Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m writing a large sql query based on information i’m getting from a submitted form that contains the search parameters. I’m just wondering if anyone has any recommendations on the best way of doing this. I was planning on having a list of if else statements and building a long search string based on the data the user enters search form.
Is there a better way of doing this? Any recommended sites or tutorials out there?
Thanks.
You’ll still need to worry about accidental SQL injection. Don’t skip escaping user input.
As for actually building the query itself: It’s not terribly uncommon to use php’s control structures to concatenate a series of query parts, but many people find tools like the Zend Framework to be really handy.