hi i have a form where the user will enter the data based on the user input i want to retrieve data

ex
1st textbox one get the standard (class of the student)
2nd & 3rd textbox get the range (ex rank 1 to 10)
when the user clicks submit...i want to display all the student name ,rank,class

table
id(primary key)
name

table
id
rank
........


i want to know how to fetch datas from database based on the three condition..which is dynamic

hi i have a form where the user will enter the data based on the user input i want to retrieve data

ex
1st textbox one get the standard (class of the student)
2nd & 3rd textbox get the range (ex rank 1 to 10)
when the user clicks submit...i want to display all the student name ,rank,class

table
id(primary key)
name

table
id
rank
........


i want to know how to fetch datas from database based on the three condition..which is dynamic

What language do you intend to use for the script? That will determine to some extent how we can help you. Also show us what you have tried so far. Can you perform a successful SELECT with the MySQL client in a shell? If so, then all you need to do is modify that to suit your 'variable' input.

As well, this situation sets up a possible SQL Injection attack. If you don't know what that is look it up. If you are doing this through a web site you should definitely protect your data against an injection attack.

html page
<form method="get" action="sort2.php">
<table>
<tr>
<td>SPid</td><td><input type="text" name="spid"></td>
</tr>
<tr>
<td>From</td><td><input type="text" name="from"></td>
<td>To</td><td><input type="text" name="to"></td>
<td><input type="submit" name="submit" value="submit"></td></tr>
</table>
</form>


sort2.php

<?php
$spid=$_REQUEST;
$to=$_REQUEST;
$from=$_REQUEST;
$link=mysql_connect($hostname, $username, $password);
mysql_select_db($dbid) or die("unable to connect");

$query="(select name,id from member where id=(select day,time from attend where day between '$from' and '$to')";


$result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
echo "<table width='90%'>";

echo "<tr><td bgcolor='#008080'><font face='Times New Roman' color='#FFFFFF' size='2'><strong>Day</strong></font> </td>
<td bgcolor='#008080'><font face='Times New Roman' color='#FFFFFF' size='2'><strong>Name</strong></font> </td>
<td bgcolor='#008080'><font face='Times New Roman' color='#FFFFFF' size='2'><strong>Time</strong></font> </td></tr>";
if (mysql_num_rows($result) > 0 )
{

while($row = mysql_fetch_row($result))
{


echo "<tr>";

echo "<td>".$row[0]."</td><td>".$row[1]."</td><td> ".$row[2]."</td>";
echo "</tr>";
echo "<tr><td bgcolor='#008080'></td><td bgcolor='#008080'></td><td bgcolor='#008080'></td></tr>";
}
echo "</table>";
}

mytable

tb1
id(primary key)
name....

tb2

day,time,id........


please tell me how to fetch the name,day,time from the display it to the admin


$query="(select name,id from member where id=(select day,time from attend where day between '$from' and '$to')";

$result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
echo "<table width='90%'>";

echo "<tr><td bgcolor='#008080'><font face='Times New Roman' color='#FFFFFF' size='2'><strong>Day</strong></font> </td>
<td bgcolor='#008080'><font face='Times New Roman' color='#FFFFFF' size='2'><strong>Name</strong></font> </td>
<td bgcolor='#008080'><font face='Times New Roman' color='#FFFFFF' size='2'><strong>Time</strong></font> </td></tr>";
if (mysql_num_rows($result) > 0 )
{

while($row = mysql_fetch_row($result))
{


echo "<tr>";

echo "<td>".$row[0]."</td><td>".$row[1]."</td><td> ".$row[2]."</td>";
echo "</tr>";
echo "<tr><td bgcolor='#008080'></td><td bgcolor='#008080'></td><td bgcolor='#008080'></td></tr>";
}
echo "</table>";
}

And what does this code display? From the look of it (not being a PHP programmer) it should give you what you want. You need to tell us why this doesn't 'work': does it display anything? Is it the wrong result set? What?

About the SQL injection: ask in a PHP forum or do a search on place holders in an SQL query.

PS You don't need to include all your HTML code - just the relevant code to deal with the problem.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.