-1

I'm trying to do search base on the input in two datetimepicker and display the results into table, but when I pick specific date rage all data are displaying. I'm using MySQL and PDO.

Here is my code.

<?php
$date1 = date("Y-m-d", strtotime($_POST['date1']));
$date2 = date("Y-m-d", strtotime($_POST['date2']));

$db = new PDO('mysql:host=localhost;dbname=db_search;charset=utf8mb4', 
'root', '');
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);

$sql = "select * from book";
$stmt = $db->prepare($sql);
$stmt->execute(); 
$row_count = $stmt->rowCount();
if($row_count > 0){
while($row=$stmt->fetch(PDO::FETCH_ASSOC)) {
?>
<tr>
    <td><?php echo $row['ISBN']?></td>
    <td><?php echo $row['title']?></td>
    <td><?php echo $row['author']?></td>
    <td><?php echo date("m/d/Y", strtotime($row['date_published']))?></td>
</tr>
<?php
}
}else{
    echo '
    <tr>
        <td colspan = "4"><center>Record Not Found</center></td>
    </tr>
    ';
}
?>
halfer
  • 19,824
  • 17
  • 99
  • 186
  • 5
    You have too many unclosed questions (IMHO) and for me is a sign of getting your solution and taking off. Your communications skills need to be worked. on. Given [a comment I placed](https://stackoverflow.com/questions/52081587/dynamic-menu-from-mysql-database#comment91113678_52081587) under [another question](https://stackoverflow.com/q/52081587/1415724) of yours. – Funk Forty Niner Sep 17 '18 at 02:27
  • Please read [Under what circumstances may I add “urgent” or other similar phrases to my question, in order to obtain faster answers?](//meta.stackoverflow.com/q/326569) - the summary is that this is not an ideal way to address volunteers, and is probably counterproductive to obtaining answers. Please refrain from adding this to your questions. – halfer Sep 17 '18 at 08:25

1 Answers1

1

You haven't actually included the date conditions in your query, which is why it is still returning all the data. Change your query to 

$sql = "select * from book where date_published between '" . min($date1, $date2) . "' and '" . max($date1, $date2) . "'";

If you know that $date1 is less than $date2, you can simplify that to

$sql = "select * from book where date_published between '$date1' and '$date2'";

Note that your code is wide open to SQL Injection, you should really use prepared statements. See this question for more info...

Nick
  • 138,499
  • 22
  • 57
  • 95
  • You didn't use the code I posted; your query `$sql = "select * from book where date_published";` is missing the rest of the `where` clause. – Nick Sep 19 '18 at 01:52
  • Hi Nick, I've tried your codes and I miss to put double quotes that's why it is not working but now it's working fine. Thank you so much for your help. –  Sep 20 '18 at 20:37
  • @KenjiroAikawa sorry about forgetting the quotes. I hope that didn't waste too much of your time. I've updated the answer so that if anyone else sees it they will get the right answer. – Nick Sep 20 '18 at 21:44
  • It's ok, actually because of your help I've didn't waste too much time figuring out the problem, 'till next time Nick. Thank you again. –  Sep 20 '18 at 23:46