I am trying to create a script that selects all users in a given MySQL Column by a given term and city. The city will be specific to the member but each member could have 3 or 4 different positions (bartender, server, host etc). The code I am trying to use is below, however, it is giving me an error. Let me know if you need more information. Thanks!
Could not find staff: Unknown column 'Bartender' in 'where clause'
<?php
$perpage = 15;
$city = $_GET['city'];
$type = $_GET['type'];
if(isset($_GET["page"]))
{
$page = intval($_GET["page"]);
}
else
{
$page = 1;
}
$calc = $perpage * $page;
$start = $calc - $perpage;
$result = mysql_query("SELECT * FROM staff WHERE titles LIKE $type AND city=$city LIMIT $start, $perpage");
$rows = mysql_num_rows($result);
if($rows)
{
$i = 0;
while($post = mysql_fetch_array($result))
{
?>
<tr style="background-color: #cccccc;">
<td style="font-weight: bold;font-family: arial;"><?php echo $post["staffnum"]; ?> >> <?php echo $post["titles"]; ?></td>
</tr>
<tr>
<td style="font-family: arial;padding-left: 20px;"><?php echo $post["abt1"]; ?></td>
</tr>
<?php
}
} else {
die('Could not find staff: ' . mysql_error());
}
?>
In order to use LIKE as you want, you need to wrap it in quotes and use the appropriate % characters.
$type = mysql_real_escape_string($_GET['type']);
// do the same with $city and any other user input
$result = mysql_query("SELECT * FROM staff WHERE titles LIKE '%" . $type . "%' AND city='" . $city . "' LIMIT $start, $perpage");