I have this code :
PHP :
[CONNECT TO DATABASE OR DIE ( THIS WORKS )]
if(isset($_GET['search'])) // If it's submitted
{
$inp = Clean($_GET['inpname']); // Clean my input
$sQuery="SELECT name FROM user WHERE (id LIKE '%$inp%')"; // mySql query
$r = mysql_query($sQuery) or die(mysql_error());
if(mysql_affected_rows()===0) // If no match found
echo "{$inp} is not in our database.";
else
{
echo "<p>{$inp} was successfully searched.</p>"; // Yes, the query worked
while($row=mysql_fetch_array($r)) // Loop through the query results
echo "{$row[0]}<br>"; // Show the results
} // End of the else statement
} // End of the if statement
function Clean($str) // Clean my input
{
return mysql_real_escape_string(strip_tags(trim($sStr))); // Remove traces of injection
}
HTML :
<form name="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
<input name="inpname" type="text">
<input type="submit" name="search" value="Search">
</form>
I wanna search members in my database by ID but when I search for example 1 I have no results : is not in our database. (/index.php?inpname=1&search=Search)
If I use '%".$inp."%' instead of '%$inp%' it's works but It's showing me all users from my database .
If you check the php manual says:
int mysql_affected_rows ([ resource $link_identifier = NULL ] )
Get the number of affected rows by the last INSERT, UPDATE, REPLACE or DELETE query associated with link_identifier.
http://php.net/manual/en/function.mysql-affected-rows.php
So, no return values if you do a query with SELECT.
Change your code for something like this
if(isset($_GET['search'])) // If it's submitted
{
$inp = Clean($_GET['inpname']); // Clean my input
$sQuery="SELECT name FROM user WHERE id LIKE '%$inp%'"; // mySql query
$r = mysql_query($sQuery) or die(mysql_error());
if (mysql_num_rows($r))
{
while ($row=mysql_fetch_array($r))
{
echo $row['name']."<br>"; // Show the results
}
}
else
{
echo "{$inp} is not in our database.";
}
} // End of the if statement
if you want only one row
if(isset($_GET['search'])) // If it's submitted
{
$inp = Clean($_GET['inpname']); // Clean my input
$sQuery="SELECT name FROM user WHERE id LIKE '%$inp%' LIMIT 1"; // mySql query
$r = mysql_query($sQuery) or die(mysql_error());
if (mysql_num_rows($r))
{
$row=mysql_fetch_array($r)
echo $row['name']."<br>"; // Show the results
}
else
{
echo "{$inp} is not in our database.";
}
} // End of the if statement
and if you want search by exact id
if(isset($_GET['search'])) // If it's submitted
{
$inp = Clean($_GET['inpname']); // Clean my input
$sQuery="SELECT name FROM user WHERE id = $inp LIMIT 1"; // mySql query
$r = mysql_query($sQuery) or die(mysql_error());
if (mysql_num_rows($r))
{
$row=mysql_fetch_array($r)
echo $row['name']."<br>"; // Show the results
}
else
{
echo "{$inp} is not in our database.";
}
} // End of the if statement
I found out that searching with LIKE would work the best if you do:
id LIKE '%$inp%' OR id LIKE '%$inp' OR id LIKE '$inp%' OR id = '$inp'
because % means that there has to be at least one symbol. Thus %1% wouldn't find 1
, but would find 417
. At least this is what worked for me :)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.