I have a php code SQL QUERY GOES LIKE
$command = "SELECT * from {$uniluxModel} where gpm = {$uniluxGpm} AND ewt = {$uniluxEwt}";
where uniluxGpm and uniluxEwt are the variable user will enter in the form. i have a database where there are certain values for gpm and certain values for ewt For ex gpm as value ranging from 1-5 with difference of 0.5 eg: 1,1.5,2,2.5 etc and ewt has values ranging from 30-100 with differerence of 10 eg: 30,40,50
so if users enters gpm = 1 and ewt as 30 it returns me values from databse but if user enters gpm =1.75 and ewt as 30 it returns me not found How can i know that database did'nt found gpm and it found ewt
Thanks in advance
CodePudding user response:
First, use prepared statements, see How can I prevent SQL injection in PHP?
Use OR
instead of AND
, and test which was matched in the SELECT
list.
$command = "SELECT *, gpm = :uniluxGpm AS gpm_found, ewt = :uniluxEwt AS ewt_found from {$uniluxModel} where gpm = :uniluxGpm OR ewt = :uniluxEwt";
$stmt = $conn->prepare($command);
$stmt->execute([':uniluxGpm' => $uniluxGpm, ':uniluxEwt' => $uniluxEwt]);