How to avoid empty in like statement in mysql query
In my below code, I have been querying name and email from the database,
in this case, if name or email is empty it fetches all the data.
How to avoid this? Please help
Mysql query:
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata
INNER JOIN state ON insertdata.state = state.StCode
INNER JOIN district ON insertdata.district = district.DistCode
WHERE name LIKE '%$namesearch%' OR email LIKE '%$emailsearch%'");
My Code,
<?php
include_once("function.php");
$searchdata=new DB_con();
if(isset($_POST['submit']))
{
$namesearch=$_POST['namesearch'];
$emailsearch=$_POST['emailsearch'];
}
$search=$searchdata->searchdata($namesearch,$emailsearch);
foreach($search as $search)
{
?>
<tr>
<td><?php echo ($search['name']);?></td>
<td><?php echo ($search['email']);?></td>
<td><?php echo ($search['StateName']);?></td>
<td><?php echo ($search['DistrictName']);?></td>
</tr>
<?php
}
?>
php mysql
add a comment |
In my below code, I have been querying name and email from the database,
in this case, if name or email is empty it fetches all the data.
How to avoid this? Please help
Mysql query:
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata
INNER JOIN state ON insertdata.state = state.StCode
INNER JOIN district ON insertdata.district = district.DistCode
WHERE name LIKE '%$namesearch%' OR email LIKE '%$emailsearch%'");
My Code,
<?php
include_once("function.php");
$searchdata=new DB_con();
if(isset($_POST['submit']))
{
$namesearch=$_POST['namesearch'];
$emailsearch=$_POST['emailsearch'];
}
$search=$searchdata->searchdata($namesearch,$emailsearch);
foreach($search as $search)
{
?>
<tr>
<td><?php echo ($search['name']);?></td>
<td><?php echo ($search['email']);?></td>
<td><?php echo ($search['StateName']);?></td>
<td><?php echo ($search['DistrictName']);?></td>
</tr>
<?php
}
?>
php mysql
By validating the input before building the search query?
– B001ᛦ
Nov 23 at 8:56
1
Your code is open to SQL injection related attacks. Please learn to use Prepared Statements
– Madhur Bhaiya
Nov 23 at 8:57
Also, check this answer on how to create query dynamically based on the filter value: stackoverflow.com/a/53427912/2469308
– Madhur Bhaiya
Nov 23 at 8:57
add a comment |
In my below code, I have been querying name and email from the database,
in this case, if name or email is empty it fetches all the data.
How to avoid this? Please help
Mysql query:
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata
INNER JOIN state ON insertdata.state = state.StCode
INNER JOIN district ON insertdata.district = district.DistCode
WHERE name LIKE '%$namesearch%' OR email LIKE '%$emailsearch%'");
My Code,
<?php
include_once("function.php");
$searchdata=new DB_con();
if(isset($_POST['submit']))
{
$namesearch=$_POST['namesearch'];
$emailsearch=$_POST['emailsearch'];
}
$search=$searchdata->searchdata($namesearch,$emailsearch);
foreach($search as $search)
{
?>
<tr>
<td><?php echo ($search['name']);?></td>
<td><?php echo ($search['email']);?></td>
<td><?php echo ($search['StateName']);?></td>
<td><?php echo ($search['DistrictName']);?></td>
</tr>
<?php
}
?>
php mysql
In my below code, I have been querying name and email from the database,
in this case, if name or email is empty it fetches all the data.
How to avoid this? Please help
Mysql query:
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata
INNER JOIN state ON insertdata.state = state.StCode
INNER JOIN district ON insertdata.district = district.DistCode
WHERE name LIKE '%$namesearch%' OR email LIKE '%$emailsearch%'");
My Code,
<?php
include_once("function.php");
$searchdata=new DB_con();
if(isset($_POST['submit']))
{
$namesearch=$_POST['namesearch'];
$emailsearch=$_POST['emailsearch'];
}
$search=$searchdata->searchdata($namesearch,$emailsearch);
foreach($search as $search)
{
?>
<tr>
<td><?php echo ($search['name']);?></td>
<td><?php echo ($search['email']);?></td>
<td><?php echo ($search['StateName']);?></td>
<td><?php echo ($search['DistrictName']);?></td>
</tr>
<?php
}
?>
php mysql
php mysql
edited Nov 23 at 8:57
PeS
1,32521222
1,32521222
asked Nov 23 at 8:54
Riyaz Ashik
11
11
By validating the input before building the search query?
– B001ᛦ
Nov 23 at 8:56
1
Your code is open to SQL injection related attacks. Please learn to use Prepared Statements
– Madhur Bhaiya
Nov 23 at 8:57
Also, check this answer on how to create query dynamically based on the filter value: stackoverflow.com/a/53427912/2469308
– Madhur Bhaiya
Nov 23 at 8:57
add a comment |
By validating the input before building the search query?
