Okay so I made this query for my search page:
SELECT * FROM `posts` WHERE `ad_price` >= 0 AND `ad_price` <= 300
This part shows different results based on adding these guys: ""
>= 0 AND `ad_price` <= 300
if i say >= 0 AND `ad_price` <= 300
The data returns anything between 0 and 30 but if i say >= "0" AND `ad_price` <= "300"
it gets numbers up to 10,000 and 2000 etc.. why?
Here is my fully PHP prepared statement(i know they get treated as strings but how do I change that if it's in a prepared statement):
$query = "SELECT * FROM `posts` WHERE `ad_title` LIKE CONCAT('%',?,'%') AND `ad_brand`
LIKE CONCAT('%',?,'%') AND `ad_price` >= ? AND `ad_price` <= ?";
$get_posts = $conn_posts->prepare($query);
$get_posts->bind_param("ssss", $title, $brand, $min_range, $max_range);
CodePudding user response:
"ssss"
tells mysql to treat all the input values as strings. Use i
for the parameters you want to be treated as numbers.
e.g.
"ssii"
in your case.
This is documented in the manual: https://www.php.net/manual/en/mysqli-stmt.bind-param.php