|
PHP - Search Form Error
Just take a look at the code.. idk whats wrong.
<?php // Get the search variable from URL $var = @$_GET['q'] ; $trimmed = trim($var); //trim whitespace from the stored variable // rows to return $limit=10; // check for an empty string and display a message. if ($trimmed == "") { echo "<p>Please enter a search...</p>"; exit; } // check for a search parameter if (!isset($var)) { echo "<p>We dont seem to have a search parameter!</p>"; exit; } //connect to your database ** EDIT REQUIRED HERE ** mysql_connect("localhost","root",""); //(host, username, password) //specify database ** EDIT REQUIRED HERE ** mysql_select_db("school") or die("Unable to select database"); //select which database we're using // Build SQL Query $query = "select * from the_table where 1st_field like \"%$trimmed%\" order by 1st_field"; // EDIT HERE and specify your table and field names for the SQL query $numresults=mysql_query($query); $numrows=mysql_num_rows($numresults); // If we have no results, offer a google search as an alternative if ($numrows == 0) { echo "<h4>Results</h4>"; echo "<p>Sorry, your search: "" . $trimmed . "" returned zero results</p>"; echo "<p><a href=\"http://www.google.com/search?q=" . $trimmed . "\" target=\"_blank\" title=\"Look up " . $trimmed . " on Google\">Click here</a> to try the search on google</p>"; } // next determine if s has been passed to script, if not use 0 if (empty($s)) { $s=0; } // get results $query .= " limit $s,$limit"; $result = mysql_query($query) or die("Couldn't execute query"); // display what the person searched for echo "<p>You searched for: "" . $var . ""</p>"; // begin to show results set echo "Results"; $count = 1 + $s ; // now you can display the results returned while ($row= mysql_fetch_array($result)) { $title = $row["1st_field"]; echo "$count.) $title" ; $count++ ; } $currPage = (($s/$limit) + 1); //break before paging echo "<br />"; // next we need to do the links to other results if ($s>=1) { // bypass PREV link if s is 0 $prevs=($s-$limit); print " <a href=\"$PHP_SELF?s=$prevs&q=$var\"><< Prev 10</a>  "; } // calculate number of pages needing links $pages=intval($numrows/$limit); // $pages now contains int of pages needed unless there is a remainder from division if ($numrows%$limit) { // has remainder so add one page $pages++; } // check to see if last page if (!((($s+$limit)/$limit)==$pages) && $pages!=1) { // not last page so give NEXT link $news=$s+$limit; echo " <a href=\"$PHP_SELF?s=$news&q=$var\">Next 10 >></a>"; } $a = $s + ($limit) ; if ($a > $numrows) { $a = $numrows ; } $b = $s + 1 ; echo "<p>Showing results $b to $a of $numrows</p>"; ?> its supposed to search my databases i guess.. i need a site searcher if anyone wanna make me post it please.. or post a tut Similar TutorialsThe dreadful apostrophie problem... This search form returns an error whenever searching with an apostrophie (') Here's the code on the form (html) <td align="center" width="135"><form method="post" action="srch_advert.php"><input type=text name='search' size=15 maxlength=255><br><input type=submit></form></td> <td align="center" width="135"><form method="post" action="srch_details.php"><input type=text name='search' size=15 maxlength=255><br><input type=submit></form></td> <td align="center" width="135"><form method="post" action="srch_artist.php"><input type=text name='search' size=15 maxlength=255><br><input type=submit></form></td> <td align="center" width="135"><form method="post" action="srch_track.php"><input type=text name='search' size=15 maxlength=255><br><input type=submit></form></td> and heres the code on srch_advert.php if ($search) // perform search only if a string was entered. { mysql_connect($host, $user, $pass) or die ("Problem connecting to Database"); $srch="%".$search."%"; $query = "select * from tvads WHERE advert LIKE '$srch' ORDER BY advert, year DESC, details ASC LIMIT 0,30"; $result = mysql_db_query("cookuk_pn", $query); if(mysql_num_rows($result)==0) { print "<h2>Your search returned 0 Results</h2>"; } else if ($result) { Hi folks, I am a complete n00b at php and mysql. I am teaching myself from books and the WWW, but alas I am stuck... the error I get is: Parse error: syntax error, unexpected T_STRING in X:\xampp\htdocs\search.php on line 7 here is the code: <?php mysql_connect ("localhost", "user", "password") or die (mysql_error()); mysql_select_db ("it_homehelp_test") or die (mysql_error()); $term = $_POST['term']; $sql = $mysql_query(select * from it_homehelp_test where ClientName1 like '%term%'); <<<------this is line 7 while ($row = mysql_fetch_array($sql)){ echo 'Client Name:' .$row['ClientName1']; echo 'Address:' .$row['Address1']; echo 'Phone:' .$row['Tel1']; } ?> Any help you can offer would be great. I can also post the ".html" file that creates the search bar if it is needed. Thanks I'm not sure why, but once I added a search form in my nav menu, it made my other forms on the website such as login and signup form take them to where the search button would take them. any ideas??? Error: Warning: mysql_query() expects parameter 1 to be string, resource given in C:\Program Files\xampp\htdocs\NEW\search.php on line 35 Warning: mysql_num_rows() expects parameter 1 to be resource, null given in C:\Program Files\xampp\htdocs\NEW\search.php on line 36 Results Sorry, your search: "mod" returned zero results Click here to try the search on google You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #3 limit 0,10' at line 1 My PHP code <?php // Get the search variable from URL $var = @$_GET['q'] ; $trimmed = trim($var); //trim whitespace from the stored variable // rows to return $limit=10; // check for an empty string and display a message. if ($trimmed == "") { echo "<p>Please enter a search...</p>"; exit; } // check for a search parameter if (!isset($var)) { echo "<p>We dont seem to have a search parameter!</p>"; exit; } //connect to your database ** EDIT REQUIRED HERE ** mysql_connect("localhost","root",""); //(host, username, password) //specify database ** EDIT REQUIRED HERE ** mysql_select_db("school") or die("Unable to select database"); //select which database we're using // Build SQL Query $query = mysql_query("SELECT * FROM main WHERE username LIKE '%".$trimmed."%' ORDER BY username") or die(mysql_error()) ; // EDIT HERE and specify your table and field names for the SQL query $numresults=mysql_query($query); $numrows=mysql_num_rows($numresults); // If we have no results, offer a google search as an alternative if ($numrows == 0) { echo "<h4>Results</h4>"; echo "<p>Sorry, your search: "" . $trimmed . "" returned zero results</p>"; echo "<p><a href=\"http://www.google.com/search?q=" . $trimmed . "\" target=\"_blank\" title=\"Look up " . $trimmed . " on Google\">Click here</a> to try the search on google</p>"; } // next determine if s has been passed to script, if not use 0 if (empty($s)) { $s=0; } // get results $query .= " limit $s,$limit"; $result = mysql_query($query) or die(mysql_error()) ; // display what the person searched for echo "<p>You searched for: "" . $var . ""</p>"; // begin to show results set echo "Results"; $count = 1 + $s ; // now you can display the results returned while ($row= mysql_fetch_array($result)) { $title = $row["1st_field"]; echo "$count.) $title" ; $count++ ; } $currPage = (($s/$limit) + 1); //break before paging echo "<br />"; // next we need to do the links to other results if ($s>=1) { // bypass PREV link if s is 0 $prevs=($s-$limit); print " <a href=\"$PHP_SELF?s=$prevs&q=$var\"><< Prev 10</a>  "; } // calculate number of pages needing links $pages=intval($numrows/$limit); // $pages now contains int of pages needed unless there is a remainder from division if ($numrows%$limit) { // has remainder so add one page $pages++; } // check to see if last page if (!((($s+$limit)/$limit)==$pages) && $pages!=1) { // not last page so give NEXT link $news=$s+$limit; echo " <a href=\"$PHP_SELF?s=$news&q=$var\">Next 10 >></a>"; } $a = $s + ($limit) ; if ($a > $numrows) { $a = $numrows ; } $b = $s + 1 ; echo "<p>Showing results $b to $a of $numrows</p>"; ?> Lines: Code: [Select] 35 == $numresults=mysql_query($query); 36 == $numrows=mysql_num_rows($numresults); 59 == $result = mysql_query($query) or die(mysql_error()) ; -- You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #3 limit 0,10' at line 1 Help Please.. I made a search engine to search my database for specific users ( well I used a tutorial ). I'm not getting any errors atleast when loading the page which is a first for me. However, now I am tackled by something new. When entering the keywords and submitting the search I get: Access forbidden! You don't have permission to access the requested object. It is either read-protected or not readable by the server. If you think this is a server error, please contact the webmaster. Error 403 127.0.0.1 04/30/07 11:09:21 Apache/2.2.16 (Win32) PHP/5.3.3 Which is odd for me because I am using the same config.php with connection code to connect to the db which I used with all my other pages. And in those pages I have been able to add/delete/edit and display records from the database tables. Does this have something to do with it being a search engine? Here is my code: Code: [Select] <html> <head> </head> <body> <h2>Search</h2> <form name="search" method="post" action="<?=$PHP_SELF?>"> Seach for: <input type="text" name="find" /> in <Select NAME="field"> <Option VALUE="fname">First Name</option> <Option VALUE="sname">Last Name</option> <Option VALUE="sno">Profile</option> </Select> <input type="hidden" name="searching" value="yes" /> <input type="submit" name="search" value="Search" /> </form> </body> </html> <?php //This is only displayed if they have submitted the form $searching ='searching'; if ($searching =="yes") { echo "<h2>Results</h2><p>"; //If they did not enter data then they receive an error if ($find == "") { echo "<p>You forgot to enter a search term"; exit; } // Otherwise connect to database include 'includes/config.php'; include 'includes/functions.php'; connect(); // filtering $find = strtoupper($find); $find = strip_tags($find); $find = trim ($find); // search for term in specified field $data = mysql_query("SELECT * FROM student WHERE upper($field) LIKE'%$find%'"); // display results while($result = mysql_fetch_array( $data )) { echo $result['fname']; echo " "; echo $result['sname']; echo "<br>"; echo $result['sno']; echo "<br>"; echo "<br>"; } //Counts number or results and display message if there we're non $anymatches=mysql_num_rows($data); if ($anymatches == 0) { echo "Sorry, but we can not find an entry to match your query<br><br>"; } //And we remind them what they searched for echo "<b>Searched For:</b> " .$find; } ?> Any ideas? Thanks in advance Hi I am finding that I get a random LDAP search fail the initial time i run a script against 2008R2 when I refresh all is ok ? PHP 5.2.5 get the same thing with the latest version of PHP. any ideas ? its as if the DC is sleeping until you give it a nudge, running on 2008R2 running on vmware. Hi, Im trying to do a search engine. However, im facing this errors.. Anyone can help.. Error : Notice: Undefined variable: searching in C:\wamp\www\i-document\s.php on line 17 Thankz in advance. Code: [Select] <h2>Search Form</h2> <form name="search" method="post" action="s.php"> Seach for: <input type="text" name="find" /> in <Select NAME="field"> <Option VALUE="file_name">File Name</option> <Option VALUE="year">Year</option> <Option VALUE="downer">Owner</option> < </Select> <input type="hidden" name="searching" value="yes" /> <input type="submit" name="search" value="Search" /> </form> <?php if ($searching =="yes"){ echo "<h3>Search Results</h3><p>"; if ($find == ""){ echo "<p>Please Enter a search term"; exit; } include "config.php"; $find = strtoupper($find); $find = strip_tags($find); $find = trim ($find); $query = mysql_query("SELECT * FROM document WHERE upper($field) LIKE'%$find%'"); while($result = mysql_fetch_array($query)){ echo $result['file_ref']; echo " "; echo $result['file_name']; echo "<br>"; echo $result['owner']; echo "<br>"; echo "<br>"; } $matches=mysql_num_rows($query); if ($matches == 0){ echo "Sorry, we can not find an entry to match your query<br><br>"; } echo "<b>Searched For:</b> " .$find; } ?> Getting the following error message: Warning: mysql_fetch_array() expects parameter 1 to be resource, null given in This error occurs when I first navigate to the search page. When I put a search term in the box and click search it works fine and the error is gone. I've been trying to figure this out for days with no luck, any help you can offer would be greatly appreciated. Code: [Select] <?php require('config.php'); ?> <?php $conn = mysql_connect(SQL_HOST, SQL_USER, SQL_PASS) or die('Could not connect to MySQL database. ' . mysql_error()); mysql_select_db(SQL_DB, $conn); $result = NULL; if (isset($_GET['keywords'])) { $sql = "SELECT id, hostname, ip, clust_name, clust_ip, node_name, ". "node_ip, os, patch " . "FROM serv_main " . "WHERE MATCH (hostname,ip) " . "AGAINST ('" . $_GET['keywords'] . "' IN BOOLEAN MODE) " . "ORDER BY MATCH (hostname,ip) " . "AGAINST ('" . $_GET['keywords'] . "' IN BOOLEAN MODE) DESC"; $result = mysql_query($sql) or die('Could not perform search; ' . mysql_error()); } ?