Search by string in SQL/ PHP database

Asked

Viewed 917 times

0

Good night,

I have the following select which is to fetch users according to their category:

$consulta = "SELECT * FROM app_usuarios WHERE  cat = '$categ'

$categ is the variable I receive dynamically according to the user’s choice.

I have the following categories registered in the bank: A, B, C, D, DM, And.

Only when the search asks for the return of the categories "D" and "DM" the result returns empty, it only returns values when the chosen option is A, B, C and E.

What is wrong in my select ??

Thank you. Hug

php sql select-sql

  • Please post the part of your html that contains this form.

  • But the problem is not in html but in SELECT .. it is returning the data .. the problem is the comparison of the strings when it has similar start.

  • Check that the Category Letter is also capitalized, because sql differentiates between upper and lower case letters, use UPPER(): Like this: $query = "SELECT * FROM app_usuarios WHERE UPPER(cat) = UPPER('$categ') or use php’s escape variable $query = "SELECT * FROM app_usuarios WHERE cat = '". $categ."';

  • Your select is ok, except that you didn’t close the string or have the semicolon, but it might have been at the time of pasting (if it wasn’t going to give syntax error). Thus, if $categ is any of these values, it must return something if the database contains these data. To help you, we have to eliminate the possibility that the form is not sending the correct parameter. If you have already done this, you can then put in the answer the result of print_r($categ) before this line? or a print_r($consulta) after her. To help you debug.

  • Another @Paulinha thing, outside the scope of your question, just by way of suggestion: as your code stands, it is vulnerable to SQL Injection. You do not put in a query a value received directly from the user. It has to be sanitized first. I suggest using alternatives like Mysqli or PDO, and using concepts like prepare statements, for example.

  • Hi guys .. thank you for the guidelines.. the treatment for Injection was done.. it is protected. About what Marcus Italo commented.. the category data is exactly like this in the database.. if I change users with DJ category and put D the select works.. If I change where D is and put DJ select works. The problem is when there are users in the bank with D class and DJ together.. then it brings neither of the two... But if I leave one of them for example then the select brings results.

  • You can then add the result of print_r($categ) before this line? or a print_r($consulta) after her?

  • when I select category D or DJ nothing appears. when I select A, what appears is as follows:

  • $query = "SELECT * FROM app_usuarios WHERE cat = 'A'

  • As such nothing appears? $consulta blank or $categ blank?

  • Let’s go continue this discussion in chat.

Show 6 more comments

1 answer

1


The solution found was the use of a LIKE, in the search :

$consulta = "SELECT * FROM app_usuarios WHERE  cat LIKE '$categ'

  • Thank you!!!! Working now!

Browser other questions tagged php sql select-sql

You are not signed in. Login or sign up in order to post.