Sql select statement errors!

PHP
1

I have an sql select query which is the following:

$sql = mysql_query(“SELECT max(Price), Make, Model, Price FROM Used_Stock WHERE Make=‘$manufacturer’ AND Feed_Id IN (‘$feed_ident’) GROUP BY Model ORDER BY Price ASC”);

The $feed_ident is a variable which is set depending on which section of the site the user is in. The above query works fine if the variable is something like the following:
$feed_ident=‘11192’

The problem I have is that this variable will sometimes be more than one number ie:
$feed_ident=‘11192’, ‘12345’, ‘978685’

When this is the case the sql query fails.

Can anyone tell me how I can write the query above so that regardless of whether the variable is one value or a range of values the query will work please.

Thanks for any help in advance.

2

So, the variable is declared like this?*


<?php
#this
$feed_ident = "11192";

#or
$feed_ident = "'11192, '12345', '978685'";

*note the quoting

3

It can be either. Problem is with the query set as it is it doesn’t work. Any idea how I can get around this?

4

I worked it out, thanks for the help with this though.

I had to declare the variables like this:
$feed_ident=“‘11102’, ‘22896’”;

5

I would probably use a little function to help be build the SQL, it would allow for the input to be a little more forgiving.


<?php
function get_feed_sql($feeds = ''){
  $ids = null;
  
  preg_match_all('~([0-9]+)~', $feeds, $matches);
  
  if(false === empty($matches[0])){
    $ids = implode("', '", $matches[0]);
  }
  
  return sprintf("SELECT foo FROM table WHERE id IN ('%s');", $ids);
}



<?php
$feeds = '';
echo get_feed_sql($feeds);
/*
 SELECT foo FROM table WHERE id IN ('');
*/



<?php
$feeds = '12345';
echo get_feed_sql($feeds);
/*
 SELECT foo FROM table WHERE id IN ('12345');
*/



<?php
$feeds = 12345;
echo get_feed_sql($feeds);
/*
 SELECT foo FROM table WHERE id IN ('12345');
*/



<?php
$feeds = '12345,67890';
echo get_feed_sql($feeds);
/*
 SELECT foo FROM table WHERE id IN ('12345', '67890');
*/



<?php
$feeds = '  12345,   67890  ';
echo get_feed_sql($feeds);
/*
 SELECT foo FROM table WHERE id IN ('12345', '67890');
*/

Does that make much sense? Hopefully you can see how only sets of numbers are passed to the SQL string and anything else is filtered out. :slight_smile:

6

Thanks very much for the help, I’ll look into using this on the site.