– B001ᛦ
Nov 23 at 8:56
1
Your code is open to SQL injection related attacks. Please learn to use Prepared Statements
– Madhur Bhaiya
Nov 23 at 8:57
Also, check this answer on how to create query dynamically based on the filter value: stackoverflow.com/a/53427912/2469308
– Madhur Bhaiya
Nov 23 at 8:57
By validating the input before building the search query?
– B001ᛦ
Nov 23 at 8:56
By validating the input before building the search query?
– B001ᛦ
Nov 23 at 8:56
1
1
Your code is open to SQL injection related attacks. Please learn to use Prepared Statements
– Madhur Bhaiya
Nov 23 at 8:57
Your code is open to SQL injection related attacks. Please learn to use Prepared Statements
– Madhur Bhaiya
Nov 23 at 8:57
Also, check this answer on how to create query dynamically based on the filter value: stackoverflow.com/a/53427912/2469308
– Madhur Bhaiya
Nov 23 at 8:57
Also, check this answer on how to create query dynamically based on the filter value: stackoverflow.com/a/53427912/2469308
– Madhur Bhaiya
Nov 23 at 8:57
add a comment |
2 Answers
2
active
oldest
votes
just add this if condition to check weather it is empty or not
// check here
if ($namesearch == '' || $emailsearch =='')
{
echo 'Please enter name or email to search.';
} else {
$search = $searchdata->searchdata($namesearch,$emailsearch);
foreach($search as $search)
{
?>
<tr>
<td><?php echo ($search['name']); ?></td>
<td><?php echo ($search['email']); ?></td>
<td><?php echo ($search['StateName']); ?></td>
<td><?php echo ($search['DistrictName']); ?></td>
</tr>
<?php
}
}
Thanks for your comments!. I want to check empty also if data is empty it will avoid in MySQL query and fetch the other. Like the name is empty it will fetch data match with email. Now it fetches all data from the name.
– Riyaz Ashik
Nov 23 at 9:23
add a comment |
How about writing different statements for various conditions like
if($namesearch == '' && $emailsearch !=''){
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata INNER JOIN state ON insertdata.state = state.StCode INNER JOIN district ON insertdata.district
= district.DistCode WHERE email LIKE '%$emailsearch%'");
}
else if($namesearch != '' && $emailsearch ==''){
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata INNER JOIN state ON insertdata.state = state.StCode INNER JOIN district ON insertdata.district
= district.DistCode WHERE name LIKE '%$namesearch%'");
}
else if{
//bla bla bla
}
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53443359%2fhow-to-avoid-empty-in-like-statement-in-mysql-query%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
just add this if condition to check weather it is empty or not
// check here
if ($namesearch == '' || $emailsearch =='')
{
echo 'Please enter name or email to search.';
} else {
$search = $searchdata->searchdata($namesearch,$emailsearch);
foreach($search as $search)
{
?>
<tr>
<td><?php echo ($search['name']); ?></td>
<td><?php echo ($search['email']); ?></td>
<td><?php echo ($search['StateName']); ?></td>
<td><?php echo ($search['DistrictName']); ?></td>
</tr>
<?php
}
}
Thanks for your comments!. I want to check empty also if data is empty it will avoid in MySQL query and fetch the other. Like the name is empty it will fetch data match with email. Now it fetches all data from the name.
– Riyaz Ashik
Nov 23 at 9:23
add a comment |
just add this if condition to check weather it is empty or not
// check here
if ($namesearch == '' || $emailsearch =='')
{
echo 'Please enter name or email to search.';
} else {
$search = $searchdata->searchdata($namesearch,$emailsearch);
foreach($search as $search)
{
?>
<tr>
<td><?php echo ($search['name']); ?></td>
<td><?php echo ($search['email']); ?></td>
<td><?php echo ($search['StateName']); ?></td>
<td><?php echo ($search['DistrictName']); ?></td>
</tr>
<?php
}
}
Thanks for your comments!. I want to check empty also if data is empty it will avoid in MySQL query and fetch the other. Like the name is empty it will fetch data match with email. Now it fetches all data from the name.
