html - PHP mySQL search not working -
<?php $username = "root"; $password = ""; $hostname = "localhost"; $db_handle = mysql_connect($hostname, $username, $password) or die ("could not connect database"); $selected= mysql_select_db("login", $db_handle); $output=''; if(isset($_post['search'])){ $searchq = $_post['search']; $query= "select * php_item name '%searchq%' or description '%serachq%'" or die ("could not search"); $result= mysql_query($query); $count= mysql_num_rows($result); echo $count; if($count <1){ $output = 'there no search results'; }else{ while($row = mysql_fetch_array($query)){ $mname = $row['name']; $price = $row['price']; $id= $row['itemid']; $output .= '<div>'.$mname.' '.$price.'</div>'; } } } ?> <!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-strict.dtd"><!-- <!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-strict.dtd"> --><!-- <!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-strict.dtd"> --><!-- <!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-strict.dtd"> --><!-- <!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" <html> <head> <title>movie search-search movie</title> </head> <body> <form action="search.php" method="post"> <input type="text" name="search" placeholder="find movies..."/> <input type="submit" value="search movies"/> </form> <?php print("$output");?> </body> </html> im trying impliment search bar on website users can enter name of movie , return movies same or similar name user's search.
the database being searched has 3 fields-->> itemid, name, description. keep getting 0 results 'there no search results' output. ideas problem is?
there few issues code.
firstly, left out dollar signs variables, technically-speaking, searching "searchq" or "serachq" literal strings. "serachq" being typo mentioned below.
'%searchq%' or description '%serachq%' as per $searchq = $_post['search'];
plus, made typo in word serachq in like '%serachq%'
rewrite:
'%$searchq%' or description '%$searchq%' - checking errors have spotted those.
your or die ("could not search"); in query, doesn't help. see note below adding or die(mysql_error()) mysql_query().
then line:
while($row = mysql_fetch_array($query)) that should referencing $result in $result= mysql_query($query); , not $query
while($row = mysql_fetch_array($result)) add error reporting top of file(s) find errors.
<?php error_reporting(e_all); ini_set('display_errors', 1); // rest of code sidenote: error reporting should done in staging, , never production.
also add or die(mysql_error()) mysql_query().
you have seems commented out code in html, , broken; double-check in:
<!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-strict.dtd"><!-- <!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-strict.dtd"> --><!-- <!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-strict.dtd"> --><!-- <!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-strict.dtd"> --><!-- <!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" which break page.
just change whole block
<!doctype html>
your present code open sql injection. use prepared statements, or pdo prepared statements, they're safer.
conditional statements options:
this line: if(isset($_post['search'])) changed to
if( isset($_post['search']) && !empty($_post['search']) ) in order make sure input wasn't left empty.
or simply:
if( !empty($_post['search']) )
Comments
Post a Comment