else { echo "<li><a href='?pg=".$i."'>".$i."</a></li> \n"; }
}
echo "</ul> \n";
echo "</div> \n";
mysqli_close($con);
?>
</div>
</div>
$certificationslook like? What is the final rendered value of$conditions. Do you have error reporting turned on for your code ?certifications IN ($certifications[0], $certifications[1])or something similar