[UPHPU] Dynamic SQL Statements

[District Webmaster]

I'm just assuming, by fiat, that the $_POST/$_GET/$REQUEST data has been
validated in the followuing example -- it also assumes you have at least
one element in your array . . . but anyway, here's one way of doing it:

$query = "SELECT * FROM my_table WHERE my_column LIKE '%" . implode(" OR
LIKE '%", $my_array) . "%'";

Dave

>>> Jeff Davies <jeff_davies at byu.edu> 06/17/04 11:00 AM >>>
Group,

Now that summer is on us I want to be more active in this group gleaning
and 
posting info that has helped me and others.

I want to start out this little adventure with a question.

Does anyone know any tricks for creating dynamic sql statements from
posted 
info.

For example:

select * from db where $sql[] (is from the array)";

I was thinking .. 

if ($_POST) { $and = "and"; }
						  
		foreach ($_POST as $key => $value){
		if ($value == true){
			$sql[] = ("AND ".$key." LIKE '%$value%' ");
		}

it only does the AND but can be easily made to do or's

So now that we have a array holding our sql statements from the post we
plug 
the $sql[] into the sql statement after we implode it and combine it.

Does anyone have any ideas on how to improve this or ideas on what they
have 
used to make a dynamic sql statement.

thanks
-Jeff


---------------------------------------------------------------------
To unsubscribe, e-mail: list-unsubscribe at uphpu.org
For additional commands, e-mail: list-help at uphpu.org