Monday, 2 January 2017

MYSQL query WHERE php array

Updated version of your code to put out an error message on the query if there is one. Also sanitises the input



if (is_array($_POST['select']))
{
    $c = array_map('array_map_callback', $_POST['select']);


    $result = mysqli_query($con, 'SELECT item_name, item_number FROM item WHERE item_number IN ("'.implode('","', $c).'")') OR die(mysqli_error($con));

    echo "



";
    while($row = mysqli_fetch_array($result))
    {
        echo "";

        echo "";
        echo "";
        echo "";
    }
    echo "
    
    item name    item number    
" . $row['item_name'] . "" . $row['item_number'] . "
";
    mysqli_close($con);
}
else
{
    echo "No items selected";

}

function array_map_callback($a)
{
  global $con;
  return mysqli_real_escape_string($con, $a);
}

?>



Hopefully this should put out the message of what is wrong with the query.

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

c++ - Does curly brackets matter for empty constructor?

Those brackets declare an empty, inline constructor. In that case, with them, the constructor does exist, it merely does nothing more than t...