-1

I will like to fetch data base result based on the info I get from a form input. For example I have a calendar and will like to execute a query that provide date range.

<?php
require_once 'init.php'; 

$base_datos = DB::getInstance();
$from = $_POST["from"];
$to = $_POST["to"];
$run = $_POST["run"];
echo "$from";
echo "$to";
echo "$run";

if ($run == run)
{
    $base_datos->query ("
        SELECT * 
        FROM request 
        WHERE 
            req_date BETWEEN $from AND '$to ' 
        ORDER BY req_date DESC;");
    $get_info = $base_datos->results();
    $real_info = $get_info[0];
    //var_dump ($get_info);
    foreach($get_info as $real_info) {
        echo "<ul class='pen_cancel'>";
        echo "<a href='admin_user.php?id=$real_info->user_id'>" 
        echo $real_info->fname. "</a>" ;
        echo "<li class='pen_cancel'>" .$real_info->lname. "</li>" ;
        echo "<li class='pen_cancel'>" .$real_info->amount. "</li>" ;
        echo "<li class='pen_cancel'>" .$real_info->points. "</li>" ;
        echo "</ul>";
        echo "</br>";
    }
}
else {
    echo "test is working";
}
?>

On the query if I put date manually it does work, and $from $to does echo calendar select dates, how can I make the query display info based on the $_post info coming from a form, calendar info is in a form input field.

Brian Tompsett - 汤莱恩
  • 5,753
  • 72
  • 57
  • 129
walter alexander
  • 179
  • 2
  • 18
  • 2
    `if ($run == run)` did you assign `run` to a constant here? – Funk Forty Niner Dec 24 '16 at 00:10
  • 2
    and is `$from` a string? if so and besides what I already said, you've a few errors in your code. The form is also unknown and if POSTs have values. – Funk Forty Niner Dec 24 '16 at 00:10
  • 2
    you also tagged as mysqli and pdo; why? – Funk Forty Niner Dec 24 '16 at 00:11
  • post have values, ok basically i want to is to get result from data base with j query calendar the foreach does fetch if i set the days manually, so all i thought that maybe could've be possible is get post value and use it as rage in the query to display result, I'm just learning, if you don't like the post just ignore it is not necessary to downgrade people questions – walter alexander Dec 24 '16 at 00:17
  • 1
    We need a clear picture of what is happening to help. Your `$from` is not quoted. – chris85 Dec 24 '16 at 00:23
  • *"if you don't like the post just ignore it"* - your code makes no sense and doesn't hold water, neither do the tags you used. You asked for help, we gave it to you in trying to get clarification. Instead, you get all snotty with us/me. Let me just give my head a serious shake *lol* – Funk Forty Niner Dec 24 '16 at 00:37
  • **Careful : you are wild open to SQL Injection**, take a look at http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php – Blag Dec 24 '16 at 01:54
  • thanks a lot i read it and now im using the $from = mysqli_real_escape_string($link, $_POST['from']); $to = mysqli_real_escape_string($link, $_POST['to']); $run = mysqli_real_escape_string($link, $_POST['run']); – walter alexander Dec 24 '16 at 02:46

1 Answers1

-1

issue solved, i was not getting any result because i did not noticed that post result date format was dd/mm/yy and on data base the time format is yy/dd/mm after i did the changes on j query i was able to fetch MySQL result based on query calendar

walter alexander
  • 179
  • 2
  • 18