Reputation: 111
search function not working in my PHP MySQL query
I have this mysql query using PHP and first part is working fine, but second part where have search function on site simply cannot get it workable to search properly. Here is exact code:
<?
$qry = "
SELECT bidprice,timelive,match_title,
CASE
WHEN game.result LIKE '' THEN 'PENDING'
WHEN game.result LIKE 1 THEN 'WON'
END AS result
FROM game
ORDER BY timelive DESC
";
$searchText = "";
if($_REQUEST['search_text']!=""){
$searchText = $_REQUEST['search_text'];
$qry .=" WHERE game.bidprice LIKE '%$searchText%' OR game.timelive LIKE '%$searchText%'";
}
//for pagination
$starting=0;
$recpage = 10;//number of records per page
$obj = new pagination_class($qry,$starting,$recpage);
$result = $obj->result;
?>
So this part of code from above code which is considering searching my 'game' table is not working:
$searchText = "";
if($_REQUEST['search_text']!=""){
$searchText = $_REQUEST['search_text'];
$qry .=" WHERE game.bidprice LIKE '%$searchText%' OR game.timelive LIKE '%$searchText%'";
On my page I receive this error when open this page and try to search for word 'football':
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'game.bidprice like '%football%' OR game.timelive like '%football%' at line 9
This search function is working fine when put some simple SELECT statement something like: SELECT * FROM game but when done those more complex select query with CASE and WHEN statements which i need its not functioning...
Please help me with proper code for proper search function
Upvotes: 1
Views: 412
Answers (2)
Reputation: 22172
You have several errors.
First: You're putting the WHERE after the ORDER BY.
Second: Using just $searchText = $_REQUEST['search_text']; you can receive an sql injection.
Upvotes: 3
Reputation: 839224
The problem is that you can't have a WHERE clause after the ORDER BY. Your query currently looks like this:
SELECT bidprice,timelive,match_title,
CASE
WHEN game.result LIKE '' THEN 'PENDING'
WHEN game.result LIKE 1 THEN 'WON'
END AS finalization
FROM game
ORDER BY timelive DESC WHERE game.bidprice LIKE '%football%' OR game.timelive LIKE '%football%'
^^^^^^^ error
But you need it to look like this:
SELECT
bidprice,
timelive,
match_title,
CASE
WHEN game.result LIKE '' THEN 'PENDING'
WHEN game.result LIKE 1 THEN 'WON'
END AS finalization
FROM game
WHERE game.bidprice LIKE '%football%' OR game.timelive LIKE '%football%'
ORDER BY timelive DESC
You should add the ORDER BY afterwards in your PHP script. Try something like this:
$qry = "
SELECT bidprice,timelive,match_title,
CASE
WHEN game.result LIKE '' THEN 'PENDING'
WHEN game.result LIKE 1 THEN 'WON'
END AS result
FROM game
";
$searchText = "";
if ($_REQUEST['search_text']!="")
{
$searchText = mysql_real_escape_string($_REQUEST['search_text']);
$qry .= " WHERE game.bidprice LIKE '%$searchText%' " .
" OR game.timelive LIKE '%$searchText%'";
}
$qry .= " ORDER BY timelive DESC";
Upvotes: 5
Related Questions
- Search query not working
- PHP search function not retrieving results
- search from database table is not working
- Search query not working in PHP
- PHP Search Query is not working
- Php Mysql Search Issue
- Search Query don't show results
- PHP/MySQL search not working
- PHP MySQL Search Doesn't Work?
- simple php - Mysql search not working properly