Multiple selection in a single table using php mysql

Question

I'm trying to pull multiple rows from a single table. I'm trying to pull either all males or all females in different zip codes.

<?php
$zipCodes = array("55555", "66666", "77777", etc...);

$fetchUser = mysql_query("select * from users where gender = '$_POST[gender]' ".implode(" or zipCode = ", $zipCodes)." order by id desc");
while($var = mysql_fetch_array($fetchUser)) {
  code...
}
?>

I think you forgot to ask a question. What's the problem with your code? — Mahmoud Gamal, Sep 26 '12 at 07:44
Welcome to stackoverflow.. Please explain the problem you're having..There is no question in your posting. — BugFinder, Sep 26 '12 at 07:45

score 2 · Accepted Answer · edited May 23 '17 at 11:48

2

You should use IN on this,

SELECT ...
FROM   tableName
WHERE gender = '$_POST[gender]' AND
      zipCode IN (55555, 6666, 77777)

currently your code is vulnerable to SQL Injection. Please read on PDO or MySQLI extension.

Read more on this article: Best way to prevent SQL injection in PHP
PHP PDO: Can I bind an array to an IN() condition?

edited May 23 '17 at 11:48

Community

1
1

answered Sep 26 '12 at 07:45

John Woo

258,903
69
498
492

score 0 · Answer 2 · answered Sep 26 '12 at 07:49

0

// Prevent SQL injection for user input
$fetchUser = mysql_query("select * from users where gender = '".filter_var($_POST[gender], FILTER_SANITIZE_STRING)."' OR zipCode IN (".implode(",", $zipCodes).") order by id desc");)

answered Sep 26 '12 at 07:49

Bud Damyanov

30,171
6
44
52

Multiple selection in a single table using php mysql

2 Answers2