You're falling foul of operator precedence. The OR in your SQL statement is matching everything from 2010, which undoes the other WHERE clauses.
SQL code: SELECT * FROM weight WHERE month='August' AND year='2010' OR year='2010'
gives you the same result set as:
SQL code: SELECT * FROM weight WHERE year='2010'
If you ever need to combine OR and AND in your WHERE clause you'll need to bracket them correctly. For example, to get matches for August 2010 and everything in 2010 you would do:
SQL code: SELECT * FROM weight WHERE (month='August' AND year='2010') OR year='2011'
As for combining your query strings. You'll have to perform tests in PHP and construct the SQL you need based on the presence of the URL query variables
PHP code: if (isset($_GET['month'], $_GET['year'])) {
$month = mysql_escape_string($month);
$year = mysql_escape_string($year);
$sql = "SELECT * FROM weight WHERE month = '$month' AND year = '$year'";
} else if (isset($_GET['month'])) {
$month = mysql_escape_string($month);
$sql = "SELECT * FROM weight WHERE month = '$month'";
} else if (isset($_GET['year'])) {
$year = mysql_escape_string($year);
$sql = "SELECT * FROM weight WHERE year = '$year'";
}
$result = mysql_query($sql);
Note the use of mysql_escape_string too. It's your best friend. |