MySQL: Query that filters the results

Question

I wish I could make a query that filters the results. It works when I make this request alone:

SELECT * FROM products_details WHERE active = '1' AND category LIKE '% Phobies%';

But in my code, when test, I have this error that appears every time:

Fatal error: Uncaught PDOException: SQLSTATE [42S22]: Column not found: 1054 Unknown column '' in 'where clause' in C: \ laragon \ www \ tresorsdufutur \ ajax.php on line 36

But I do not have an IN in my query and all the terms come from the same column. I really can not find or find my mistake. Here is my code

$ query = "SELECT * FROM products_details WHERE active = '1'";

if (isset ($ category) &&! empty ($ category)) {
$ categorydata = implode ("','", $ category);
$ query. = "AND product_category LIKE (`$categorydata`) ";
}

It is weird that you use space character between `$` and variable name. Nevertheless, what is the value of `$category` variable ? — Madhur Bhaiya, Nov 12 '18 at 17:49
original query `category LIKE ...` php query `product_category LIKE` those are 2 different column names :-) — Alex, Nov 12 '18 at 17:51
Please edit your question to include the output of `echo $query;` so we see the query you have built with your code. — Progman, Nov 12 '18 at 17:58
For the space between the $ and categorydata it's my mistake in copying my query. It should have been written like that $ categorydata :) I corrected my code — user1987480, Nov 12 '18 at 17:59
on screenshot it says `product_categorie IN` It seem you are doing many things same time. Stop doing that. Do 1 thing and ask 1 thing. Don't apply changes all over. Your environment should be stable and trustful when anybody is trying to help you. — Alex, Nov 12 '18 at 18:13
@Alex I know he's telling me that, but the problem is that I do not use IN at all! This is where I get lost. Where will he find the IN? — user1987480, Nov 12 '18 at 18:35
@MadhurBhaiya I use backticks because some terms have single quotation marks in french — user1987480, Nov 12 '18 at 18:38

ofurkusi · Answer 1 · 2018-11-12T18:17:09.357

0

Seems to be a few things that could cause problems

You seem to be missing a space between the two parts of the query that you are concatenating
You are using ` as quotation marks in the latter part of the query
It's been a while since I did PHP but I think you need to concatenate $categorydata

Try this

   $query = "SELECT * FROM products_details WHERE active = '1'";

   if (isset($category) && !empty($category)) {
     $categorydata = implode ("','", $category);
     $query. = " AND product_category IN ('". $categorydata. "') ";
   }

edited Nov 12 '18 at 18:17

answered Nov 12 '18 at 18:01

ofurkusi

133
1
6

it does not work unfortunately. I always have the same mistake. – user1987480 Nov 12 '18 at 18:43
Well, anyway, I don't know what you are doing but it looks like it could be open for SQL injections. Look into using prepared statements or perhaps an ORM. – ofurkusi Nov 12 '18 at 23:22

MySQL: Query that filters the results

1 Answers1