How can execute a MySQL query with multiple WHERE-clauses?

how would you do a mysql query where a user can choose from multiple options. Fox example I have a form that user can use to search for houses. Now I have a select box where you can chosse whether you want a house, a flat or whatever. Then I have a second box where you can choose for example the city you want the house or flat to be in. And maybe another one with the maximum price.

Now how would you do the mysql query? My problem is, I would do it like that: if($_POST["house_type"] != 0) { $select = mysql_query("SELECT * FROM whatever 开发者_如何学运维WHERE type = '".$_POST["house_type"]."'"); } But now I only have the case that someone has chosen a house type but not any other option. So do I have to do an "if" for every possible combination of selected elements?

To emphasize my problem:

if(!isset($_POST["house_type"])) {

            if($_POST["something"] == 0) {
        $search_select = @mysql_query("SELECT * FROM housedata WHERE something = $_POST["whatever"]);

            }
            elseif($_POST["something"] != 0) {
        $search_select = @mysql_query("SELECT * FROM housedata  something = $_POST["whatever"] AND somethingelse = 'whatever');
            }
        }



elseif(!isset($_POST["house_type"])) {


        if($_POST["something"] == 0) {
        $search_select = @mysql_query("SELECT * FROM housedata WHERE something = $_POST["whatever"]);

            }
            elseif($_POST["something"] != 0) {
        $search_select = @mysql_query("SELECT * FROM housedata  something = $_POST["whatever"] AND somethingelse = 'whatever');
            }
        }

Now imagine I had like 10 or 20 different select boxes, input fields and checkboxes and I would have to do a mysql query depending on what of these boxes and fiels and checkboxes is filled. This would be a code that is extremely complicated, slow and horrible. So is there a possibility to make a mysql query like:

SELECT * FROM whatever WHERE house_data = '".$whatever."' AND (if(isset($_POST["something"])) { whatever = '".$whatever2."' } AND ...;

You get what I mean? Its a bit complicated to explain but actually its a very important question and probably easy to answer.

Thank you for your help! phpheini

Generate the WHERE clause prior to running the SQL.

A short example:

$whereClause = "";

if ($_POST['opt1']) {
    $opt1 = mysql_real_escape_string($_POST['opt1']);
    $whereClause .= "AND opt1='$opt1'";
}

if ($_POST['opt2']) {
    $opt2 = mysql_real_escape_string($_POST['opt2']);
    $whereClause .= "AND opt2='$opt2'";
}

mysql_query("SELECT * FROM table WHERE 1 ".$whereClause); 

To point you a little bit into the right direction, try something like this:

if(isset($_POST["something"]))
{
    $where = " AND whatever = '".$whatever2."'";
}
else    $where = '';

mysql_query("SELECT * FROM whatever WHERE house_data = '".$whatever."'".$where);

$where = array();
if($_POST["something"]) {
    $where[]  = " something =".$_POST["something"];
}
if($_POST["something2"]) {
   $where[]  = " something2=".$_POST["something2"];
}
.
.
.
//build where string
$where_ = !(empty($where) ? " WHERE ".implode(" AND ",$where) : "";
//build sql
$sql = "SELECT * ... ".$where;

write some simple query builder

$where = array();
if($_POST["something"]) {


$where[]  = sprintf(" something='%s'",$_POST["something"]);

//sprintf - prevent SQL injection }

if($_POST["something2"]) {


$where[]  = sprintf(" something2='%s'",$_POST["something2"]);
}
//build where string
$where_str = " WHERE ".implode(" AND ",$where);
//build sql
$sql = "SELECT * ... $where_str";

You need to build your search string separately but the format is simply

SELECT * FROM your_table WHERE number = {$number} AND sentence = '{$sentence}';

Since you are creating the search term based on PHP logic do this:

$search = "SELECT * FROM your_table WHERE ";
if(isset($whatever)) $search .= "something = '{$whatever}'";
if(isset($whateverelse)) $search .= " AND somethingelse = '{$whateverelse}'";
$search_select = mysql_query($search);