How to create a ecommerce filter with php using the GET method

Question

I know there are better ways to do it, but I really need to create a multiple parameter filter with PHP only in order to filter items by from a json.

The categories are separated by Gender, type of Item, colors etc... I want to be able to select multiple categories, and if only gender is set to show all products, call them using the $_GET method and be able to filter using IFs.

The problem is that my amateur coding skills are not helping much, and I am also not sure if without AJAX there is a better way to do this.

This is what part of my filter looks like:

<ul class="category-menu" name="categoria">         
    <li><a href="page.php?genid=<?php echo $genid;?>&cat=remeras&col=<?php echo ($_GET["col"]);?>&mar=<?php echo ($_GET["mar"]);?>" name="campera" >Remeras</a></li>
    <li><a href="page.php?genid=<?php echo $genid;?>&cat=camperas&col=<?php echo $col;?>&mar=<?php echo $mar;?>" name="campera">Camperas</a></li>
    <li><a href="page.php?genid=<?php echo $genid;?>&cat=pantalones&col=<?php echo $col;?>&mar=<?php echo $mar;?>" name="pantalones">Pantalones</a></li>
    <li><a href="page.php?genid=<?php echo $genid;?>&cat=shorts&col=<?php echo $col;?>&mar=<?php echo $mar;?>" name="short">Shorts</a></li>
    <li><a href="page.php?genid=<?php echo $genid;?>&cat=vestidos&col=<?php echo $col;?>&mar=<?php echo $mar;?>" name="vestido">Vestidos</a></li>
</ul>

And I have my ifs looking like this:


<?php   

}elseif ( !empty($_GET["genid"]) && !empty($_GET["cat"]) && $datosArray[$i]["sex_id"] == $_GET["genid"] && $datosArray[$i]["categoria"] == $_GET["cat"]){

?>

<!-- Individual Product full Code -->  
...
<!-- /Individual Product full Code -->  

<?php   

    }elseif (!empty($_GET["genid"]) && $datosArray[$i]["sex_id"] == $_GET["genid"]){
?>

<!-- Individual Product full Code -->  
 ... 
<!-- /Individual Product full Code --> 

<?php 
    }} ?>

Right now the only "filter" it recognizes is the Gender one and its displaying all products even if the $_GET is set and displayed properly.

Thank you all in advance.

hostingutilities.com · Accepted Answer · 2019-07-28T03:35:29.177

If I turn your code into psuedo-code, it reads like this.

if we have the following: a genid, cat
and the genid is the same as $datosArray[$i]["sex_id"]
and the datosArray[$i]["categoria"] is the same as $_GET["cat"]
then display the product

Otherwise, if we have a genid
and that genid is the same as $datosArray[$i]["sex_id"]
then display the product

If that is what you where intending to have happen, then you might want to var_dump or print_r all of your variables, and make sure nothing unexpected is happening.

You talked about wanting to use multiple categories. There are two ways of doing this that I can think of right now. The first is to have a comma separated list of categories href="...cat=pantelones,vestidos,shorts, and then turn that into an array $cats = explode(',', $_GET['cat']). You would then check for a specific category with in_array('pantelones', $cats).

The second is to create an HTML form that uses a checkbox to select multiple categories, and then if you simply add brackets to the end of the checkbox's name, then when the user submits the form, PHP will automatically convert $_GET['cat'] into an array for you See this SO question for more info about what I mean.

I would do things more like this.

function display_product($productData){
    /* Add code here to display your product */
}

foreach($datosArray as $productData){

    /* Always display the product if the gender ID was not set */
    if ( empty($productData['genid']) ){
        display_product($productData);
    }

    /* Otherwise only display the product if it matches what is in $_GET[] */
    if (
        isset($_GET["genid"]) && $_GET["genid"] == $productData['sex_id']
        && isset($_GET["cat"]) && $_GET["cat"] == $productData['categoria']
        && isset($_GET["mar"]) && $_GET["mar"] == $productData['Marca']
    ){
        display_product($productData);
    }

}

I know you already said you knew that there where better ways of filtering data, I just want to add that once it comes time to add/edit/delete data, databases become super useful. They are also speedier at filtering out the data you want.

You introduced an XSS vulnerability. You should always escape your variables before outputting them, like so. (I like to use <?= which is just a shorthand for <?php echo.)

<ul class="category-menu" name="categoria">         
    <li><a href="page.php?genid=<?= (int)$genid ?>&cat=remeras&col=<?= htmlspecialchars($_GET["col"]) ?>&mar=<?= htmlspecialchars($_GET["mar"]) ?>" name="campera" >Remeras</a></li>
    <li><a href="page.php?genid=<?= (int)$genid ?>&cat=camperas&col=<?= htmlspecialchars($col) ?>&mar=<?= htmlspecialchars($mar) ?>" name="campera">Camperas</a></li>
    <li><a href="page.php?genid=<?= (int)$genid ?>&cat=pantalones&col=<?= htmlspecialchars($col) ?>&mar=<?= htmlspecialchars($mar) ?>" name="pantalones">Pantalones</a></li>
    <li><a href="page.php?genid=<?= (int)$genid ?>&cat=shorts&col=<?= htmlspecialchars($col) ?>&mar=<?= htmlspecialchars($mar) ?>" name="short">Shorts</a></li>
    <li><a href="page.php?genid=<?= (int)$genid ?>&cat=vestidos&col=<?= htmlspecialchars($col) ?>&mar=<?= htmlspecialchars($mar) ?>" name="vestido">Vestidos</a></li>
</ul>

score 0 · Answer 2 · answered Aug 08 '21 at 07:49

PHP offers a http_build_query($arrayOrObject) function which is useful on its own. Check the docs.

I made myself a tiny wrapper for the function that I normally use for such things.

/**
 * Build query parameters string from given arrays ($_GET by default)
 * @param array $newGet
 * @param null|array $currentGet
 * @return string
 */
function new_build_query(array $newGet = [], ?array $currentGet = null)
{

    if (!isset($currentGet))
        $currentGet = $_GET;

    $newGet = array_merge($currentGet, $newGet);

    ksort($newGet);

    return http_build_query($newGet);
}

Given the current URL being https://example.com/?page=2his can be used like this:

$params = new_build_query([
    'sort' => 'asc',
    'filter' => 'female',
]);
// $params === 'filter=female&page=2&sort=asc'
$redirectUrl = "https://example.com/?{$params}";

score -2 · Answer 3 · answered Jul 28 '19 at 00:11

your code is a bit confusing in the way it is displaying the results. So I mean you want to filter a product, from there the genre and following specific details such as color, size etc. on request by ajax is possible yes. but I advise to leave these parameters in database and from this make the filters. If you are based only on json use json_decode ($ data, true) to make it an array so you can do the filters more simply. I also advise using a template engine (twig for example) to separate php code from html. that would be better for you

How to create a ecommerce filter with php using the GET method

3 Answers3