I have a very noobish question right here. How can I use PHP in my PHP SQL query?
My query is
mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM shop WHERE categorie='4' AND actief='1' ORDER BY prijs + 0 ASC");
and what I'm trying to have is this
mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM shop WHERE categorie='4' AND ". if(htmlentities($gegevens['rang']) == '1') { echo ""; } else { echo "actief='1'";} . " ORDER BY prijs + 0 ASC");
How can I get this to work?
For everyone's sanity, please do not use ternary conditions inside SQL string concatenation.
$andActeif = "";
if (intval($gegevens['rang']) == 1) {
$andActive = " AND acteif = '1' ";
}
mysqli_query($GLOBALS["___mysqli_ston"], "
SELECT *
FROM shop
WHERE categorie='4'
$andActeif
ORDER BY prijs + 0 ASC");
Your future self will thank you.
You need to use the ?: conditional (AKA ternary) expression.
mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM shop WHERE categorie='4' ". ($gegevens['rang'] == '1' ? "" : "AND actief='1'") . " ORDER BY prijs + 0 ASC");
And the AND should be part of the string that's added by the conditional code. Otherwise, when $gegevens['rang'] is not 1, you'll have AND with no condition after it.
For a more general approach to building the WHERE clause dynamically, see
mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM shop WHERE categorie='4' ". ($gegevens['rang'] == '1' ? "" : " AND actief='1'") . " ORDER BY prijs + 0 ASC");