How to make a filter with multiple fields for html table?

Question

Hello, I am doing a table filter here at ktg.megusto.kz , and I need to somehow arrange the filter correctly, I have already tried everything and found nothing, now the code is

require_once "core/db_config.php"; if (isset($_GET['submit'])) { $fields = array('order_user', 'method', 'data_from', 'data_to'); $conditions = array(); foreach ($fields as $field) { if (isset($_GET[$field]) && $_GET[$field] != '') { $conditions[] = "`$field` LIKE '%" . $_GET[$field] . "%'"; } } $sql = "SELECT * FROM `ktg_base`"; if (count($conditions) > 0) { $sql .= "WHERE " . implode(' AND ', $conditions); } } else { $sql = "SELECT * FROM `ktg_base` WHERE del = 0"; } $result = $mysqli->query($sql) or die(mysqli_error($sql)); while ($row = mysqli_fetch_assoc($result)) { echo '<tr data-id="' . $row['id'] . '">'; echo '<td>' . $row['id'] . '</td>'; echo '<td>' . $row['order_user'] . '</td>'; echo '<td>' . $row['organizator'] . '</td>'; echo '<td>' . $row['name'] . '</td>'; echo '<td>' . $row['method'] . '</td>'; echo '<td>' . $row['data_from'] . '</td>'; echo '<td>' . $row['data_to'] . '</td>'; echo '<td>' . $row['status'] . '</td>'; echo '</tr>'; }

How everything should work, but it’s somehow not clear how to do it right? There are all 3 villages, and one field for searching the entire table.

At least the first forgotten klukhacker will break your site and remove everything from the database.
Use bind variables php.net/manual/ru/mysqli-stmt.bind-param.php And on the issue it is not clear what this “works like that is not clear”
Well, for this link you can see ktg.megusto.kz , how the filter works, as it is not clear

pavlikmd pavlikmd 23 5 bronze marks · Answer 1 · 2017-05-09T14:25:37

did like this

 if (isset($_GET['submit'])) { $action = $_GET['action']; $search = $_GET['order_user']; $p_from = $_GET['data_from']; $p_to = $_GET['data_to']; $method = $_GET['method']; if($_GET['order_user'] !== "") { $sql = "SELECT * FROM `ktg_base` WHERE CONCAT( `name` , `order_user` , `organizator` , `method` , `data_from` , `data_to` , `status` ) LIKE '%".$search."%'"; } else { $fields = array('method', 'data_from', 'data_to'); $conditions = array(); foreach ($fields as $field) { if (isset($_GET[$field]) && $_GET[$field] != '' && $_GET[$field] != '0') { $conditions[] = "`$field` LIKE '%" . $_GET[$field] . "%'"; } } $sql = "SELECT * FROM `ktg_base`"; if (count($conditions) > 0) { $sql .= "WHERE " . implode(' AND ', $conditions); } } } else { $sql = "SELECT * FROM `ktg_base` WHERE del = 0"; }

How to make a filter with multiple fields for html table?

1 answer 1

More articles: