0

I can not search on multiple fields on php. Conditions of AND and OR are not working in three fields.

Example:

$string_query = mysql_query ("SELECT * FROM Rock WHERE author ="."'".htmlspecialchars($_POST['search'])."' AND name ="."'".htmlspecialchars($_POST['name'])."' OR god="."'".htmlspecialchars($_POST['god'])."' ");

If you fill only the $_POST['search'] and $_POST['name'], the search is successful, but if $_POST['search'], $_POST['name'] and $_POST['god'] is not working. How to be?

Improve this question
2
  • Could you please explain the problem a little more. ? Commented Apr 13, 2016 at 6:03
  • 1
    Give an example on "not working", such as a table of data with input and result. You are building SQL, not HTML, so don't use htmlspecialchars. Use mysqli_real_escape_string. (Don't use the old mysql extension; it is so deprecated that it is already removed from PHP.) Commented Apr 13, 2016 at 6:05

1 Answer 1

Reset to default
2

hey you can use concatenate concept in your sql the following code will help you if any query you can ask

$var='';
$_POST['search']='adas';
$_POST['name']="ram";
$_POST['god']="shankar";
$m=2;
$n=5;
 $c=4;
if ($m==2) {
$var.= "author=htmlspecialchars($_POST[search])" ;
}
if ($n==5) {
$var.=" AND name ="."'".htmlspecialchars($_POST['name'])."' " ;
}
if ($c==4) {
$var.=" OR god="."'".htmlspecialchars($_POST['god'])."' " ;
}

echo "SELECT * FROM Rock WHERE $var ";
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.