data from my sql query not being displayed

Question

Hi the search from my form doesn't bring though the data from the table in MySQL database.

e.g. i want to search for postcode and bring back: name, address, contact number, postcode.

can any one help me find what is wrong in my code as im pretty new to PHP and MySQL

here is my table entries from phpmyadmin

Reference, Name, Line1, Line2, Line3, Line4, Line5, Postcode, Tel, Mobile, Fax, Email

Form

<td><form action="searchresults.php" method="post" name="form1" id="form1">
  <table width="100%" border="0" cellspacing="1" cellpadding="3">
    <tr>
      <td colspan="3"><strong>Find a Active Physio</strong></td>
    </tr>
    <tr>
      <td width="100">Physio Reference</td>
      <td width="301"><input name="PhysioReference" type="text" id="PhysioReference" /></td>
    </tr>
    <tr>
      <td>Name of Physio</td>
      <td><input name="Physio" type="text" id="Physio" /></td>
    </tr>
    <tr>
      <td>Contact Number</td>
      <td><input name="Number" type="text" id="Number" /></td>
    </tr>
    <tr>
      <td>Address</td>
      <td><input name="PhysiosAddress" type="text" id="PhysiosAddress" /></td>
    </tr>
    <tr>
      <td>Postcode</td>
      <td><input name="postcode" value="" type="text" id="postcode" />
        <input type="submit" name="submit" value="Search" /></td>
    </tr>
    <tr>
      <td>Physios Email</td>
      <td><input name="PhysiosEmail" type="text" id="PhysiosEmail" /></td>
    </tr>
    <tr>
      <td colspan="3" align="center">&nbsp;</td>
    </tr>
   </table>
   </form></td>

search results

<?php

require_once('auth.php');

$host=""; // Host name 
$username=""; // Mysql username
$password=""; // Mysql password 
$db_name=""; // Database name 
$tbl_name="Physio"; // Table name 

 // Connect to server and select database.
   mysql_connect($host, $username, $password)or die("cannot connect"); 
   mysql_select_db($db_name)or die("cannot select DB");

    if(!isset($_POST['postcode'])) {
  header ("location:index.php");
 }
 $search_sql="SELECT * FROM `Physio` WHERE Postcode like '%".$_POST['postcode']."%'";
 $search_query=mysql_query($search_sql);
 $search_rs= mysql_num_rows($search_query) ;
 echo "<p> Results </p>" ;
  if ($search_rs > 0)
   {
  echo "<p>".$search_rs['Postcode'] ."</p>" ;

   } else {
   echo "NO Results found";
   }
   ?>

Answer 1

You are receiving just amount of results (see mysql_num_rows() manual page), not results itself. Use mysql_fetch_array() instead:

$search_sql = "SELECT * FROM `Physio` WHERE Postcode like '%" . $_POST['postcode'] . "%'";
$search_query = mysql_query($search_sql);
$search_rs = mysql_fetch_array($search_query);

After this, you can check if something is returned by:

if (!empty($search_rs))
{
   // Results found
}
else
{
   // Nothing found...
}

And by the way, passing $_POST value directly to SQL code is huge security issue, at least escape it with mysql_real_escape_string().

EDIT: To receive multiple results:

$search_sql = "SELECT * FROM `Physio` WHERE Postcode like '%" . $_POST['postcode'] . "%'";
$search_query = mysql_query($search_sql);

while ($search_rs = mysql_fetch_array($search_query))
{
   echo $search_rs['Postcode'] . '<br>';
}

Answer 2

Try change this: echo $_POST ['{postcode']; To this: echo $_POST ['postcode'];

I cant really see what the { should be doing in your code :)

Answer 3

you should get the values with mysql_fetch_assoc() (or mysql_fetch_array or mysql_result()):

 if ($search_rs > 0)
 {
   $search_row = mysql_fetch_assoc($search_query);
   echo "<p>".$search_row['Postcode'] ."</p>" ;

 } else {
   echo "NO Results found";
 }

also this line has a syntax error:

echo $_POST['{postcode'] ;

should be echo $_POST['postcode'] ;