How can I get the pagination to work here?

Question

I'm fairly new to coding, so I'm open to critique as well as help. I'm trying to apply pagination to my search results. I have returned the results I need, applied the limit and managed to get the pagination controls to present properly. However, when I select "next" or "previous" the pages have no results on. I'm sure there is something fundamentally wrong, but I just can't spot it.

?php
include_once("db_connex.php");
if (isset ($_POST ['search']))  {
    $searchq = $_POST ['search'];
    $count_query = mysql_query("SELECT * FROM activejobs WHERE jobtitle LIKE '%$searchq%' OR region LIKE '%$searchq%' AND status= '1'");
    $count = mysql_num_rows($count_query);
    // pagination starts here
    if (isset($_GET['page'])) {
      $page = pre_replace("#[^0-9]#","",$_GET['page']);
    }
    else {
       $page = 1;
    }

    $perPage = 3;
    $lastPage = ceil($count / $perPage);

    if ($page < 1) {
       $page = 1;
    } 
    else if ($page > $lastPage) {
       $page = $lastPage;
    }

    $limit = "LIMIT " . ($page - 1) * $perPage. ", $perPage";
    $query = mysql_query("SELECT * FROM activejobs WHERE jobtitle LIKE '%$searchq%' OR region LIKE '%$searchq%' AND status= '1' ORDER BY jobid DESC $limit");
 }
 if ($lastPage != 1) {
    if ($page != $lastPage) {
       $next = $page + 1;
       $pagination .= '<a href="jobsearch.php?page='.$next.'">Next</a>';
    }

    if ($page != 1) {
       $prev = $page - 1;
       $pagination .= '<a href="jobsearch.php?page='.$prev.'">Previous</a>';
    }
 }

 while ($row = mysql_fetch_array($query)) {
        $jobtitle = $row['jobtitle'];
        $region = $row['region'];
        $salary = $row['salary'];
        $jobdescription = $row ['jobdescription'];
        $joburl = $row ['joburl'];

        $output .= '<div id= "searchresults"><a href = "http://www.nursestation.co.uk/jobdetails.php?id=' . $jobid . '"><div id= "applybutton">Details</div></a><font id= "resultstitle">'.$jobtitle.'&nbsp-&nbsp'.$region.'&nbsp-&nbsp'.$salary.'</font><br>'.$jobdescription.'</div>';
 }

?>

Answer 1

This kinds of if-else hell:

// pagination starts here
if (isset($_GET['page'])) {
  $page = pre_replace("#[^0-9]#","",$_GET['page']);
}
else {
   $page = 1;
}

can be solved like this (default it at start):

// pagination starts here
$page = 1;
if (isset($_GET['page'])) {
  $page = pre_replace("#[^0-9]#","",$_GET['page']);
}

or even this (if you feel adventurous):

$page = (isset($_GET['page']) ? pre_replace("#[^0-9]#","",$_GET['page']) : 1);

Making a lot of If-else is easy at start and hard later, so keep it simple by reducing when you have nothing to do. Making your code smaller in a step closer to any solution.

Also this is common:

...
while ($row = mysql_fetch_array($query)) {
   $jobtitle = $row['jobtitle'];
   $region = $row['region'];
...

Why assigning $jobtitle to $row['jobtitle']; ? It doesnt make your code easier, it just adds more code and making you read harder. Give $row['X'] directly.

Also, as @ojovirtual stated you need to pass "$search" parameter everytime, otherwise your entire code block will be ignored ("$search" is not set)

Finally, when working with MySQL you need to check the values you feed your queries with, in this example the $searchq. A malicious coder could make the $searchq look like a part of the query. There is a simple fix for that:

Instead of plain:

$count_query = mysql_query("SELECT * FROM activejobs WHERE jobtitle LIKE '%$searchq%' OR region LIKE '%$searchq%' AND status= '1'");

make it a habit doing this:

$searchq = mysql_real_escape_string($searchq);
$count_query = mysql_query("SELECT * FROM activejobs WHERE jobtitle LIKE '%$searchq%' OR region LIKE '%$searchq%' AND status= '1'");

Not a universal solution but a starter before dive into new technologies as a starter. This is a must for fields like username, password etc.

Finally, change from:

if (isset ($_POST ['search']))  {
    $searchq = $_POST ['search'];

to:

if (isset ($_GET['search']))  {
    $searchq = $_GET['search'];

Answer 2

You need to pass search again in your next and previuos buttons. A quick fix would be:

Change $_POST to $_REQUEST:

if (isset ($_REQUEST ['search']))  ...

Add the search to your next and previousbuttons:

$pagination.= '<a href="jobsearch.php?search='.urlencode($_REQUEST["search"]).'&page='.$next.'">Next</a>';

Same with the previous button.

As someone stated, you should do some input sanitation before any database query.