Search using data passed from form
4 posts by 2 authors in: Forums > CMS Builder
Last Post: October 30, 2008 (RSS)
By sykomac - October 30, 2008
I have only had CMSB for 3 days now and have made a lot of progress.
However, one this is stopping me right now.
I have the following in my html page:
list($progRecords, $progMetaData) = getRecords(array(
'tableName' => 'prog',
'orderBy' => 'day, start_ampm, start_time',
'where' => 'day=$sday',
));
I want it to search the prog table WHERE day is equal to $sday. $sday is a variable passed to this page.
I could do it if I was building my own MySQL query in php but want to use CMSB code as much as possible.
Thanks in advance for any help,
Paul
However, one this is stopping me right now.
I have the following in my html page:
list($progRecords, $progMetaData) = getRecords(array(
'tableName' => 'prog',
'orderBy' => 'day, start_ampm, start_time',
'where' => 'day=$sday',
));
I want it to search the prog table WHERE day is equal to $sday. $sday is a variable passed to this page.
I could do it if I was building my own MySQL query in php but want to use CMSB code as much as possible.
Thanks in advance for any help,
Paul
Re: [sykomac] Search using data passed from form
By Dave - October 30, 2008
Hi Paul,
Do you have a field called "day" or do you need to extract the day from a date field?
The reason it's not working is because it's in single quotes, try double quotes. Variables only get replaced in double quotes: 'where' => "day=$sday",
But even better than that, don't even both writing your own where if you don't need to. Check out the CMS search docs here: http://www.interactivetools.com/docs/cmsbuilder/viewer_search.html
If you're passing $sday already you might be able to do just this: yourViewer.php?day=4
CMS Bulder will add the "day = 4" to the where automatically for you if it sees fieldnames in the url that conform to the format on the search docs page.
Hope that helps!
Do you have a field called "day" or do you need to extract the day from a date field?
The reason it's not working is because it's in single quotes, try double quotes. Variables only get replaced in double quotes: 'where' => "day=$sday",
But even better than that, don't even both writing your own where if you don't need to. Check out the CMS search docs here: http://www.interactivetools.com/docs/cmsbuilder/viewer_search.html
If you're passing $sday already you might be able to do just this: yourViewer.php?day=4
CMS Bulder will add the "day = 4" to the where automatically for you if it sees fieldnames in the url that conform to the format on the search docs page.
Hope that helps!
Dave Edis - Senior Developer
interactivetools.com
interactivetools.com
Re: [Dave] Search using data passed from form
By sykomac - October 30, 2008
Thanks.
It actually worked when I put double quotes around the variable $sday
so I ended up with " 'where' => 'day="$sday"'
It actually worked when I put double quotes around the variable $sday
so I ended up with " 'where' => 'day="$sday"'
Re: [sykomac] Search using data passed from form
By Dave - October 30, 2008
Great, also note that you should escape values you pass to mysql from the form to avoid Mysql Injection Attacks (google that for more details).
'where' => "day='" .mysql_real_escape_string($sday). "'"
Or higher up in your code:
$sday = mysql_real_escape_string($sday);
'where' => "day='" .mysql_real_escape_string($sday). "'"
Or higher up in your code:
$sday = mysql_real_escape_string($sday);
Dave Edis - Senior Developer
interactivetools.com
interactivetools.com