Forum Moderators: coopster
I'm desperate to try and get this sorted and I'm sure there must be a way...
<?php
//include ('manager/special_offers/inc/dbconnect.php'); echo '<h2>Hotel special offers</h2>';
//Include the PS_Pagination class
include('manager/special_offers/inc/ps_pagination.php');
//Connect to mysql db
$show_form=true; //used later on
if(isset($_POST['sortform'])) {
$conn = mysql_connect('localhost', 'login', 'password');
mysql_select_db('specialoffers_db',$conn);
$yoursafe_post_location = $_POST['_Location'];
$yoursafe_post_price1 = $_POST['_Price1'];
$yoursafe_post_price2 = $_POST['_Price2'];
$yoursafe_post_category = $_POST['_Category'];
/* check variables being set */
echo '<p>Values:</p>';
echo 'Location: ' . $yoursafe_post_location . '<br />';
echo 'Price1: ' . $yoursafe_post_price1. '<br />';
echo 'Price2: ' . $yoursafe_post_price2. '<br />';
echo 'Category: ' . $yoursafe_post_category. '<br />';
$query = "SELECT * FROM specialofferstable WHERE ";
$and = "0";
if(trim($yoursafe_post_location)!= '') {
$and = "1";
$query .= "location LIKE $yoursafe_post_location";
}
if(trim($yoursafe_post_price1)!= '' && trim($yoursafe_post_price2)!= '') {
$and = "1";
if(trim($and)!= '') {$query .= " AND ";}
$query .= "price BETWEEN $yoursafe_post_price1 AND $yoursafe_post_price2";
}
if(trim($yoursafe_post_category)!= '') {
$and = "1";
if(trim($and)!= '') {$query .= " AND ";}
$query .= "category LIKE $yoursafe_post_category";
}
$query .= " ORDER BY price";
echo '<b>The query is:</b>' . $query;
$result = mysql_query($query) or die('Could not execute query:' . mysql_error());
//Create a PS_Pagination object
$pager = new PS_Pagination($conn, $query, 10, 4, 'param1=valu1¶m2=value2');
//The paginate() function returns a mysql
//result set for the current page
$rs = $pager->paginate();
//Loop through the result set
while ($row= mysql_fetch_assoc($rs)) {
$title = $row["category"];
$title2 = $row["company_hotel"];
$title3 = $row["location"];
$title4 = $row["offer"];
$title5 = $row["price"];
$title6 = $row["offerends"];
$title7 = $row["mobile"];
$dateformat = date("M j Y" ,strtotime($title6));
echo '<h3>'.$title2.' ¦ '.$title3.' <em class=grey>(Offer ends: '.$dateformat.')</em></h3><h4>£'.$title5.' <strong class=call>Call 0844 793 7300</strong></h4>
<p>'.$title4.'</p><hr />' ;
$count++ ;
}
//Display the navigation
echo $pager->renderFullNav();
echo '<h2>Travel special offers</h2>';
// Build SQL Query
$query = "select * from specialofferstable where category like 'travel' ORDER BY price"; // specify the table and field names for the SQL query
$numresults=mysql_query($query);
$numrows=mysql_num_rows($numresults);
// get results
$result = mysql_query($query) or die("Couldn't execute query");
// display the results returned
while ($row= mysql_fetch_array($result)) {
$title = $row["category"];
$title2 = $row["company_hotel"];
$title3 = $row["location"];
$title4 = $row["offer"];
$title5 = $row["price"];
$title6 = $row["offerends"];
$title7 = $row["mobile"];
$dateformat = date("M j Y" ,strtotime($title6));
echo '<h3>'.$title2.' ¦ '.$title3.' <em class=grey>(Offer ends: '.$dateformat.')</em></h3><h4>£'.$title5.' <strong class=call>Call 0844 793 7300</strong></h4>
<p>'.$title4.'</p><hr />' ;
$count++ ;
}
/* form has been processed! */
$show_form=false;
}
if($show_form) { ?>
<fieldset>
<legend>Search special offers</legend>
<form action="" method="post" name="thesortform">
<table>
<tr>
<td>Location
<input name="_Location" />
</td>
<td> Price
<select name="_Price1" size="1">
<option value="0">0</option>
<option value="20">20</option>
<option value="40">40</option>
<option value="60">60</option>
<option value="80">80</option>
<option value="100">100</option>
</select>
<select name="_Price2" size="1">
<option value="40">40</option>
<option value="60">60</option>
<option value="80">80</option>
<option value="100">100</option>
<option value="150">150</option>
<option value="200">200</option>
<option value="9999" selected>200+</option>
</select></td>
<td> Type
<select name="_Category" size="1">
<option value="">All</option>
<option value="Hotel">Hotel</option>
<option value="Travel">Travel</option>
</select>
<input type="submit" value="Go" name="sortform" /></td>
</tr>
</table>
</form>
</fieldset>
<?php }
?>
The error it generates if I do a search and submit (for example):
SELECT * FROM specialofferstable WHERE location LIKE London Croydon AND price BETWEEN 0 AND 9999 ORDER BY priceCould not execute query:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Croydon AND price BETWEEN 0 AND 9999 ORDER BY price' at line 1
$query = "SELECT * FROM specialofferstable WHERE ";
$and = "0";
if(trim($yoursafe_post_location)!= '') {
$and = "1";
$query .= "location LIKE $yoursafe_post_location ";
}
if(trim($yoursafe_post_price1)!= '' && trim($yoursafe_post_price2)!= '') {
$and = "1";
if(trim($and)!= '') {$query .= " AND ";}
$query .= "price BETWEEN $yoursafe_post_price1 AND $yoursafe_post_price2 ";//added a space
}
if(trim($yoursafe_post_category)!= '') {
$and = "1";
if(trim($and)!= '') {$query .= " AND ";}
$query .= "category LIKE $yoursafe_post_category ";//added a space
}
$query .= "ORDER BY price;";//removed a space added a ;
Try that.
