Search using data passed from form

4 posts by 2 authors in: Forums > CMS Builder
Last Post: October 30, 2008   (RSS)

Re: [sykomac] Search using data passed from form

By Dave - October 30, 2008

Hi Paul,

Do you have a field called "day" or do you need to extract the day from a date field?

The reason it's not working is because it's in single quotes, try double quotes. Variables only get replaced in double quotes: 'where' => "day=$sday",

But even better than that, don't even both writing your own where if you don't need to. Check out the CMS search docs here: http://www.interactivetools.com/docs/cmsbuilder/viewer_search.html

If you're passing $sday already you might be able to do just this: yourViewer.php?day=4

CMS Bulder will add the "day = 4" to the where automatically for you if it sees fieldnames in the url that conform to the format on the search docs page.

Hope that helps!
Dave Edis - Senior Developer
interactivetools.com

Re: [Dave] Search using data passed from form

By sykomac - October 30, 2008

Thanks.

It actually worked when I put double quotes around the variable $sday

so I ended up with " 'where' => 'day="$sday"'

Re: [sykomac] Search using data passed from form

By Dave - October 30, 2008

Great, also note that you should escape values you pass to mysql from the form to avoid Mysql Injection Attacks (google that for more details).

'where' => "day='" .mysql_real_escape_string($sday). "'"

Or higher up in your code:

$sday = mysql_real_escape_string($sday);
Dave Edis - Senior Developer
interactivetools.com