How to process forms in a Controller Action?
for example in my view:
<form id="formid">
<input name="yrlevel"></input>
</form>
How will I process it like this in my action (adding mysql query condition from what is the value of the textfield):
$criteria->addSearchCondition('yrLvl', $_GET['yrlevel']
You've got half the work done there; you need to add the value to the criteria, as you have done, and then you need to specify that criteria when you call a search, like so:
$criteria = new CDbCritera;
// If you want to use MySQL's 'LIKE' syntax you could use addSearchCondition()
$criteria->addSearchCondition('yrlevel',$_GET['yrlevel'], true);
// If you want to do a direct comparison you could use condition()
$criteria->condition('yrlevel = :yrlevel');
$criteria->params = array(
':yrlevel'=>$_GET['yrlevel']
);
$models = MyModel::model()->findAll($criteria);
$models will then contain an array of models that match the search criteria. I've shown addSearchCondition() and condition() above as an example on how to use them (you probably wouldn't want to use them together for the same field as I've shown above), take a look at CDbCriteria for more info on how you can structure queries.
Yii will bind your params using PDO so you don't absolutely need to sanitize the data yourself, although you may want to for whatever reason.
I am not yii expert but this tutorial will help you to add search condition
http://www.yiiframework.com/doc/api/1.1/CDbCriteria#addSearchCondition-detail
try this..
and try to use strip_slashes before directly inputting $_GET data.