– Riyaz Ashik
Nov 23 at 9:23
add a comment |
just add this if condition to check weather it is empty or not
// check here
if ($namesearch == '' || $emailsearch =='')
{
echo 'Please enter name or email to search.';
} else {
$search = $searchdata->searchdata($namesearch,$emailsearch);
foreach($search as $search)
{
?>
<tr>
<td><?php echo ($search['name']); ?></td>
<td><?php echo ($search['email']); ?></td>
<td><?php echo ($search['StateName']); ?></td>
<td><?php echo ($search['DistrictName']); ?></td>
</tr>
<?php
}
}
just add this if condition to check weather it is empty or not
// check here
if ($namesearch == '' || $emailsearch =='')
{
echo 'Please enter name or email to search.';
} else {
$search = $searchdata->searchdata($namesearch,$emailsearch);
foreach($search as $search)
{
?>
<tr>
<td><?php echo ($search['name']); ?></td>
<td><?php echo ($search['email']); ?></td>
<td><?php echo ($search['StateName']); ?></td>
<td><?php echo ($search['DistrictName']); ?></td>
</tr>
<?php
}
}
edited Nov 23 at 9:20
DestinatioN
1,2481326
1,2481326
answered Nov 23 at 9:13
Akhilesh
626
626
Thanks for your comments!. I want to check empty also if data is empty it will avoid in MySQL query and fetch the other. Like the name is empty it will fetch data match with email. Now it fetches all data from the name.
– Riyaz Ashik
Nov 23 at 9:23
add a comment |
Thanks for your comments!. I want to check empty also if data is empty it will avoid in MySQL query and fetch the other. Like the name is empty it will fetch data match with email. Now it fetches all data from the name.
– Riyaz Ashik
Nov 23 at 9:23
Thanks for your comments!. I want to check empty also if data is empty it will avoid in MySQL query and fetch the other. Like the name is empty it will fetch data match with email. Now it fetches all data from the name.
– Riyaz Ashik
Nov 23 at 9:23
Thanks for your comments!. I want to check empty also if data is empty it will avoid in MySQL query and fetch the other. Like the name is empty it will fetch data match with email. Now it fetches all data from the name.
– Riyaz Ashik
Nov 23 at 9:23
add a comment |
How about writing different statements for various conditions like
if($namesearch == '' && $emailsearch !=''){
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata INNER JOIN state ON insertdata.state = state.StCode INNER JOIN district ON insertdata.district
= district.DistCode WHERE email LIKE '%$emailsearch%'");
}
else if($namesearch != '' && $emailsearch ==''){
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata INNER JOIN state ON insertdata.state = state.StCode INNER JOIN district ON insertdata.district
= district.DistCode WHERE name LIKE '%$namesearch%'");
}
else if{
//bla bla bla
}
add a comment |
How about writing different statements for various conditions like
if($namesearch == '' && $emailsearch !=''){
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata INNER JOIN state ON insertdata.state = state.StCode INNER JOIN district ON insertdata.district
= district.DistCode WHERE email LIKE '%$emailsearch%'");
}
else if($namesearch != '' && $emailsearch ==''){
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata INNER JOIN state ON insertdata.state = state.StCode INNER JOIN district ON insertdata.district
= district.DistCode WHERE name LIKE '%$namesearch%'");
}
else if{
//bla bla bla
}
add a comment |
How about writing different statements for various conditions like
if($namesearch == '' && $emailsearch !=''){
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata INNER JOIN state ON insertdata.state = state.StCode INNER JOIN district ON insertdata.district
= district.DistCode WHERE email LIKE '%$emailsearch%'");
}
else if($namesearch != '' && $emailsearch ==''){
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata INNER JOIN state ON insertdata.state = state.StCode INNER JOIN district ON insertdata.district
= district.DistCode WHERE name LIKE '%$namesearch%'");
}
else if{
//bla bla bla
}
How about writing different statements for various conditions like
if($namesearch == '' && $emailsearch !=''){
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata INNER JOIN state ON insertdata.state = state.StCode INNER JOIN district ON insertdata.district
= district.DistCode WHERE email LIKE '%$emailsearch%'");
}
else if($namesearch != '' && $emailsearch ==''){
$searchdata = mysqli_query($this->dbh, "SELECT insertdata.name, insertdata.email, state.StateName, district.DistrictName
FROM insertdata INNER JOIN state ON insertdata.state = state.StCode INNER JOIN district ON insertdata.district
= district.DistCode WHERE name LIKE '%$namesearch%'");
}
else if{
//bla bla bla
}
answered Nov 23 at 10:54
Twista
404
404
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53443359%2fhow-to-avoid-empty-in-like-statement-in-mysql-query%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
By validating the input before building the search query?
– B001ᛦ
Nov 23 at 8:56
1
Your code is open to SQL injection related attacks. Please learn to use Prepared Statements
– Madhur Bhaiya
Nov 23 at 8:57
Also, check this answer on how to create query dynamically based on the filter value: stackoverflow.com/a/53427912/2469308
– Madhur Bhaiya
Nov 23 at 8:57