I'm trying to create a price filter using a html form and php prepared statements. My form looks like this:
<form action="#" method="get">
<label for="price-per-night" >Price-per-night:</label>
<select name="price" id="price-per-night">
<option value="100">£0-100</option>
<option value="101-200">£101-200</option>
<option value="300">£201-300</option>
</select>
<input type="submit" value="Filter" >
</form>
and my prepared statement looks like this:
if ($price = $_REQUEST['price']) {
$asql = "SELECT * FROM accommodation WHERE price_per_night < ? ORDER BY price_per_night";
$stmt = mysqli_prepare($conn, $asql);
mysqli_stmt_bind_param($stmt, "i", $price);
mysqli_stmt_execute($stmt);
$queryresults3 = mysqli_stmt_get_result($stmt);
}
elseif ($price = $_REQUEST['price']) {
$asql = "SELECT * FROM accommodation WHERE price_per_night > ? ORDER BY price_per_night";
$stmt = mysqli_prepare($conn, $asql);
mysqli_stmt_bind_param($stmt, "i", $price);
mysqli_stmt_execute($stmt);
$queryresults4 = mysqli_stmt_get_result($stmt);
}
the if statement successfully displays all accommodation with a price less than $100, however the elseif statement does not work. It displays all accommodation. Is there a way to display accommodation correctly based on the values in the html form?
CodePudding user response:
You need to uniform your HTML values. So; 0-100
, 101-200
, 201-300
etc. and then which ever value is selected and submitted in the HTML form, then you run some string functions (such as explode
) to split on the -
character and take the left side value as the minimum and the right side value as the maximum and plug them both into your SQL accordingly.
Your else/if also looks like code repetition which is indicative of bad design.
EXAMPLE:
HTML
<select name="price" id="price-per-night">
<option value="0-100">£0-100</option>
<option value="101-200">£101-200</option>
<option value="201-300">£201-300</option>
</select>
PHP
$price = explode("-",$_POST['price'],2);
// price[0] is the min, price[1] is the max.
$asql = "SELECT * FROM accommodation WHERE price_per_night => ? AND price_per_night <= ? ORDER BY price_per_night";
$stmt = mysqli_prepare($conn, $asql);
mysqli_bind_param($stmt, "ii", (int)$price[0], (int)$price[1]);
mysqli_execute($stmt);
CodePudding user response:
You have used the assignment operator for comparison, change the = to == like this
if ($price == $_REQUEST['price']) { //<--------------------
$asql = "SELECT * FROM accommodation WHERE price_per_night < ? ORDER BY price_per_night";
$stmt = mysqli_prepare($conn, $asql);
mysqli_stmt_bind_param($stmt, "i", $price);
mysqli_stmt_execute($stmt);
$queryresults3 = mysqli_stmt_get_result($stmt);
}
elseif ($price == $_REQUEST['price']) { //<--------------------
$asql = "SELECT * FROM accommodation WHERE price_per_night > ? ORDER BY price_per_night";
$stmt = mysqli_prepare($conn, $asql);
mysqli_stmt_bind_param($stmt, "i", $price);
mysqli_stmt_execute($stmt);
$queryresults4 = mysqli_stmt_get_result($stmt);
}