> <html> <body> <form method="get" action="search.php"> <p class="head">Type in the Server name below to search for an SLA</p> <p> <input id="searchkeywords" type="text" name="keywords" <?php if (isset($_GET['keywords'])) { echo ' value="' . htmlspecialchars($_GET['keywords']) . '" '; } ?> > <input id="searchbutton" class="submit" type="submit" value="Search"> </p> <?php echo "<h1>Search Results</h1>\n"; if ($result and !mysql_num_rows($result)) { if (isset($_GET['keywords'])) { $k = $_GET['keywords']; } echo "<p>No SLA for <b><font size=\"6\" color=#990000>" . $k . "</b></font> found.</p>\n"; } else { $bg = ''; //Error occurs right here********************* while ($row = mysql_fetch_array($result)) { //($row['id'], TRUE); $bg = ($bg=='F2F2FF'?'99CCCC':'F2F2FF'); $table = "<table border=\"0\" cellpadding=\"5\">"; $table .= "<tr bgcolor=\"#" . $bg . "\">" . "<td><a href=\"servedit.php?s=" . $row['id'] . "\">" . $row['hostname'] . "</a></td><td>" . $row['ip'] . "</td><td align=\"center\">" . $row['clust_name'] . "</td><td>" . $row['clust_ip'] . "</td><td>" . $row['node_name'] . "</td><td>" . $row['node_ip'] . "</td><td>" . $row['os'] . "</td><td>" . $row['patch'] . "</td></tr>"; } $table .= "</table>"; echo $table; } ?> </form> </body> </html> MOD EDIT: [code] . . . [/code] tags added. I'm working on the following assignment and keep coming up with error messages.
"Warning: require(mysqli_connect_registrar.php): failed to open stream: No such file or directory in /home/students/r/b.richards/public_html/cis231/labs/sectionresults.php on line 3 I've included the code I have and any help would be appreciated. Thank you. Assignment Directions: Introduction This lab will demonstrate how to create a dynamic form that is created from database contents. And then that form will be used to pull results from the database, based on the user's selection.
STEP 1 - Create the Database Connection File In your labs directory, define a mysql_connect.php file for the registrar database (with the student | student credentials).
STEP 2 - Create the Form Define the form as sectionsearch.php. Create a dynamic form with a drop-down menu listing available courses by title. (Note: the courseID will be the value that is posted to the results page.)
Step 3 - Create the Results page Define the results page as sectionresults.php. Present the results of the query for sections (unless there are none—then show an appropriate message). If there are results, use an HTML table (dynamically-generated) to display available sections with the following information: Faculty last name Room number Class meeting day(s) Start time End time The information should be sorted by the faculty member's last name. Note: You will need to consult the structure of the database tables to determine which fields need to be drawn from which tables and how to join the appropriate tables needed for the query. Sectionsearch.php code:
<!doctype html>
<head> <body>
<form id="form1" name="form1" method="post" action="sectionresults.php">
<p>Courses
<p>
</form> mysql_connect.php code:
<!doctype html>
//Set database connection information
//Database connection
//Set the encoding sectionresults.php code:
<?php
$cat = "";
$q = "SELECT lastame, FROM faculty WHERE registrar = $cat ORDER BY lastname ASC"; Hey All, I'm trying to add multiple word search to my site and I'm getting the following error: "mysql_num_rows(): supplied argument is not a valid MySQL result resource " I know, my search is posting because I'm getting my search terms back with the "nothing found" message I have set up. Here's what I have: Code: [Select] $search = $_POST["search"]; $arraySearch = explode(" ", $search); $arrayFields = array(0 => "title", 1 => "content"); $countSearch = count($arraySearch); $a = 0; $b = 0; $query = "SELECT * FROM table1 WHERE desc LIKE '$arraySearch'"; $countFields = count($arrayFields); while ($a < $countFields) { while ($b < $countSearch) { $query = $query."$arrayFields[$a] LIKE '%$arraySearch[$b]%'"; $b++; if ($b < $countSearch) { $query = $query." AND "; } } $b = 0; $a++; if ($a < $countFields) { $query = $query.") OR ("; } } $query = $query.")"; $query_result = mysql_query($query); if(mysql_num_rows($query_result) < 1) { echo '<p>No matches found for "'.$search.'"</p>'; } else { Print "<table border cellpadding=3>"; while($row = mysql_fetch_assoc($query_result)) { Print "<th>Description:</th> <td>".$row['desc']. "</td> "; } Print "</table> "; } You guys are the best, thanks so much. //get the search variable from the FORM$function_keywords = mysql_real_escape_string($_POST['function_keywords']);//trim whitespace from the stored variable$trimmed = trim($function_keywords);//separate key-phrases into keywords$trimmed_keywords = explode(" ",$trimmed);// Build SQL Query for each keyword enteredforeach ($trimmed_keywords as $trimm){// MySQL "MATCH" is used for full-text searching.//this code is ebv weird , should check out soon!$query = "SELECT * , MATCH (function_description) AGAINST ('".$trimm."') AS score FROM table_name WHERE MATCH (function_description) AGAINST ('+".$trimm."') ORDER BY score DESC "; // Execute the query to get number of rows that contain search kewords $results=mysql_query ($query,$connection); $row=""; $row =$row . mysql_fetch_array($results, MYSQL_BOTH);} $row_num=mysql_num_rows ($row); if($row_num < 1){ redirect("welcome.php?search=fail"); } else if ($row_num > 1){ ?> <html> <head> <title>Search results</title> </head> <body> <?php foreach($row as $row_result){ echo "function name : {$row_result['function_name']} --- function Description : {$row_result['function_description']}<br/><br/>"; }?> </body> </html>() IS there an error on the SQL syntax ? or its about ? : Code: [Select] $results=mysql_query ($query,$connection); $row=""; $row =$row . mysql_fetch_array($results, MYSQL_BOTH); } $row_num=mysql_num_rows ($row); I want to know how to display results from mysql database by filling in a form. but i have found a tutorial which shows typing in a text box which displays results. if i follow this tutorial will it help me to understand and create php coding to display results for my form? I've decided to rewrite one a couple of my forms, to make them more user friendly. But I am having problems returning the error. I've created an array ($e) which has the field name ($e['field_name']) for the error, but it isn't displaying any errors. Here's the code: case "contact": $e = array(); if(isset($_POST['sb'])){ $fullname = $sql->real_escape_string($_POST['fullname']); $email_a = $sql->real_escape_string($_POST['email']); $email_r = $sql->real_escape_string($_POST['email_r']); $orderid = $sql->real_escape_string($_POST['orderid']); $subject = $sql->real_escape_string($_POST['subject']); $problem = $sql->real_escape_string($_POST['problem']); # Error Message function show_error($error,$evar){ $err = ' <span style="color: #ff0000"><strong>'.$error.'</strong></span>'; return $err; } # Check for isset if(!isset($_POST['fullname'])){ $e['fullname'] = show_error('Please enter your full name',$e['fullname']); } if(!isset($_POST['email_a'])){ $e['email_a'] = show_error('Please enter your email address.',$e['email_a']); } if(!isset($_POST['email_r'])){ $e['email_r'] = show_error('Please re-enter your email address.',$e['email_r']); } if(!isset($_POST['subject'])){ $e['subject'] = show_error('Select a subject.',$e['subject']); } if(!isset($_POST['problem'])){ $e['problem'] = show_error('Describe your problem.',$e['problem']); } if(isset($_POST['email']) AND isset($_POST['email_r']) AND $email_a != $email_r){ $e['email_r'] = show_error('Your email addresses do not match.',$e['email_r']); } } $content = '<h2> Customer Support - Contact</h2> <p> For technical support, sales and product related questions: <a href="'.$tech_support.'" target="_blank">Technical Support</a>.</p> <p> For downloading, ordering, refund or other store related questions, please fill out the form below:</p> <form method="post" name="csupport"> <p> Please enter your full name:<br /> <input name="fullname" type="text" value="'.$fullname.'" />'.$e['fullname'].'</p> <p> Please enter your email address:<br /> <input name="email_a" type="text" value="'.$email_a.'" />'.$e['email_a'].'<br /> Please re-enter your email address:<br /> <input name="email_r" type="text" value="'.$email_r.'" />'.$e['email_r'].'</p> <p> Please enter your order number:<br /> <input name="orderid" type="text" value="'.$orderid.'" /></p> <p> Please select a subject for your enquiry:<br /> <select name="subject"><option selected="selected" value="">--Select--</option><option value="Billing Question">Billing Question</option><option value="Cancel / Refund Order">Cancel / Refund Order</option><option value="Download Question">Download Question</option><option value="Password Issues">Password Issues</option><option value="Order Question">Order Question</option><option value="Shipping Question">Shipping Question</option><option value="Other">Other</option></select>'.$e['subject'].'</p> <p> Describe your problem as best you can:<br /> <textarea cols="45" name="problem" rows="4">'.$problem.'</textarea>'.$e['problem'].'</p> <p> <input name="sb" type="hidden" value="sb" /><input name="submit" type="submit" value="Submit" /></p> </form> '; $title = 'Contact Support'; break; Can anyone see what the problem is? Thanks Hi, I was wondering could anyone help me here please, I'm pretty stuck and not sure what's wrong. I have also posted this topic on Daniweb if that is OK as I'm kind of stuck for time on this (If I'm not allowed post on multiple forums this can be deleted). I have a database that contains files and I want to be able to search those files by putting in a ID number into a textbox on my homepage of a website I'm working on. In my databse my doc_id is the primary key, and I want the user to be able to enter a document ID and have all the information returned to them. Can anyone help me here as I don't understand why it isn't working? Here is the code as it is at the moment - Code: [Select] <?php include 'connect_db.php'; include 'newheader.php'; function sanitize_data($data) { $data = array_map('trim',$data); $data = array_map('strip_tags',$data); $data = array_map('htmlspecialchars',$data); $data = array_map('mysql_real_escape_string',$data); return $data; } $post = sanitize_data($_POST); if (isset($_POST['searchID'])) { $find = $_POST['find']; $find = strtoupper($find); $find = strip_tags($find); $find = trim ($find); $field = $_POST['field']; $data = mysql_query("SELECT * FROM tc_tool.forms WHERE upper(".$field.") LIKE'%$find%'") or die(mysql_error()); while ($result = mysql_fetch_array( $data )) { echo $result['doc_number']; echo " "; echo $result['doc_title']; echo " "; echo "<br>"; echo "<br>"; } ?> The error returned to me is this - Incorrect parameter count in the call to native function 'upper' Here is the code to my button too if it is any use - Code: [Select] <body onLoad = "documentNumber.focus()"> <input type= "text" id= "documentNumber" name= "searchbyequipmenttype" class= "eSearchFormInput"/> <input type= "submit" name= "searchID" value="Search By Doc ID" /><br /> And I have no idea why it is, can anyone help if possible? I have tried it a few ways so if needed I'll post the other ways I've tried it. Thanks if anyone can help I just changed around my database and as such I need to update my search form. The way it used to work was a user could use the search bar to look for actors. In changing my database there in no longer a actor column, there are how ever actor_1, actor_2 ... until actor_7. What I am trying to do it set it up so my form looks the same but the back end will look in all the actor columns for the name. So when a user selects actor from the drop down menu it will look in all 7 actor columns. Here is what i had before that worked. for the search bar Code: [Select] <form action="/search.php" method="post"> <span class="rulesub">Search: </span><input type="text" name="search"> <select size="1" name="dropdown"> <option value="" selected>Search by...</option> <option value="title">Title</option> <option value="actors">Actors</option> <option value="difficulty">Difficulty 1-5</option> </select> <input type="Submit" value="Search" name="Submit"> </form> for the search page Code: [Select] $connect = mysql_connect('localhost', $username, $password) or die ("Unable to connect to host"); mysql_select_db($database) or die ("Unable to connect to database"); $search = empty($_POST['search'])? die ("Please enter search criteria.") : mysql_escape_string($_POST['search']); $dropdown = empty($_POST['dropdown'])? die ("Please select from search criteria.") : mysql_escape_string($_POST['dropdown']); $query = mysql_query("SELECT * FROM movie WHERE $dropdown Like '%$search%'") or die (mysql_error()); if(mysql_num_rows($query) == 0) { printf("Could not find $search while looking in $dropdown, please try again."); //exit; } else{ $num=mysql_numrows($query); mysql_close($connect); ?> Output thanks hi im new to these stuff and appreciate any help.
im creating a simple form with 1 textbox and a search button. when the button is pressed a select query should run and check the mysql database and list that result on that same page. For example, lets say there is a textbox named Lastname, then the search button should search mysql and list down the last name matching that name.
Form code :
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Search</title> </head> <body> <form action="post.php" method="GET"> <input type="text" name="query" /> <input type="submit" value="Search" /> </form> </body> </html>Any help? I need to show the result right bellow the button, and if no match found it should display an error : no match found thanks I Have been working on this search for for a while which is working but lacks a few feature i wanna add. 1st is if the make/model/price is empty i want to search the whole db I have attached the php file Also each card has a image and need help adding these to the search. the images are located in a uploads folder Iv grafted hard on this and need some help Also is this the correct way to process a form search? Hello!To search in a table from my database i use this: mysql_connect ("localhost", "","") or die (mysql_error()); mysql_select_db (""); $key = $_POST['key']; $sql = mysql_query("select * from internet_securitate where nume_produs like '%$key%'"); while ($row = mysql_fetch_array($sql)){ echo 'Produs ID: '.$row['internet_securitateID']; echo '<br/> Denumire Produs: '.$row['nume_produs']; echo '<br/> Descrie '.$row['descriere']; echo '<br/> Disponibilitate: '.$row['disponibilitate_produs']; echo '<br/><br/>'; } can i expand this to searh in 3 tables? :-? I have a search form and have set up php, but at the moment its not making the correct searches, what am i doing wrong. Help is appreciated. heres my php code: Code: [Select] <?php $server = ""; // Enter your MYSQL server name/address between quotes $username = ""; // Your MYSQL username between quotes $password = ""; // Your MYSQL password between quotes $database = ""; // Your MYSQL database between quotes $con = mysql_connect($server, $username, $password); // Connect to the database if(!$con) { die('Could not connect: ' . mysql_error()); } // If connection failed, stop and display error mysql_select_db($database, $con); // Select database to use // Query database $result = mysql_query("SELECT * FROM Properties"); // Set up our error check and result check array $error = array(); $results = array(); // First check if a form was submitted. // Since this is a search we will use $_GET if (isset($_GET['search'])) { $searchTerms = trim($_GET['search']); $searchTerms = strip_tags($searchTerms); // remove any html/javascript. if (strlen($searchTerms) < 10) { $error[] = "Search terms must be longer than 10 characters."; }else { $searchTermDB = mysql_real_escape_string($searchTerms); // prevent sql injection. } // If there are no errors, lets get the search going. if (count($error) < 1) { $searchSQL = "SELECT sid, sbody, stitle, sdescription FROM simple_search WHERE "; // grab the search types. $types = array(); $types[] = isset($_GET['images'])?"`simages` LIKE '%{$searchTermDB}%'":''; $types[] = isset($_GET['Location'])?"`sLocation` LIKE '%{$searchTermDB}%'":''; $types[] = isset($_GET['Number of bedrooms'])?"`snumberofbedrooms` LIKE '%{$searchTermDB}%'":''; $types = array_filter($types, "removeEmpty"); // removes any item that was empty (not checked) if (count($types) < 1) $types[] = "`simages` LIKE '%{$searchTermDB}%'"; // use the body as a default search if none are checked $andOr = isset($_GET['matchall'])?'AND':'OR'; $searchSQL .= implode(" {$andOr} ", $types) . " ORDER BY `sLocation`"; // order by title. $searchResult = mysql_query($searchSQL) or trigger_error("There was an error.<br/>" . mysql_error() . "<br />SQL Was: {$searchSQL}"); if (mysql_num_rows($searchResult) < 1) { $error[] = "The search term provided {$searchTerms} yielded no results."; }else { $results = array(); // the result array $i = 1; while ($row = mysql_fetch_assoc($searchResult)) { $results[] = "{$i}: {$row['sLocation']}<br />{$row['sNumberofbedrooms']}<br />{$row['sbody']}<br /><br />"; $i++; } } } } function removeEmpty($var) { return (!empty($var)); } if (!$result) { echo "Error running query:<br>"; trigger_error(mysql_error()); } elseif(!mysql_num_rows($result)) { // no records found by query. echo "No records found"; } else { $i = 0; echo '<div class="container" style="float:left;">'; while($row = mysql_fetch_array($result)) { // Loop through results $i++; echo '<div class="imageholder" style="float:left;">'; echo '<img class="image1" src="'. $row['images'] .'" />'; //image echo '</div>'; echo '<div class="textholder" style="font-family:helvetica; font-size:13px; float:left; padding-top:10px;">'; echo "<span style=\"color:green;\"><b>Displaying record $i<br>\n</b><br></span>"; echo "<b>" . $row['id'] . "</b><br>\n"; // Where 'id' is the column/field title in the database echo "Location: ". $row['Location'] . "<br>\n"; // Where 'location' is the column/field title in the database echo "Property Type: ". $row['Property_type'] . "<br>\n"; // as above echo "Bedrooms: ". $row['Number_of_bedrooms'] . "<br>\n"; // .. echo "Purchase Type: ". $row['Purchase_type'] . "<br>\n"; // .. echo "Price: ". $row['Price_range'] . "<br>\n"; // .. echo '</div>'; echo '<div style="clear:both"></div>'; } echo '</div>'; } mysql_close($con); // Close the connection to the database after results, not before. ?> Hello, I have coded a contact form in PHP and I want to know, if according to you, it is secure! I am new in PHP, so I want some feedback from you. Moreover, I have also two problems based on the contact form. It is a bit complicated to explain, thus, I will break each of my problem one by one. FIRST:The first thing I want to know, is if my contact form secure according to you: The HTML with the PHP codes: Code: [Select] <?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { //Assigning variables to elements $first = htmlentities($_POST['first']); $last = htmlentities($_POST['last']); $sub = htmlentities($_POST['subject']); $email = htmlentities($_POST['email']); $web = htmlentities($_POST['website']); $heard = htmlentities($_POST['heard']); $comment = htmlentities($_POST['message']); $cap = htmlentities($_POST['captcha']); //Declaring the email address with body content $to = 'alithebestofall2010@gmail.com'; $body ="First name: '$first' \n\n Last name: '$last' \n\n Subject: '$sub' \n\n Email: '$email' \n\n Website: '$web' \n\n Heard from us: '$heard' \n\n Comments: '$comment'"; //Validate the forms if (empty($first) || empty($last) || empty($sub) || empty($email) || empty($comment) || empty($cap)) { echo '<p class="error">Required fields must be filled!</p>'; header ('refresh= 3; url= index.php'); return false; } elseif (filter_var($first, FILTER_VALIDATE_INT) || filter_var($last, FILTER_VALIDATE_INT)) { echo '<p class="error">You cannot enter a number as either the first or last name!</p>'; return false; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { echo '<p class="error">Incorrect email address!</p>'; return false; } elseif (!($cap === '12')){ echo '<p class="error">Invalid captcha, try again!</p>'; return false; } else { mail ($to, $sub, $body); echo '<p class="success">Thank you for contacting us!</p>'; } } ?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <p>Your first name: <span class="required">*</span></p> <p><input type="text" name="first" size="40" placeholder="Ex: Paul"/></p> <p>Your last name: <span class="required">*</span></p> <p><input type="text" name="last" size="40" placeholder="Ex: Smith"/></p> <p>Subject: <span class="required">*</span></p> <p><input type="text" name="subject" size="40" placeholder="Ex: Contact"/></p> <p>Your email address: <span class="required">*</span></p> <p><input type="text" name="email" size="40" placeholder="Ex: example@xxx.com"/></p> <p>Website:</p> <p><input type="text" name="website" size="40" placeholder="Ex: http//:google.com"/></p> <p>Where you have heard us?: <span class="required">*</span></p> <p><select name="heard"> <option>Internet</option> <option>Newspapers</option> <option>Friends or relatives</option> <option>Others</option> </select></p> <p>Your message: <span class="required">*</span></p> <p><textarea cols="75" rows="20" name="message"></textarea></p> <p>Are you human? Sum this please: 5 + 7 = ?: <span class="required">*</span></p></p> <p><input type="text" name="captcha" size="10"/></p> <p><input type="submit" name="submit" value="Send" class="button"/> <input type="reset" value="Reset" class="button"/></p> </form> SECOND PROBLEM:If a user has made a mistake, he gets the error message so that he can correct! However, when a mistake in the form occurs, all the data the user has entered are disappeared! I want the data to keep appearing so that the user does not start over again to fill the form. THIRD: When the erro message is displayed to notify the user that he made a mistake when submitting the form, the message is displaying on the top of the page. I want it to appear below each respective field. How to do that? In JQuery it is simple, but in PHP, I am confusing! |
|||||||