How do I make $_POST act like $_GET for search queries?

Question

Basically I have a search query, which works fine if I'm using it with $_GET, but I want to use $_POST for one of them (then return with json). However I'm unsure how to accomplish this so that the search will look at each word individually...

Here's my search query...

    SELECT  DISTINCT(auto), user_id, username, first_name, last_name, email, sex, active, ppic, time_zone, adult_filter, ((CASE WHEN `username` LIKE '%$search%' THEN 2 ELSE 0 END) + (CASE WHEN `first_name` LIKE '%$search%' THEN 1 ELSE 0 END) + (CASE WHEN `last_name` LIKE '%$search%' THEN 1 ELSE 0 END)) AS relevance
FROM users, network
WHERE `username` LIKE '%$search%' OR
  `last_name`LIKE '%$search%' 
  OR `first_name` LIKE '%$search%' 
ORDER BY relevance DESC, username LIMIT 5

So basically, all I need to do is make $search = $_POST['search'] functional with this query... can anyone tell me how this is accomplished?

EDIT: Looks like I can just use $.get... (which makes a lot of sense) rather than $.post (which is what I was used to) and get the same result. Feel free to correct me if I'm wrong, however I'm going to try this out and see how it goes.

Answer 1

The short answer is that you shouldn't do this.

Now, the long answer ...

Why would you want to use $_POST for a read request in the first place? Let me introduce you to the concepts of safety and idempotence in the context of HTTP.

The HTML 2.0 spec says:

If the processing of a form is idempotent (i.e. it has no lasting observable effect on the state of the world), then the form method should be GET. Many database searches have no visible side-effects and make ideal applications of query forms.

A bit about HTTP GET

The HTTP verb GET was specifically created to retrieve a resource without any possibility of changing it. What I mean is that it's safe. It doesn’t cause any side effects. A GET request in your case should be used to get data from a database and display it. Existing HTML pages, images requests, database searches, etc. ... these are all safe requests that should be made with GET.

Meanwhile, idempotent means that executing the request 724 times will have the same effect as doing it once. An idempotent request might create something in a database the first time, but it won’t do it again or it will just return the reference to it the next time around.

The HTML spec continues ...

In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. These methods ought to be considered "safe". This allows user agents to represent other methods, such as POST, PUT and DELETE, in a special way, so that the user is made aware of the fact that a possibly unsafe action is being requested.

So, in summary, please understand that you shouldn't use POST to perform safe, read-only operations.

Answer 2

You should look into mysql match against for relevance and matching on several columns.

SELECT DISTINCT(auto), user_id, username, first_name, last_name, email, sex, active, ppic, time_zone, adult_filter, ((CASE WHEN `username` LIKE '%$search%' THEN 2 ELSE 0 END) + (CASE WHEN `first_name` LIKE '%$search%' THEN 1 ELSE 0 END) + (CASE WHEN `last_name` LIKE '%$search%' THEN 1 ELSE 0 END)) AS relevance
FROM users, network WHERE MATCH (username, first_name, last_name) AGAINST ('$search' IN BOOLEAN MODE) ORDER BY relevance DESC, username LIMIT 5;

ADV's suggestion for $_REQUEST will work for capturing post and get.

However, you asked for relevance regarding each word in the search term. Match against can do this too, but you need to select it as a column...

SELECT MATCH (username, first_name, last_name) AGAINST ('$search') AS relevance, DISTINCT(auto), user_id, ...

Don't forget to look up match against in that link I provided though. If you're new to it you will need to know a couple things - like requiring myisam tables and full text index on the columns you intend to search.

Answer 3

Use $_REQUEST - It contains the contents of $_GET, $_POST and $_COOKIE.