I like to store my where pieces in an array and then
implode. I usually load my indexed columns first.
$where = array();
if ($_POST['house_id'] == "yes") {
$where[] = 'id = '.intval($_POST['house_id']);
}
if ($_POST['fireplace'] == "yes") {
$where[] = 'fireplace = 1';
}
if (isset($_POST['gar
Ed Curtis wrote:
To answer the question, $query_str.=" AND garage = '$garage' ";
BUT. If $garage is an id (numeric), then you should use
$garage=abs($garage) first in order to defeat SQL injection. If it's a
string, well, say so and we'll tell you what to do (a lot to explain,
and not useful if it
> To answer the question, $query_str.=" AND garage = '$garage' ";
>
> BUT. If $garage is an id (numeric), then you should use
> $garage=abs($garage) first in order to defeat SQL injection. If it's a
> string, well, say so and we'll tell you what to do (a lot to explain,
> and not useful if it's an
Ed Curtis wrote:
This list has helped me out alot and I hope it can do it one more time.
I need to build a MySQL query based on 11 different options from a form.
Some options will have values others will be checkboxes to say include in
the query.
How I thought about going at it was using a defaul
4 matches
Mail list logo
