adding a condition to a WHERE clause based on a passed variable value mysql -

i relative novice , use problem.

this used in search filter situation. users need search value , 1 or more other values passed search form.

$name = $_post['name']; $sdate = $_post['sdate']; $startdate = $_post['startdate']; $enddate = $_post['enddate']; $vehicle = $_post['vehicle']; $triptype = $_post['triptype'];  

if of these values '' not want them in query, if contain value want them in query.

select * form_data `resp_person` = '$name',   if $sdate != '' `sdate` = '$sdate',   if $startdate != '' `sdate` = *all values between $startdate , $enddate*,   if $triptype != '' `triptype` = '$vehicle',   if $vehicle != '' `vehicle` = '$vehicle', `sdate`   order `sdate` desc, `stime` desc") 

i know code wrong should give idea of trying accomplish. guidance appreciated.

a better way not use string concatenation build entire query, rather use sql library supports prepared statements, such pdo.

$pdo = new pdo('... connection string ...', username, password); $where = ''; $possible_values = array('name', 'sdate', 'startdate', 'enddate', 'vehicle', 'triptype' ); $params = array(); foreach($possible_values $val) {     if(isset($_post[$val]))     {         $params[] = $_post[$val];         if($where == '')         {             $where = "where $val = ?";         }         else         {             $where .= " , $val = ?";         }     } } $stmt = $pdo->prepare("select * form_data " . $where); $stmt->execute($params);