Multiple Select MySqL Query Using IN Operator?

Question

I have been trying to make this webpage work for a while but keep getting problems. In this webpage, I have a series of selection boxes (some are independent and some are depended on another) to make selections and then apply filter to make a query. It is still in test-mode and working fine for single selections. But I have still not managed to make it work for multiple selections in same selection boxes. For example; When I select Europe and North America in Region Box and apply the filter it gives no result when I'd expect it to give me the results of the companies which are in Europe OR North America. You can find the test webpage here: http://gorevler.awardspace.biz/realdeal04.html

I have been trying to use "implode" and IN operator in .PHP file but don't know where I am doing wrong at. I'd appreciate it if you could you please show me the right way of doing it. You can find the coding below:

PHP

<?php

error_reporting(E_ALL); ini_set('display_errors', 1); mysqli_report(MYSQLI_REPORT_ERROR |     MYSQLI_REPORT_STRICT);

$DB_HOST = "*****"; $DB_USER = "*****"; $DB_PASS = "*****"; $DB_NAME =   "*******";

$con = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME); if($con->connect_errno > 0) {       die('Connection failed [' . $con->connect_error . ']'); }


$bolge= "'" . implode("', '", $_POST['filtre_region']) . "'" ;
$bolge1= mysqli_real_escape_string($con,$bolge);

$ulke= "'" . implode("', '", $_POST['filtre_country']) . "'";
$ulke1= mysqli_real_escape_string($con,$ulke);

$sektor= "'" . implode("', '", $_POST['filtre_sector']) . "'";
$sektor1= mysqli_real_escape_string($con,$sektor);

$altsektor= "'" . implode("', '", $_POST['filtre_subsector']) . "'";
$altsektor1= mysqli_real_escape_string($con,$altsektor);;

$urun= "'" . implode("', '", $_POST['filtre_product']) . "'"; 
$urun1= mysqli_real_escape_string($con,$urun);

$sql = mysqli_query("SELECT * FROM gorevler WHERE region IN ('$bolge1') AND country IN ('$ulke1')     AND sector IN ('$sektor1') AND sub_sector IN ('$altsektor1') AND product IN ('$urun1')");

echo "<table border='0'>
<tr>
<th>No</th>
<th>Company</th>
<th>Region</th>
<th>Country</th>
<th>Sector</th>
<th>Sub Sector</th>
<th>Product</th>
<th>Website</th>
</tr>";

while ($row = mysqli_fetch_array($sql)){


echo "<td>" .  ''.$row['no'] . "</td>";
echo "<td>" . ''.$row['company'] . "</td>";
echo "<td>" . ''.$row['region'] . "</td>";
echo "<td>" . ''.$row['country'] . "</td>";
echo "<td>" . ''.$row['sector'] . "</td>";
echo "<td>" . ''.$row['sub_sector'] . "</td>";
echo "<td>" . ''.$row['product'] . "</td>";
echo "<td>" . ''.$row['website'] . "</td>";
echo "</tr>";
}
echo "</table>";

?>

HTML

<form id="filtersForm" action="search_company.php" method="post" target="_blank">

<fieldset id="filtersPane">

<div class="part03_line01" id="part03_line01">

  <div class="filter_bolge" id="filtre_bolge"><p>Region:</p>
   <select id="filter_region" name="filtre_region[]" class="select_bolge" title="Select a region" multiple="multiple" size="5">
     </select>    
      </div>

  <div class="filter_ulke" id="filtre_ulke"><p>Country:</p>
   <select id="filter_country" name="filtre_country[]" class="select_ulke" title="Select a   country" multiple="multiple" size="5">
     </select>    

  </div>   

  <div class="filter_sektor" id="filtre_sektor"><p>Sector:</p>
   <select id="filter_sector" name="filtre_sector[]" class="select_sektor" title="Select a  sector" multiple="multiple" size="5">
     </select>    

</div> 

<div class="filter_altsektor" id="filtre_altsektor"><p>Sub Sector:</p>
  <select id="filter_subsector" name="filtre_subsector[]" disabled="disabled"  class="select_altsektor" title="Select a sub-sector" multiple="multiple" size="5">
<option value="" data-filter-type="" selected="selected">
-- Make a Choice --</option>

</select>      
      </div>
<div class="filter_urun" id="filtre_urun"><p>Product:</p>
<select id="filter_product" name="filtre_product[]" disabled="disabled" class="select_urun"  title="Select a product" multiple="multiple" size="5">
<option value="" data-filter-type="" selected="selected">
-- Make a Choice --</option>

</select>   

</div>
</div>   

<div class="part03_line03" id="part03_line03">
  <div class="aramadugmesi" id="aramadugmesi"> <button type="submit" id="applyFilterButton">Apply Filters</button>
</div>         
</div>
</fieldset>  
</form>

JAVASCRIPT

<script>

$(document).ready(function() { 

$('#filter_region')
.load('/textdata/region.txt');

$('#filter_country')
.load('/textdata/country.txt');


$('#filter_sector')
.load('/textdata/sector.txt');

$('#filter_sector').change(function() {
$('#filter_subsector').load("textdata/subsector/" + $(this).val() + ".txt",
function(){
$(this).attr('disabled',false);
}
);
});

$('#filter_subsector').change(function(){
$('#filter_product').load(
"textdata/subsector/product/" + $(this).val() + ".txt",
function(){
$(this).attr('disabled',false);
}
);
});
});
</script>

This Php coding is not working for me. It is not giving any results when I click Apply Filter. For example when I select Europe and North America in the selection box and click apply, I want all the companies which are in Europe OR North America to be fetched from database and listed. But it fetches no result. I guess it is a problem with php coding but I don't know whats wrong

