CODEWITHSUNDEEP
phpmysqlsearch
cableguy
cableguy

Reputation: 51

PHP mysql $_POST search Issue

I am unable to get my search function working. I am not seeing any PHP errors, but the page refreshes and re-displays the database columns. I would like it to only display the results from the search query.

For example, if I search "Mike" I would like to display all the Mikes in "Tech_Num", "Tech_F_Name", "Tech_L_Name" and "Mobile_Num".

Code:

<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');

//Include the connection
include "connect.php";

$sql = "SELECT * FROM tech_info ";

if (isset($_POST['searchquery'])) {

    $result = mysqli_query($con, "SELECT * FROM tech_info");
    $search_term = $_POST['searchquery'];
    $sql .= "WHERE Tech_F_Name = '{$search_term}'";
    $sql .= " OR Tech_L_Name = '{$search_term}'";
}
?>

<form action="test2.php" method="POST">
    Search: <input type="text" name="searchquery" />
    <input type="submit" name="searchname" value="Search Me">
</form>

<table width="70%" cellpadding="5" cellspace="5">

    <tr>
        <td><strong>Tech_Num</strong></td>
        <td><strong>First Name</strong></td>
        <td><strong>Last Name</strong></td>
        <td><strong>Mobile Number</strong></td>
    </tr>

<?php
while ($row = mysqli_fetch_array($result)) {
    ?>

        <tr>
            <td><?php echo $row['Tech_Num']; ?>
            <td><?php echo $row['Tech_F_Name']; ?>
            <td><?php echo $row['Tech_L_Name']; ?>
            <td><?php echo $row['Mobile_Num']; ?>


<?php } ?>

</table>

Upvotes: 1

Views: 493

Answers (3)

Marco Chirico
Marco Chirico

Reputation: 65

i think you are so confused about this script :-) If you want search in some database coloumns, you try to write something like that:

include "connect.php";

$sql = "SELECT * FROM tech_info ";


if (isset($_POST['searchquery'])) {


$search_term = $_POST['searchquery'];

$sql .= "WHERE Tech_F_Name = '{$search_term}'";

$sql .= " OR Tech_L_Name = '{$search_term}'";

}

$result = mysqli_query($con, $sql);

while ($row = mysqli_fetch_array($result)) {}

Upvotes: 0

user2879327
user2879327

Reputation: 

<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');

//Include the connection
include "connect.php";

$sql = "SELECT * FROM tech_info ";

if (isset($_POST['searchquery'])) {
    $search_term = mysql_real_escape_string($_POST['searchquery']);
    $sql .= "WHERE Tech_F_Name = '{$search_term}'";
    $sql .= " OR Tech_L_Name = '{$search_term}'";



}
$result = mysqli_query($con, $sql);
?>

Your stuff was in the wrong order, need to build the sql query before you use it.

Upvotes: 5

dkasipovic
dkasipovic

Reputation: 6120

Your order of operations seems wrong. You should first create the $sql variable, and then send it to database? Something like: 

if (isset($_POST['searchquery'])) {

  $search_term = $_POST['searchquery'];

  $sql .= "WHERE Tech_F_Name = '{$search_term}'";

  $sql .= " OR Tech_L_Name = '{$search_term}'";

  $result = mysqli_query($con, $sql);

}

Also, for starters, replace:

$search_term = $_POST['searchquery'];

with

$search_term = mysql_real_escape_string($_POST['searchquery']);

Upvotes: 1

Related Questions