Poscode distance script

Hi All,

wondered if anyone could have a look at my code, basicly this bit o code is just to test to see if it works, later I will replace where it echos out the postcodes within a max distance to pull data from a database.

the code works perfectly but I just wondered if there is a neater way to right it, or if anyone could check to see if there is any problems that may happen.


function getDistance($latitude1, $longitude1, $latitude2, $longitude2)
	//$earth = 6371; //km change accordingly
	$earth = 3960; //miles

	//Point 1 cords
	$latitude1 = deg2rad($latitude1);
	$longitude1= deg2rad($longitude1);

	//Point 2 cords
	$latitude2 = deg2rad($latitude2);
	$longitude2= deg2rad($longitude2);

	//Haversine Formula





	return $d;

	@mysql_select_db("**********") or die( "Unable to select database");

	$firstpc = strtoupper(preg_replace("/[^a-zA-Z0-9]/","", $_POST[first]));
	$query = 'SELECT `latitude`, `longitude` FROM `uk_postcode_04` WHERE `postcode`="'.$firstpc.'";';
	$result = mysql_query($query);
	$first = mysql_fetch_row($result);
	$fulldataQ = "SELECT * FROM uk_postcode_04";
	$fulldata = mysql_query($fulldataQ);
	$miles = $_POST[miles];
while($row = mysql_fetch_array($fulldata)){
$check = getDistance($first[0], $first[1], $row['latitude'], $row['longitude']);
			if($check < $miles){
			echo $row['postcode'];
			echo "<br />";



<form action="postcode.php" method="post">
Only enter the first part of the postcode. If your postcode is CO4 3AT, just enter the CO4.<br /><br />
postcode: <input name="first" maxlength="4" /><br />
Max Distance In Miles: <input name="miles" maxlength="4" /><br />
<input type="submit" />

Your script could fall victim to a mysql injection, it would be better if the variables where binded to the SQL query, also mysql_*() is set to be depreciated in the next version of PHP.

It would be better, if you made use of PDO (PHP Data Objects) for the SQL side of things ([URL=“http://www.fullondesign.co.uk/coding/php/1907-pdo-php-data-objects-starter-guide.htm”]here is a starter guide I wrote a little while ago). Under PDO your code would be something like:

$host = 'localhost';
$dbname = 'my_database';
$user = 'mysql_username';
$pass = 'mysql_password';

try {
	// Call the PDO class.
	$db= new PDO('mysql:host='.$host.';dbname='.$dbname, $user, $pass);
} catch(PDOException $e) {
	// If something goes wrong, PDO throws an exception with a nice error message.
	echo $e->getMessage();

$query = $db->prepare('SELECT `latitude`, `longitude` FROM `uk_postcode_04` WHERE `postcode`=":POSTCODE:" LIMIT 0,1 ;');
$query->execute(array(':POSTCODE:' => strtoupper(preg_replace("/[^a-zA-Z0-9]/","", $_POST[first]))); // bind the values to the SQL.
$first = $query->fetchAll(PDO::FETCH_ASSOC);
$first = $first[0]; // select the first one

$query = $db->query('SELECT * FROM uk_postcode_04;');
$fullDatas = $query->fetchAll(PDO::FETCH_ASSOC);

foreach($fullDatas as $fullData){
$check = getDistance($first->latitude, $first->longitude, $fullData->latitude'], $fullData->longitude);

Other than that (without further knowledge of how much data your working with), it looks ok :slight_smile:

Thanks mate

  • Sent from my iPhone using Tapatalk