Drop-down filter menu

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

phpflixnewbie
Forum Contributor
Posts: 132
Joined: Fri Nov 17, 2006 11:46 am

Post by phpflixnewbie »

Yes just tested it and it works like a dream. Before I leave this as resolved, do I need to/how would I add mysql_real_escape_string to any of my code?
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Anywhere there is something going into your database, wrap that var in mysql_real_escape_string().

Code: Select all

<?php
$var = mysql_real_escape_string($var);
$sql = "INSERT INTO table (field) VALUES ('$var')";
?>
phpflixnewbie
Forum Contributor
Posts: 132
Joined: Fri Nov 17, 2006 11:46 am

Post by phpflixnewbie »

Like so?:

Code: Select all

if(!empty($dvdgenre)) {

mysql_real_escape_string($releasedate);
mysql_real_escape_string($dvdgenre);

$query =  "SELECT dvd_titles.dvd_id
         	        , dvd_title
         	        , ROUND((coalesce(sum(totalfilm),0)
         	          +coalesce(sum(empire),0)
         	          +coalesce(sum(radiotimes),0)
			          +coalesce(sum(independent),0)
			          +coalesce(sum(mirror),0)
			          +coalesce(sum(guardian),0)
			         ) /
			         coalesce( count(totalfilm)
			                    +count(empire)
			                    +count(radiotimes)
			                    +count(independent)
			                    +count(mirror)
			                    +count(guardian)
			               ),1) as rounded_rating
			        , prodn_year
			        , date_format(dvd_rlsdate,'%d %b %y') as rlsdate
			        , dvd_genre
			        , totalfilm
			        , empire
			        , radiotimes
			        , independent
			        , mirror
			        , guardian
			        , form_value
			    FROM dvd_titles
			        , dvd_genres
			        , critics_ratings
			        , rls_quarters
			        , show_all
			    WHERE dvd_genres.dvd_id=dvd_titles.dvd_id
			      AND dvd_titles.dvd_id=critics_ratings.dvd_id
			      AND dvd_titles.dvd_id=rls_quarters.dvd_id
			      AND dvd_titles.dvd_id=show_all.dvd_id
			      AND (rls_quarter='$releasedate' OR form_value='$releasedate')
			      AND (dvd_genre='$dvdgenre' OR form_value='$dvdgenre')
			      GROUP BY dvd_titles.dvd_id
		          ORDER BY dvd_title";



}
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

My first suggestion is... try it. My next would be... try it.

But I think you understand it enough to know that is about how to do it.
phpflixnewbie
Forum Contributor
Posts: 132
Joined: Fri Nov 17, 2006 11:46 am

Post by phpflixnewbie »

Yes I get no errors so assume its working ok. I'd like to take this opportunity to say a very, very big THANKYOU to Everah, without whom I just could not have completed this application. I have learnt SO much from him, my understanding of basic PHP principles has improved greatly.
I really hope this thread will be useful for any other PHP newcomers!!!!. I will certainly be sticking around this forum, and I hope to contribute helping any newcomers as much as I can.


THANKYOU EVERAH THANKYOU!!!!!!!! :bow: :bow: :bow: :bow: :bow: :bow: :bow:
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

You are very welcome. I am glad it worked out for you.
Post Reply