Search results not working - mysql, php

Question

Im pretty new to php and MySQL but im trying to run a query that will search a table in my database and bring back the results with certain columns from that entry.

eg search for postcode and bring back: name, address, contact number, postcode.

can anyone point me in the right direction of what im missing or where I went wrong.

here are the details below

Latest Update

Form

<td><form action="searchresults.php" method="post" name="form1" id="form1">
  <table width="100%" border="0" cellspacing="1" cellpadding="3">
    <tr>
      <td colspan="3"><strong>Find a Active Physio</strong></td>
    </tr>
    <tr>
      <td width="100">Physio Reference</td>
      <td width="301"><input name="PhysioReference" type="text" id="PhysioReference" /></td>
    </tr>
    <tr>
      <td>Name of Physio</td>
      <td><input name="Physio" type="text" id="Physio" /></td>
    </tr>
    <tr>
      <td>Contact Number</td>
      <td><input name="Number" type="text" id="Number" /></td>
    </tr>
    <tr>
      <td>Address</td>
      <td><input name="PhysiosAddress" type="text" id="PhysiosAddress" /></td>
    </tr>
    <tr>
      <td>Postcode</td>
      <td><input name="postcode" value="" type="text" id="postcode" />
        <input type="submit" name="submit" value="Search" /></td>
    </tr>
    <tr>
      <td>Physios Email</td>
      <td><input name="PhysiosEmail" type="text" id="PhysiosEmail" /></td>
    </tr>
    <tr>
      <td colspan="3" align="center">&nbsp;</td>
    </tr>
   </table>
   </form></td>

search results

<?php

require_once('auth.php');

$host=""; // Host name 
$username=""; // Mysql username
$password=""; // Mysql password 
$db_name=""; // Database name 
$tbl_name="Physio"; // Table name 

 // Connect to server and select database.
   mysql_connect($host, $username, $password)or die("cannot connect"); 
   mysql_select_db($db_name)or die("cannot select DB");

    if(!isset($_POST['postcode'])) {
  header ("location:index.php");
 }
 $search_sql="SELECT * FROM `Physio` WHERE Postcode like '%".$_POST['postcode']."%'";
 $search_query=mysql_query($search_sql);
 $search_rs= mysql_num_rows($search_query) ;
 echo "<p> Results </p>" ;
 echo $_POST['{postcode'] ;
  if ($search_rs > 0)
   {
  echo "<p>".$search_rs['Postcode'] ."</p>" ;

   } else {
   echo "NO Results found";
   }
   ?>

Answer 1

Use mysql_query() instead of mysql_quesry()

Try this,

$link = mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name", $link)or die("cannot select DB");

$search_sql="SELECT * FROM `Physio` WHERE Postcode like '%".$_POST['physiopostcode']."%'";
$search_query=mysql_query ($search_sql);

?>
<p> Results </p>
<?php 
if (mysql_num_rows($search_query)>0) {
    while($search_rs=mysql_fetch_assoc($search_query)){
        //your code here
    }
} else {
    echo "NO Results found";
}

Answer 2

actually you are not connectiong to database .

change this

 mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
 mysql_select_db("$db_name")or die("cannot select DB");

to

 mysql_connect($host, $username, $password)or die("cannot connect"); 
 mysql_select_db($db_name)or die("cannot select DB");

and fix what krish said .

EDIT:

try this

 <p> Results </p>
 <?php if ($search_rs= mysql_num_rows($search_query) !=0)
  {
 echo "<p>".$search_rs['postcode'] ."</p>" ;

 } else {
 echo "NO Results found";
 }
 ?>

the whole code should be like that

  require_once('auth.php');

   $host=""; // Host name 
   $username=""; // Mysql username
   $password=""; // Mysql password 
   $db_name=""; // Database name 
   $tbl_name="Physio"; // Table name 

   // Connect to server and select database.
   mysql_connect($host, $username, $password)or die("cannot connect"); 
   mysql_select_db($db_name)or die("cannot select DB");

    if(!isset($_POST['physiopostcode'])) {
      header ("location:index.php");
     }
     $search_sql="SELECT * FROM `Physio` WHERE Postcode like '%".$_POST['physiopostcode']."%'";
     $search_query=mysql_query($search_sql);
     $search_rs= mysql_num_rows($search_query) ;
     echo "<p> Results </p>" ;
  if ($search_rs > 0)
   {
  echo "<p>".$search_rs ."</p>" ;

   } else {
   echo "NO Results found";
   }
   ?>

EDIT2:

change your input to this one

  <input name="postcode" value="" type="text" id="postcode" />

currently

  <td>Postcode</td>
      <td><input name="postcode" value="" type="text" id="postcode" />
        <input type="submit" name="submit" value="Search" /></td>
    </tr>

EDIT3:

you are misspelling the column name from table , Note that column names are case sensitive with Big letter or small letters.

change this: $search_rs['postcode'] to $search_rs

Answer 3

A better way of doing this would be to use stored procedures and escaping your POST.

$connection= mysqli_connect("localhost", "root", "pw","database") or die(mysqli_error("error connecting to database")); 
$postcode = htmlentities($_POST['physiopostcode']);   // Remove HTML tags from user entry
$sql = "SELECT * FROM Physio WHERE Postcode = ?"; // ? is our placeholder
$stmt = $connection->prepare($sql);
$stmt->bind_param('s', $postcode);  // Give our placeholder our user entered value
$stmt->execute();                   // Execute MySQL query
$result = $stmt->get_result();      // Grab results
if (isset($result)) {               // Print results (if any)
    while($row = $result->fetch_array(MYSQLI_ASSOC)) {
        echo $row['name'];
        echo $row['address'];
        echo $row['contactnumber'];
        echo $row['postcode'];
    }
} else {
echo "NO Results found";
};

Hope that helps!