I'm new to PHP programming. I would love some feedback on this simple code I wrote which queries a database based on some arguments supplied by a user and returns an HTML table displaying the data.
The table in my db has three columns: Manufacturer, Model, ForSale.
The user picks from three drop down menus on the web page and this php script is called with the data.
<?php
$db = new SQLite3("db/mantisui.db");
$manufacturer= $_GET['mfr'];
$model = $_GET['mod'];
$forsale = $_GET['forSale'];
// create the query
$q = "SELECT * FROM vehicles";
$addwhere = true;
// if all mfrs chosen, skip WHERE clause
$pos = strpos($manufacturer, 'All');
if ($pos === false) {
$q .= " WHERE Manufacturer='$manufacturer'";
$addwhere = false;
}
// if any models chosen, skip WHERE clause
$pos = strpos($model, 'Any');
if ($pos === false) {
if ($addwhere == false) {
$q .= " AND";
}
else {
$q .= " WHERE";
$addwhere = false;
}
$q .= " Model='$model'";
}
// if any for sale status chosen, skip WHERE clause
$pos = strpos($forsale, 'Any');
if ($pos === false) {
if ($addwhere == false) {
$q .= " AND";
}
else {
$q .= " WHERE";
$addwhere = false;
}
$q .= " ForSale='$forsale'";
}
$response = $db->query($q);
// generate the output table
$output = "<table id='screens' class='table tablesorter table-condensed table-striped table-hover table-bordered'>";
$output .= "<thead><tr><th>MANUFACTURER</th><th>MODEL</th><th>FOR SALE</th></tr></thead>";
while ($res = $response->fetchArray()) {
$id = $res['Id'];
$txtMfr= $res['Manufacturer'];
$txtModel= $res['Model'];
$txtForSale = $res['ForSale'];
$output .= "<tr class='vehiclerow'><td style='display:none' class='id_row'>$id</td><td>$txtMfr</td><td>$txtModel</td><td>$txtForSale</td><td class='status_cell'>$status</td></tr>";
}
$output .= "</table>";
echo $output;
$db->close();
?>