case sensitive PHP

0

I want a variable that is passed by POST to be case-insensitive, ie if the variable is "Test", it is equal to "test". I know there is in PHP the strcasecmp, which does this. The problem is that I do a search on the table (database in SQLite) of this value passed by POST. In the table there is for example a field with this value Test, and if it is passed test, know that it is this field. here is my query the table:

$requete="SELECT * FROM contact WHERE nom='$search'";

and the value

if (isset($_POST['search'])) 
{
    $search= htmlentities($_POST['search']);
}
    
asked by anonymous 11.11.2014 / 22:14

1 answer

6

If the problem is in query :

$requete = "SELECT * FROM contact WHERE LOWER( nom ) = LOWER( '$search' )";

or else:

$search = mb_strtolower( $search );
$requete = "SELECT * FROM contact WHERE LOWER( nom ) = '$search'";

Or equivalent function, since the DBMS was not specified in the question. Remember that in this case it is essential to use the correct collation for the language in use in the languages involved.


SQL Injection > comes from toast in all these codes. Take a look at here in the same SOpt , there's a series answers explaining how to solve. Regardless of the original question, your code sooner or later will give you serious trouble with this.


If the problem is in the name of the parameters:

Normally this should not be necessary, and should only be used if there is a conscious reason for doing so. In general, it's best to use consistency when naming everything in PHP (and any other language). If I re-read the current situation of the question, I believe that the first part of the answer is the solution, not this one.


With this line we normalize the case of the parameters:

$_POST_MIN = array_change_key_case( $_POST, CASE_LOWER );

And then use this way, always in lowercase:

if (isset($_POST_MIN['search'])) 
{
    $search= htmlentities($_POST_MIN['search']);
}
    
11.11.2014 / 22:33