I am building a search field with php where users can search for Doctors information with multiple search options.
As shown in the picture a user can search by: DR.NAME, SPECIALTY, DIVISION, LOCATION. The DR.NAME should match any keyword and the form doesn't require any fields to be filled out.
This is my current code which isn't working.
doctorsearch.php
<?php
error_reporting(0);
include 'config.php';
$d_fname = $_POST['d_fname'];
$d_spcl = $_POST['d_spcl'];
$d_division = $_POST['d_division'];
$d_location = $_POST['d_location'];
$qry = "SELECT * FROM doctor_reg WHERE ";
if ($d_fname != '') {
$qry .= "d_fname='".mysql_real_escape_string($d_fname)."' AND ";
}
if ($d_spcl != '') {
$qry .= "d_spcl='".mysql_real_escape_string($d_spcl)."' AND ";
}
if ($d_division != '') {
$qry .= "d_division='".mysql_real_escape_string($d_division)."' AND ";
}
if ($d_location != '') {
$qry .= "d_location='".mysql_real_escape_string($d_location)."' AND ";
}
$result = mysql_query($result);
?>
<?php
echo "<table border='1px solid #CCCCCC;' width='100%'>";
echo "<tr style='color:#FFFFFF;background:#555555;'>";
echo "<th style='padding:3px;'>Name</th>";
while($row = mysql_fetch_array($result)){
echo "<tr class='trbd'>";
echo "<td style='padding:3px;'>".$row['d_fname'].' '.$row['d_lname']."</td>";
?>
<?php
echo "</tr>";
}
echo "</table>";
?>
You need to add OR
instead of AND
.
Generally, when users search they search by OR
condition.
For example: Doctor Name should be Sharma or location should be east street.
If we search with AND
conditions, database will search only records who have the exact combination.
AND
returns true
if all the conditions are true.
OR
returns true
if any of conditions is true.
Therefore, OR
is correct syntax here.
Corrected code:
$qry = "SELECT * FROM doctor_reg";
$searchArray = array();
if ($d_fname != '') {
$searchArray[] = "d_fname LIKE '%".mysql_real_escape_string($d_fname) . "%'";
}
if ($d_spcl != '') {
$searchArray[] = "d_spcl LIKE '%".mysql_real_escape_string($d_spcl) . "%'";
}
if ($d_division != '') {
$searchArray[] = "d_division LIKE '%".mysql_real_escape_string($d_division) . "%'";
}
if ($d_location != '') {
$searchArray[] = "d_location LIKE '%".mysql_real_escape_string($d_location) . "%'";
}
$qry .= ! empty($searchArray) ? " WHERE " . implode(" OR ", $searchArray) : '';
if you want any keyword not exact match then you shoud use like instead of = operator, so change this
if ($d_fname != '') {
$qry .= "d_fname='".mysql_real_escape_string($d_fname)."' AND ";
}
into this
if ($d_fname != '') {
$qry .= "d_fname LIKE'%".mysql_real_escape_string($d_fname)."%' AND ";
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.