The below code I got from the w3 schools website and adapted it a little to my db but no matter what when I click on my search button I only get the first line printed and nothing else. It doesn't even print if the connection to my db is successfully made or not.
I used chrome's dev tool to check my network traffic and I can see my POST request made successfully:
name: bahamas submit: Search
I enabled logging for both error and general on my mysql instance, and did a grep for bahamas and got no hits. So this would seem to indicate that the script didn't even query my db?
IE this is what I get: https://imgur.com/a/PHKBmbU
<?php echo("PHP Search Page Loaded Successfully");
if(isset($_POST['submit'])){
if(preg_match("^/[A-Za-z]+/", $_POST['name'])){
$servername = "localhost";
$username = "test";
$password = "test";
$dbname = "test";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
} else {
echo("We are not dead");
}
$sql = "SELECT boatname, date, price FROM liveaboards";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo("<br> boatname: ". $row["boatname"]. " - date: ". $row["date"]. " " . $row["price"] . "<br>");
}
} else {
echo(" 0 results");
}
$conn->close();
}
}else{
echo("<p>Please enter a search query</p>");
}
?>
In following the theme of W3 Schools (one of my favorite resources), here is the correct way to sanitize data: https://www.w3schools.com/php/php_filter.asp
Applied to your code:
<?php echo("PHP Search Page Loaded Successfully");
// test variables.
$_POST['submit'] = true;
$_POST['name'] = "bahamas";
if(isset($_POST['submit'])){
$_POST['name'] = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$servername = "localhost";
$username = "test";
$password = "test";
$dbname = "test";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
} else {
echo("We are not dead");
}
$sql = "SELECT boatname, date, price FROM liveaboards";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo("<br> boatname: ". $row["boatname"]. " - date: ". $row["date"]. " " . $row["price"] . "<br>");
}
} else {
echo(" 0 results");
}
$conn->close();
}else{
echo("<p>Please enter a search query</p>");
}
?>
According to your POST result, you are receiving name: bahamas submit: Search
, if so then Correct this
if(isset($_POST['submit'])){
TO
if(isset($_POST['Search'])){
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.