People can order links at my platform and these get stored in two different tables, eg wp_project and wp_articles. The reason for this is that when people place an order for 1 link one project row gets created and one article row gets created.
However if a client orders 10 links there will be one project entry and ten article entries. Now this isn't very relevant to my problem but just to explain how the system works.
There are two common identifiers for projects and articles, both the ID and the project title are stored in both inpu_project and inpu_articles.
Now if I want to echo all the links from one project I built a search function where I can select the project ID, click search and whether a client ordered 1 link or 20 links that amount of links will show.
The problem starts when I want to search based on the project title instead of ID, which is non-numeric but just words (with spaces in between sometimes).
This to prevent the error undefined index in my error logs
$where_clouse='';
This is the search function based on the project title:
if(isset($_GET['todo']) && $_GET['todo']=='search')
{
if($_GET['proid']!=0){
$where_clouse.=' AND P.`project_title`='.$_GET['proid'];
}
}
This is the database query to pull the links from it:
$sql="SELECT P.`project_title`, P.`backlink` FROM `inpu_articles` AS P
WHERE P.`post_it_posted` = '1' ".$where_clouse." ORDER BY P.`project_title` ASC";
$backlinks=$wpdb->get_results($sql, ARRAY_A);
This is the actual search function that triggers the first code I pasted:
<p>Select a project title and hit search!</p>
<form action="" method="get">
<input type="hidden" name="todo" id="todo" value="search" />
<select name="proid" id="proid">
<option value="0">All Projects</option>
<?php $projects=getTitles(); foreach($projects as $project){ ?>
<option value="<?php echo $project['title']; ?>" <?php if(isset($_GET['proid']) && $_GET['proid']==$project['title'] ) { echo 'selected="selected"'; } ?> ><?php echo $project['title'] ?>
</option>
<?php } ?>
</select>
<input class="submit_search" type="submit" id="search_button" value="Search"/>
</form>
And this is the code that pulls the project titles from the project table:
function getTitles($where=false)
{
global $wpdb;
$sql="SELECT `title`, `link` FROM `inpu_project` WHERE `link`='1' ORDER BY `title` ASC";
$result = $wpdb->get_results($sql, ARRAY_A);
return $result;
}
All pretty straight forward and it works 100% fine if I replace the non-numeric title in the code for both the inpu_articles and the inpu_project tables with the numeric id.
Then the code does exactly what it does, but when I use the project title instead it just shows ALL of the links that every client ever ordered and no error shows up in my database. It's like it can't find a match or something, which is plain weird.
So am I missing something here? Is it not possible to match words or is there something that I should adjust when using words instead of numeric values?
Lastly, for what it's worth, this is the code that echos the query:
<?php foreach ($backlinks as $backlink) {
$backlink_overview=$backlink['backlink'];
?>
<ul>
<li><?php echo $backlink_overview; ?></li>
</ul>
<?php } ?>
The titles do show up in my form / search drop down menu so I am surprised it can't match the project title with the title that's stored in the article table.
My gut says this is where it goes wrong:
P.`project_title`='.$_GET['proid'];
But it doesn't throw any syntax errors or any errors whatsoever, it just shows all the links that are stored in the inpu_article table, ignorning my search function altogether.
The problem is in the condition for where_clause and the where_clause itself.
To check for input you need to check if the parameter is set and is not empty. Then for where clause you need to put the string into quotes. Change that part of the code like bellow
if(isset($_GET['proid']) && !empty($_GET['proid'])){
$where_clouse.=" AND P.project_title='".$_GET['proid']."'";
}