Good day! I'm just a newbie in php programming so I need somebody to help me with this one. I still cannot find what's wrong with this code. I created a search form with drop down menu to filter the results. But nothing happens when I do a searching. It's either it's just refreshes the page or display error criteria message. any answer will be appreciated! :) thanks in advance! Here is the code:
<html>
<head>
<basefont face="Arial">
</head>
<body>
<?php
error_reporting(E_ALL);
if (!isset($_POST['Submit'])) {
// form not submitted
?>
<form action="<?=$_SERVER['PHP_SELF']?>" method="post">
search
<input type="text" name="search">
<select size="1" name="dropdown">
<option value="" selected>search By...</option>
<option value="first">Company</option>
<option value="last">Address</option>
</select>
<input type="Submit" value="Submit" name="Submit">
</form>
<?php
}
else {
// Server Variables
$host = "localhost";
$user = "mdti";
$pass = "tnet";
$db = "ojt";
$search = empty($_POST['search'])? die ("ERROR: Enter search Criteria") : mysql_escape_string($_POST['search']);
$dropdown = empty($_POST['dropdown'])? die ("ERROR: Select from dropdown") : mysql_escape_string($_POST['dropdown']);
// Open Connection
$connect = mysql_connect($host, $user, $pass) or die ("Unable to connect to host");
//Select Database
mysql_select_db($db) or die ("Unable to connect to database");
//Create query
$query = "SELECT arCompanyname, arAddress FROM ar WHERE $dropdown like'$search'" or die (mysql_error());
$result = mysql_query($query) or die (mysql_error());
$num=mysql_numrows($result);
mysql_close($connect);
echo "<b><center>Database Output</center></b><br><br>";
$i=0;
while ($i < $num) {
$company=mysql_result($result,$i,"arCompanyname");
$address=mysql_result($result,$i,"arAddress");
echo "<br>Company: $company<br><br>Address: $address<hr><br>";
$i++;
}
}
?>
</body>
</html>
Looking at the code, initial thought is:
change like'$search' with like '%$search%'
change mysql_numrows to mysql_num_rows
check the dropdwon option values 'arCompanyname' and 'arAddress' matching your field names.
change <?=$_SERVER['PHP_SELF']?> to <?php echo $_SERVER['PHP_SELF']; ?>
You are calling mysql_real_escape_string
without opening the mysql_connect
.. you need to call the connect code above the mysql_real_escape_string
code
// Open Connection
$connect = mysql_connect($host, $user, $pass) or die ("Unable to connect to host");
$search = empty($_POST['search'])? die ("ERROR: Enter search Criteria") : mysql_real_escape_string($_POST['search']);
$dropdown = empty($_POST['dropdown'])? die ("ERROR: Select from dropdown") : mysql_real_escape_string($_POST['dropdown']);
Also you need to change the select option values
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
search
<input type="text" name="search">
<select size="1" name="dropdown">
<option value="" selected>search By...</option>
<option value="arCompanyname">Company</option>
<option value="arAddress">Address</option>
</select>
<input type="Submit" value="Submit" name="Submit">
</form>
and change your query with
SELECT arCompanyname, arAddress FROM ar WHERE $dropdown LIKE '%$search%'
Check the updated code:
Updated the search query, mysql_numrows -> mysql_num_rows , added mysql_fetch_array for looping.
Try to write your scripts using mysqli_* functions. Because mysql_ * functions going to deprecated.
<html>
<head>
<basefont face="Arial">
</head>
<body>
<?php
error_reporting(E_ALL);
if (!isset($_POST['Submit'])) {
// form not submitted
?>
<form action="" method="post">
search
<input type="text" name="search">
<select size="1" name="dropdown">
<option value="" selected>search By...</option>
<option value="first">Company</option>
<option value="last">Address</option>
</select>
<input type="Submit" value="Submit" name="Submit">
</form>
<?php
}
else {
// Server Variables
$host = "localhost";
$user = "mdti";
$pass = "tnet";
$db = "ojt";
// Open Connection
$connect = mysql_connect($host, $user, $pass) or die ("Unable to connect to host");
$search = empty($_POST['search'])? die ("ERROR: Enter search Criteria") : mysql_escape_string($_POST['search']);
$dropdown = empty($_POST['dropdown'])? die ("ERROR: Select from dropdown") : mysql_escape_string($_POST['dropdown']);
//Select Database
mysql_select_db($db) or die ("Unable to connect to database");
//Create query
$query = "SELECT arCompanyname, arAddress FROM ar WHERE $dropdown like '%$search%'";
$result = mysql_query($query) or die (mysql_error());
$num=mysql_num_rows($result);
if($num > 0) {
echo "<b><center>Database Output</center></b><br><br>";
while ($row = mysql_fetch_array($result)) {
$company = $row['arCompanyname'];
$address = $row['arAddress'];
echo "<br>Company: $company<br><br>Address: $address<hr><br>";
}
} else {
echo "No rows found";
}
mysql_close($connect);
}
?>
</body>
</html>
use " mysql_real_escape_string"
$search = empty($_POST['search'])? die ("ERROR: Enter search Criteria") : mysql_real_escape_string($_POST['search']);
$dropdown = empty($_POST['dropdown'])? die ("ERROR: Select from dropdown") : mysql_real_escape_string($_POST['dropdown']);
And change '$search' to '%$search%'
$query = "SELECT arCompanyname, arAddress FROM ar WHERE $dropdown like'%$search%'" or die (mysql_error());
change mysql_numrows to mysql_num_rows
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.