I have an HTML page where a person can enter information to search through a database. The options are: Author, Title, Category, Year, and ISBN.
A person can enter an Author name to search for books written by them. However, I want them to be able to put Author name + Category to retrieve records. The code underline does not function properly.
Any help will be appreciated.
$Author = $_POST["Author"];
$Title = $_POST["Title"];
$Category = $_POST["Category"];
$Year = $_POST["Year"];
$ISBN = $_POST["ISBN"];
// VIEW RECORDS WITH FOR STATEMENT
// How to filter through 2 or more filter statments ? ? ? Title = '$Title' , Category = '$Category', Year = '$Year', ISBN = $ISBN
if (isset($Author) AND is_null($Title) AND is_null($Category) AND is_null($Year) AND is_null($ISBN)) {
$sql = "SELECT * FROM Test WHERE Author = '$Author'";
echo $sql;
} elseif (isset($Author) AND isset($Title) AND is_null($Category) AND is_null($Year) AND is_null($ISBN)){
$sql = "SELECT * FROM Test WHERE Author = '$Author' AND Title = '$Title'";
echo $sql;
} elseif (isset($Author) AND isset($Title) AND isset($Category) AND is_null($Year) AND is_null($ISBN)){
$sql = "SELECT * FROM Test WHERE Author = '$Author' AND Title = '$Title' AND Category = '$Category'";
echo $sql;
} elseif (isset($Author) AND isset($Title) AND isset($Category) AND isset($Year) AND is_null($ISBN)){
$sql = "SELECT * FROM Test WHERE Author = '$Author' AND Title = '$Title' AND Category = '$Category' AND Year= '$Year'";
echo $sql;
} elseif (isset($Author) AND isset($Title) AND isset($Category) AND isset($Year) AND isset($ISBN)){
$sql = "SELECT * FROM Test WHERE Author = '$Author' AND Title = '$Title' AND Category = '$Category' AND Year= '$Year' AND ISBN= '$ISBN'";
echo $sql;
} else {
echo "You did not enter anything!";
}
$result = mysqli_query($con, $sql);
echo "<table border=1>";
echo "<tr><th>Author</th><th>Title</th><th>Category</th><th>Year</th><th>ISBN</th></tr>";
while ($row = mysqli_fetch_assoc($result)) {
echo "<tr><td>" . $row['Author'] . "</td><td>" . $row['Title'] . "</td><td>" . $row['Category'] . "</td><td>" . $row['Year'] . "</td><td>" . $row['ISBN'] . "</td></tr>";
}
echo "</table><br><br>";
This looks like a little more appropriate solution.
<?php
$fields=array('Author','Title','Category','Year','ISBN');
$query="SELECT * FROM Test WHERE ";
$first=true;
//unset fields that were not provided. Could be done inside of the next foreach
//but for simplicity reasons we will just do it here
foreach($fields as $key=>$val)
{
if(!isset($_POST[$val]))
unset($fields[$key]);
}
//now we only have fields that have data
foreach($fields as $field)
{
if($first)
{
$query.="`$field`='".$con->real_escape_string($_POST[$field])."' ";
$first=false;
}
else
{
$query.=" AND `$field`='".$con->real_escape_string($_POST[$field])."'";
}
}
$result = mysqli_query($con, $sql);
echo "<table border=1>";
echo "<tr><th>Author</th><th>Title</th><th>Category</th><th>Year</th><th>ISBN</th></tr>";
while ($row = mysqli_fetch_assoc($result))
{
echo "<tr><td>" . $row['Author'] . "</td><td>" . $row['Title'] . "</td><td>" . $row['Category'] . "</td><td>" . $row['Year'] . "</td><td>" . $row['ISBN'] . "</td></tr>";
}
echo "</table><br><br>";