PHP MySQL How search in many categories

Question

Is there any SQL syntax that allows you to search in many categories, like this:

Category array:

print_r($category) = Array ( [0] => 23 [1] => 24 [2] => 25 [3] => 26 [4] => 27 [5] => 28 [6] => 29 )

Code:

$tab = implode(' OR ', $category);        
$sql = "SELECT * FROM files WHERE name LIKE '%$what%' AND category = $tab ORDER BY name DESC LIMIT $from , $how_much";

score 2 · Accepted Answer · answered Apr 15 '19 at 22:32

2

$sql = "SELECT * FROM files WHERE name LIKE '%$what%' AND category IN ($tab) ORDER BY name DESC LIMIT $from , $how_much";

You must use "IN".

I must add, if you don't use parameterized queries or PDO, you are open to sql injection vulnerability!

https://www.php.net/manual/en/pdo.prepared-statements.php

How can I prevent SQL injection in PHP?

answered Apr 15 '19 at 22:32

Naveen Kumar

160
1
10

I use WP queries, so i think im safe ? – Apr 15 '19 at 22:39
I haven't used WP queries, but, it seems like WP sanitises the queries for you. – Naveen Kumar Apr 15 '19 at 22:44
I use prepare before sql query. Thanks for help. – Apr 15 '19 at 22:47

PHP MySQL How search in many categories

1 Answers1