homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

js function with a php query with multiple vales

5+ Year Member

Msg#: 4257907 posted 4:53 pm on Jan 25, 2011 (gmt 0)

this is basically a mix & match of 3 things

i have the following function


the php file queries a mysql db and returns an xml file which is pulled into the doThis function - select query is WHERE name='" . $_GET['name'] . "'

what i'd like to do is to be able to use radio button (or similar - doesnt matter) so that the php file gets the all rows where name field contains say "bill" or "bob"

ie something like .php?name=billORbob - how do i concatenate the variables into the link ?




Msg#: 4257907 posted 2:39 am on Jan 26, 2011 (gmt 0)

Have you looked into explode? You can send the PHP function like


$name = $_GET['name'];
$names = explode('|', $name);

If you do that, $names[0] would equal 'bill', and $names[1] will equal 'bob'; I believe this is what your asking.


5+ Year Member

Msg#: 4257907 posted 11:07 am on Jan 26, 2011 (gmt 0)

thanks - i'm getting there but putting it into a select query i get an error in syntax (unexpected T_STRING):

"select name FROM table WHERE name IN ('".$names."')"



5+ Year Member

Msg#: 4257907 posted 2:52 pm on Jan 27, 2011 (gmt 0)

further attempts

$name = $_GET['name'];
$names = explode('|', $name);
$names1 = implode(",",$names);

if i put this in manually: it works
"SELECT * FROM table WHERE name IN ('bill','bob')

if i do: it doesnt
"SELECT * FROM table WHERE name IN ('".$names1."')

i've recreated this to see the output by doing

$name = "bill|bob";
$names = explode('|', $name);
$names1 = implode(",",$names);
print_r ($names1);

and this outputs bill,bob

going round in circles on this :(


WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 10+ Year Member

Msg#: 4257907 posted 6:13 pm on Jan 27, 2011 (gmt 0)

First, "Javascript" is not a url.

<a href="createxml.php?name=xyz" onclick="return doThis('createxml.php?name=xyz');">

Then add this to the very last line of doThis.

function doThis(url) {
// Whatever code you have
return false;

This does two things, enables your link for non-javascript clients and avoids validation errors. Return false will stop it from navigating.

Next, I'd think you want an "or" - a radio will give you a single value (and should, it's how they work.)

<p><input type="checkbox" name="add_bob" id="add_bob" value="Bob"> <label for="add_bob">Bob</label></p>
<p><input type="checkbox" name="add_joe" id="add_joe" value="Joe"> <label for="add_joe">Joe</label></p>
<p><input type="checkbox" name="add_sue" id="add_sue" value="Sue"> <label for="add_sue">Sue</label></p>

There's a better way to do it, with checkbox arrays, but follow along, since you're passing it to JS . . .

Start here, since you're using JS you don't need to get params in the JS function call, just pass the script name build them dynamically (and you really don't even have to do that, you can assign the script name in the function, but here we go.)

<a href="createxml.php" onclick="return doThis('createxml.php');">


function doThis(url) {
var str=null;
var chks = ['add_bob','add_joe','add_sue'];
for (j=0;j<chks.length;j++) {
if (document.getElementById(chks[j]) && document.getElementById(chks[j]).checked) {
// add , *only* if it's been "started"
if (str) { str += ','; }
str += document.getElementById(chks[j]).value;
if (str) {
url += '?name=' + str;
var day = new Date();
var id=day.getTime();
var params = 'width=600,height=600,scrollbars,resizable';
var win = window.open(url,id,params);
else { alert('You dind\'t check any values'); }
return false;

So now you have incoming

PHP. Do not ever use direct uncleansed input in your programs. Since (in this case) You can count on letters and a comma only,

$name = preg_replace('/[^a-z,]/i','',$_GET['name']);

The previous kills anything not a letter or a comma and is case insensitive (i).

$names = explode(',',$name);
foreach ($names as $n) {
// Just like above, we only need an OR if $where has been
// concatenated
if ($where) { $where .= ' or'; }
$where .= " namefield='$n'";
$query = "select * from table";
if ($where) { $query .= " where $where"; }

should give you

select * from table where namefield='Bob'; // or Sue, or Joe
select * from table where namefield='Bob' or namefield='Joe';
select * from table where namefield='Bob' or namefield='Sue';
select * from table where namefield='Sue' or namefield='Joe';
select * from table where namefield='Bob' or namefield='Joe' or namefield='Sue';

Typo alert: Typed this out on the fly, it may have syntax errors . . . go forth and debug. :-)

A side note - I think your "in" is not working because you have to quote the values for text queries, like in('Bob','Joe','Sue'), but I rarely use in for this, usually only for numeric arrays - but that's why it's broken (I think).

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved