I am wanting to search by a keyword like a customer's issue. However, every time it searches it is pulling every single entry, not one that is from their issue.
I tried not using the for each and just doing a simple like, but that did not work either.
This is what is being passed.
<form id="" class="searchbar" action="searchAppt.php" method="get">
<input type="text" name="terms" size="40" class = "sbar" required value="Search by keyword" oninput="validity.valid||(value='');"
onblur="if (this.value == '') {
this.value = 'Enter keyword';
}"
onfocus="if (this.value == 'Enter keyword') {
this.value = '';
}"/>
<button type="submit" class = "btn">Search</button>
</form>
if (filter_has_var(INPUT_GET, "terms")) {
$terms_str = filter_input(INPUT_GET, 'terms', FILTER_SANITIZE_NUMBER_INT);
} else {
echo "There were no appointments found.";
include ('includes/footer.php');
exit;
//explode the search terms into an array
$terms = explode(" ", $terms_str);
$sql = "SELECT * FROM appointments WHERE 1";
foreach ($terms as $term) {
$sql .= " AND issue LIKE '%$term%' AND email = '". $_SESSION['email'] ."'
";
}
$result = $conn->query($sql);
if ($result->num_rows > 0) {
echo "<br /><br /><center><h1>Your Ticket(s)</h1><br />
<div class='table'>
<div class='tr'>
<div class='td'><b>Ticket #</b></div>
<div class='td'><b>First Name</b></div>
<div class='td'><b>Last Name</b></div>
<div class='td'><b>Phone #</b></div>
<div class='td'><b>Building</b></div>
<div class='td'><b>Room #</b></div>
<div class='td'><b>Issue</b></div>
<div class='td'><b>Appt. Start Time</b></div>
<div class='td'><b>Appt. End Time</b></div>
<div class='td'><b>Ticket Details</b></div>
</div>";
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<div class='tr'>
<div class='td'>".$row["id"]."</div>
<div class='td'>".$row["fname"]."</div>
<div class='td'>".$row["lname"]."</div>
<div class='td'>".$row["phonenum"]."</div>
<div class='td'>".$row["building"]."</div>
<div class='td'>".$row["room"]."</div>
<div class='td'>".$row["issue"]."</div>
<div class='td'>".$row["start_time"]."</div>
<div class='td'>".$row["end_time"]."</div>
<div class='td'><form action='ticketdetails.php' method='post'>
<input type='hidden' name='id' value='".$row["id"]."'>
<input type='submit' value='Ticket Details'></form>
</div>
</div>";
}
echo "</div>";
} else {
echo "<br /> <br />Your search <i>'$terms_str'</i> did not match any appointments";
It brings up every single appointment rather than the ones that have an issue similar to the keyword search. I feel like I'm just overlooking something with the select statement. Any help would be greatly appreciated.
Your problem is in your call to filter_input
. You are specifying a filter of FILTER_SANITIZE_NUMBER_INT
, but passing a space separated list of words. As a result, the output of filter_input
is an empty string (since with that flag it strips everything but +/-
and digits from the input), and so no conditions get added to your query. You probably want to use FILTER_SANITIZE_STRING
instead.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.