This Php coding is not working for me. It is not giving any results when I click Apply Filter. For example when I select Europe and North America in the selection box and click apply, I want all the companies which are in Europe OR North America to be fetched from database and listed. But it fetches no result. I guess it is a problem with php coding but I don't know whats wrong? — barutto, May 25 '14 at 15:26
Have you suppressing warnings? You need to add single quotes (`'`) around every possibility in the `IN` when they are strings — kero, May 25 '14 at 15:27
@barutto: Please do not duplicate your own questions: http://stackoverflow.com/q/23745079/367456 — hakre, May 25 '14 at 15:28
there is a form in realdeal04.html page and its action is set to search_company.php file. This structure worked fine for single selection but when I want to make multiple selections it gives no result at all. — barutto, May 25 '14 at 15:29
Well, there's no options in your menus to choose from. Does that `.html` file contain or is fetching any PHP/SQL by any chance? — Funk Forty Niner, May 25 '14 at 15:31
In html file, region, country and sector selection boxes filled independantly. So it should show options in these first 3 selection boxes. In sector selection box, when you select "plastics" it will fill options in sub-sector selection box. And when you select "plastic.raw.materials" in sub-sector box it will fill options in product selection box. As this is only for testing I have not add many records in database. So there are records for Europe, Austria, plastics, plastic.raw.materials and polybutylene. — barutto, May 25 '14 at 15:35
My mistake. I didn't have JS loaded for your page. I just saw it now. Try adding error reporting to the top of your file(s) `error_reporting(E_ALL); ini_set('display_errors', 1); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);` see if it yields any errors, if you're not already doing so. — Funk Forty Niner, May 25 '14 at 15:37
Do I just add this coding above right to top of my php file and try again? — barutto, May 25 '14 at 15:41
I just added and clicked apply filter. It gave many lines of errors. You can also see it on the webpage clicking apply filter. — barutto, May 25 '14 at 15:46
For example: `Warning: mysqli_select_db() expects exactly 2 parameters, 1 given in /srv/disk2/bulutto/www/gorevler.awardspace.biz/search_company.php on line 15 Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in /srv/disk2/bulutto/www/gorevler.awardspace.biz/search_company.php on line 19` — barutto, May 25 '14 at 15:47
You need to pass DB connection to it then. I don't know why you accepted the answer below, since it hasn't completely solved your problems. Ask that person to help you and show the errors to that person. — Funk Forty Niner, May 25 '14 at 15:49
@barutto - was my answer not helpful to you at all? I answered based on all the information on this page at the time. — Fo., May 25 '14 at 16:08
Thanks for the info. I am sorry if I caused any misunderstanding. @Fo I will try the solution you provided in your answer as soon as possible now and will give you the feedback. Thank you for your reply regardless much appreciated. Fred -ii-, I have checked the connection it worked fine. Do you mind checking the webpage and clicking apply filter to see the errors and help me about whats wrong with the coding? Of course if you have time. Thanks everybody — barutto, May 25 '14 at 16:19
Instead of the present DB connection method you're using, use a variable type. I.e.: `$con = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME); if($con->connect_errno > 0) { die('Connection failed [' . $con->connect_error . ']'); }` then use `$bolge1= mysqli_real_escape_string($con,$bolge);` that's how it should be done. Otherwise, DB connection is not being passed to your variables. Do the same for the others while replacing `$DB_HOST = 'yourserver'; $DB_USER = 'username'; $DB_PASS = 'password'; $DB_NAME = 'dbdname';` with your credentials. That should fix everything. — Funk Forty Niner, May 25 '14 at 16:22
^--« Anyone answering to this should have noticed that. This isn't `mysql_` where DB connection is already assumed once opened when using `mysql_real_escape_string()` (notice the missing `i`?). As opposed to `mysqli_` needs to have DB connection passed to any query. — Funk Forty Niner, May 25 '14 at 16:23
@Fred, you probably know that errors are often made when people are blanking out parts of their code for privacy reasons. If the DB connection was failing, how could this line in the question have been true? "It is still in test-mode and working fine for single selections." — Fo., May 25 '14 at 16:30
@Fo. Explain this then => `$bolge1= mysqli_real_escape_string($bolge);` like that'll work. Pardon the sarcasm, but [`read the OP's error message`](http://stackoverflow.com/questions/23856817/multiple-select-mysql-query-using-in-operator#comment36717236_23856817) further up. — Funk Forty Niner, May 25 '14 at 16:31
Two possibilities: either he didn't copy his code verbatim, or none of his queries work, he just thinks some of them do. The result seems to be a wild goose chase. Have fun! — Fo., May 25 '14 at 16:35
@Fo. I think the OP will figure it out with the suggestions I've given, along with the answer below. Maybe 2+2 will (*eventually*) add up to something. — Funk Forty Niner, May 25 '14 at 16:37
I have modified the PHP file as you recommeneded Fred. Also edited the PHP coding in my question. Now when I click it doesnt give db connection error but still errors in implode etc. Do you think I need to add single quotes to the line where I use "implode" as Fo suggested? — barutto, May 25 '14 at 16:41
He mentioned that I need to get single quotes inside the parentheses like this: `$bolge1 = "'" . implode("', '", $bolge1) . "'";` but my coding is `$bolge= implode(',', $_POST['filtre_region']);` so where exactly do I need to put single quotes? — barutto, May 25 '14 at 16:43
@Fo mate could you give me an insight about this quote thing? You mentioned that I need to get single quotes inside the parentheses like this: `$bolge1 = "'" . implode("', '", $bolge1) . "'";` but my coding is `$bolge= implode(',', $_POST['filtre_region']);` so where exactly do I need to put single quotes? Your answer is much appreciated. — barutto, May 25 '14 at 16:50

Fo. · Accepted Answer · 2014-05-25T16:55:19.083

1

You need to get single quotes inside your parentheses like this:

$bolge1 = "'" . implode("', '", $_POST['filtre_region']) . "'";

mysql needs to see something like this:

IN ('value1','value2','value3')

Your explode was just producing this :

IN (value1, value2, value3)

The code above will insert the opening and closing apostrophes and make sure there are also apostrophes between each value.

edited May 25 '14 at 16:55

answered May 25 '14 at 15:26

Fo.

