function list2query($str, $pre) { $names = array(); $ids = array(); $list = quotesplit(",", $str); $list = array_map("sql_escape_string", $list); foreach ($list as $al) { if (preg_match("/^id:\\d+\$/", $al)) { $ids[] = substr($al, 3); } else { $a = getMatches("{$pre}_name", $al); if ($a) { $names[] = $a; } else { $names[] = "'{$al}'"; } } } $q = ""; if (count($names) > 0) { $q .= "{$pre}_name IN(" . join(", ", $names) . ")"; } if (count($names) > 0 && count($ids) > 0) { $q .= " OR "; } if (count($ids) > 0) { $q .= "{$pre}_id IN(" . join(", ", $ids) . ")"; } return strlen($q) > 0 ? $q : false; }
if ($_GET) { $command = "SELECT DISTINCT recipes.id,recipes.title FROM recipes @category_lists@ WHERE "; //==============title================// $query_title = $_GET["title"]; $command .= "recipes.title LIKE \"%{$query_title}%\" "; //==============title================// $query_instructions = $_GET["instructions"]; $command .= "AND recipes.instructions LIKE \"%{$query_instructions}%\" "; //=============yields============// $yields_comparison = $_GET["yields_option"]; $query_yields = $_GET["yields"]; if ($query_yields != "") { $command .= "AND (recipes.yield_amount {$yields_comparison} {$query_yields}) "; } //=============categories============// $cat_or_list = quotesplit(stripslashes($_GET["cat_or_list"])); $category_lists = ""; if (count($cat_or_list) > 0 && $_GET["cat_or_list"] != "") { $category_lists .= ",category_list AS cl, categories c"; $first = false; $command .= "AND ("; while (list($key, $val) = each($cat_or_list)) { if ($val == "") { continue; } if ($first == true) { $command .= "OR "; } $command .= "c.name LIKE '%{$val}%' "; $first = true; }