I have a table in the database that looks like this
| id | |
|---|---|
| 1 | user@domain.com |
| 2 | user@domain2.com |
| 3 | user@domain3.com |
I have a form that looks like this
<form action="action.php" method="post" class="email-form" name="email-form"> <label for="email">Enter Email</label> <input type="email" class="email" id="email" name="email"> <input type="submit" class="submit-email" name="submit-email" value="submit Email"></form>In the backend I’m trying to match the input email domain with the ones in the database, after “@”.
What I’ve tried (if user enters: test@domain2.com)
$email = $_POST["email"];$emailDomain = explode("@",$email);$emailDomain = $emailDomain[1];/*I get the value domain2.com*/How should I add a Query that matches $emailDomain with the database’s email domain.
I know that if I add
$sql = "SELECT * FROM table_name WHERE email = $emailDomain";It will look for the exact email I want to look for whats after “@” in the email section
Advertisement
Answer
You already have the part after the @ stored in $emailDomain. Simply check whether the email field contains this value with the LIKE operator:
SELECT * FROM table_name WHERE email LIKE '%value%'However, note that you cannot simply substitute value with your $emailDomain in the above query, as this would make it vulnerable to SQL injection. Instead, make sure to paramaterise the query, and use a prepared statement to avoid SQL injection:
$conn = new mysqli($servername, $username, $password, $dbname);$email = $_POST["email"];$emailDomain = explode("@", $email);$emailDomain = $emailDomain[1];$param = "%{$emailDomain}%";$stmt = $conn->prepare("SELECT * FROM table_name WHERE email LIKE ?");$stmt->bind_param("s", $param);$stmt->execute();$stmt->bind_result($result); // Store the output in $result