Page 1 of 1

replace ") (" with ") OR ("

Posted: Fri Feb 21, 2003 7:14 am
by directoris
ok, let's try to explain what the problem is. This script build up a query based on a search form variables. In that form we have:

$baddress
$bpostcode
$bcountry
and &boolean

it is sent to the section where we will build up a mysql query:



if ( $baddress != "" && $baddress != " " ) $mbaddress = "(baddress LIKE '%$baddress%')";
if ( $bcity != "" && $bcity != " " ) $mbcity = "(bcity LIKE '%$bcity%')";
if ( $bpostcode != "" && $bpostcode != " " ) $mbpostcode = "(bpostcode LIKE '%$bpostcode%')";
if ( $bstate != "" && $bstate != " " ) $mbstate = "(bstate LIKE '%$bstate%')";
if ( $bcountry != "" ) $mbcountry = "(bcountry LIKE '%$bcountry%')";



$sqlquery = "$mbaddress $mbcity $mbpostcode $mbstate $mbcountry";


if ($boolean == "OR") $sqlquery = str_replace (') (',') OR (', $sqlquery);
if ($boolean == "AND") $sqlquery = str_replace (') (',') AND (', $sqlquery);


mysql_select_db( $dbprofiles );

$result = mysql_query("SELECT * FROM myadd WHERE ($sqlquery) ORDER BY bname ASC, ownership ASC") or error( mysql_error() );



Now, this part doesn't work:

if ($boolean == "OR") $sqlquery = str_replace (') (',') OR (', $sqlquery);
if ($boolean == "AND") $sqlquery = str_replace (') (',') AND (', $sqlquery);




Thanks for your help,


- Vincent

Posted: Fri Feb 21, 2003 7:37 am
by Stoker
Have you verified what $boolean holds?
perhaps try

$sqlquery = str_replace (') (',') '.$boolean.' (', $sqlquery);

--
If all the vars are posted from forms you should use mysql_escape_string(stripslashes($_REQUEST['form_field'])) or something like that to make sure there are no bad stuff posted..

Posted: Fri Feb 21, 2003 7:54 am
by directoris
Yes Stoker, $boolean holds. I'm sure about that.

As far as I know it can't find ") (" at the first place, although it's here. And when I try your suggestion it didn't either.


Also if I write this:


$sqlquery = "(bcountry LIKE '%$bcountry%') (bstate LIKE '%$bstate%')";

if ($boolean == "OR") $sqlquery = ereg_replace (") (",") $boolean (", $sqlquery);
if ($boolean == "AND") $sqlquery = ereg_replace (") (",") $boolean (", $sqlquery);


I got this error:

Warning: ereg_replace() [function.ereg-replace]: REG_EPAREN in /home/virtual/site458/....




- Vincent

Posted: Fri Feb 21, 2003 8:14 am
by directoris
YO! Found it :D


First I replaced:

$sqlquery = "$mbaddress $mbcity $mbpostcode $mbstate $mbcountry";

with:

$sqlquery = "$mbaddress"."$mbcity"."$mbpostcode"."$mbstate"."$mbcountry";



THEN

if ($boolean == "OR") $sqlquery = str_replace (') (',') OR (', $sqlquery);
if ($boolean == "AND") $sqlquery = str_replace (') (',') AND (', $sqlquery);


by:


if ($boolean == "OR") $sqlquery = ereg_replace ("\) \(",") $boolean (", $sqlquery);
if ($boolean == "AND") $sqlquery = ereg_replace ("\) \(",") $boolean (", $sqlquery);



So thank you Stoker for your post and thank you to those who read my post. What a great day today, isn't it?



- Vincent

Posted: Fri Feb 21, 2003 8:28 am
by Stoker
first of all, NEVER EVER use ereg!!! It is very inefficient and wastes a lot of resources, if you need regex use preg, but your case does not need any regex at all, it looks to me like you just are missing on the space between ) and (... str_replace() is the solution in this case!

Posted: Fri Feb 21, 2003 8:50 am
by directoris
Ok Stoker, I followed what you said and I replaced this:


if ($boolean == "OR") $sqlquery = ereg_replace ("\) \(",") $boolean (", $sqlquery);
if ($boolean == "AND") $sqlquery = ereg_replace ("\) \(",") $boolean (", $sqlquery);


with:


if ($boolean == "OR") $sqlquery = str_replace (")(",") $boolean (", $sqlquery);
if ($boolean == "AND") $sqlquery = str_replace (")(",") $boolean (", $sqlquery);


And it works also :D


So it means that it was this:

$sqlquery = "$mbaddress $mbcity $mbpostcode $mbstate $mbcountry";


that caused the problem then. Because I remember trying with and without the space like you said. None of the attempts were successful at that time.


Anyway, thank you for your help. You saved me another bad day ;)


- Vincent