3,752
7
28
44

So basically the structure I am using in PHP file with "implode" and "IN" is the right way to do it for fetching records from database with multiple selections? – barutto May 25 '14 at 15:39
There are different ways of formatting a string in PHP, this method for the outcome you need is fine. – Fo. May 25 '14 at 15:48
1

What about proper escaping? – Gumbo May 25 '14 at 17:00
I edited the coding like this: `$bolge= "'" . implode("', '", $_POST['filtre_region']) . "'" ;` for all selection boxes, but still gives this error when click apply filter > `Warning: implode() [function.implode]: Invalid arguments passed in /srv/disk2/bulutto/www/gorevler.awardspace.biz/search_company_02.php on line 22 –` You can see the error list when you click apply filter button on the page: http://gorevler.awardspace.biz/realdeal04.html – barutto May 25 '14 at 17:01
@Fo I updated my php code at the top of my question as it is on the webpage right now. I am trying to upvote but doesnt late me as I have not 15 reputation points yet. – barutto May 25 '14 at 17:06
If you load your demo page and immediately click the filter button, it tells you that you have tried to pass an invalid parameter to implode. If you actually select a region first, then you get an error on the next one. – Fo. May 25 '14 at 17:07
You need to make sure variables exist and are not null before trying to use them in your queries. If you didn't select a region, $_POST['filtre_region'] doesn't have a value and therefore is an invalid parameter for implode(). – Fo. May 25 '14 at 17:08
So this is where form validation comes in, which is a whole other topic. Don't run the query unless certain conditions are met. – Fo. May 25 '14 at 17:12
So do you think it is not about editing the lines including "implode" in Php file? Because all the errors indicating the lines with "implode". In my previous webpage where I didnt use implode and was only allowing single selection, when I select Europe, Austria, plastics, plastic.raw.materials and polybutylene respectively in the boxes it gave me the results. – barutto May 25 '14 at 17:15
I am getting the options in selection boxes from the text files I have created. For example region text file is like : ` ` – barutto May 25 '14 at 17:17
Also I have posted my javascript coding in my question at the top. I thought it didn't have anything to do with it so skipped posting. Do you think the problem may have something to do with my javascript coding? – barutto May 25 '14 at 17:21
Looks like we can't continue this in comments and you don't have enough rep to move this to chat. In my JS console I get this error on one of your files: Failed to load resource: the server responded with a status of 404 (Not Found) http://gorevler.awardspace.biz/textdata/subsector/paint.txt - you have way too many problems happening at once! – Fo. May 25 '14 at 17:22
I guarantee you the implode solution solves that particular problem in your code, but you have too many other things going wrong. Set yourself up with firebug and step through everything you're doing, asking smaller questions for each thing you get stuck on. – Fo. May 25 '14 at 17:24
Oh yes you are right. As it is only in test mode I have not created text files for all the options. First 3 selection boxes I have created the options with text files. But for "Sector" selection box it only gives options when you click "plastics" because I have not created options for paints, medicine etc. Because I was still testing the webpage – barutto May 25 '14 at 17:25
So basically, Europe > Austria > plastics > plastic raw materials > polybutyle should give a result but the rest doesnt give a result as I have not created options for them yet. So I always go with this filtering when I am testing. It worked really good with single selection with my previous coding. But now with multiple selection it gives no result for Europe > Austria > plastics > plastic raw materials > polybutyle – barutto May 25 '14 at 17:27
Why did you add single quotes around your vars in parentheses? ('$bolge1') ?? With my implode solution that will give something like (''value1','value2'') You should put your sql string into a var and echo the var to see what you are constructing before you give it to mysqli_query. – Fo. May 25 '14 at 17:32
I removed single quotes from ('$bolge1') and others then I have added `echo $bolge1; echo $ulke1; echo $sektor1; echo $altsektor1; echo $urun1;` into my php and selected Europe > Austria > plastics > plastic raw materials > polybutyle then clicked apply filter and it gave `\'Europe\'\'Austria\'\'plastics\'\'plastic.raw.materials\'\'polybutylene\'` alongside with a few errors. is this meaningful? You can check it here http://gorevler.awardspace.biz/realdeal04.html – barutto May 25 '14 at 17:41
I tried this one http://ideone.com/pWYV3P but it gives errors. Did you mean this or something else by inspect your query? – barutto May 25 '14 at 18:02

Multiple Select MySqL Query Using IN Operator?

1 Answers1