PDA

View Full Version : User influenced query generation?



clowes
02-05-2009, 08:51 PM
$extra='';
if($_POST[smoking]){$extra=$extra.' AND features.smoking=\'1\'';}
if($_POST[parking]){$extra=$extra.' AND features.parking=\'1\'';}
if($_POST[disabled]){$extra=$extra.' AND features.disabled=\'1\'';}


$_POST[town]=trim($_POST[town]);
$ok=mysql_query("SELECT * FROM features, pubs WHERE features.ID=pubs.ID AND pubs.town='$_POST[town]' AND pubs.county='$_POST[county]'$extra");

I have a mysql query which I want to change depending on which select boxes are clicked. The code can be seen above.

Basically the $extra part of the query is not working. It is being generated properly, but the query returns no results.

Any ideas?