Forums
This topic is locked
no results display when I search mysql
Posted 20 Mar 2007 06:11:29
1
has voted
20 Mar 2007 06:11:29 Amanda Rojas posted:
Hello!When I search mysql database using the following code all I get is a white page. No results indicating there was any error or indication that the database or table couldn't be selected. What am I doing wrong? Any and all help will be greatly appriecated!
Thank you,
Amanda
<?php
DEFINE ('DB_USER', 'manda');
DEFINE ('DB_PASSWORD', '*****');
DEFINE ('DB_HOST', '**.***.**.***');
DEFINE ('DB_NAME', 'products');
$dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() );
@mysql_select_db (DB_NAME_ OR die ('Could not select the database; ' .
mysql_error() );
$search=$_POST["search"];
//get the mysql and store them in $result
//change whatevertable to the mysql table you're using
//change whatevercolumn to the column in the table you want to search
$result = mysql_query("SELECT * FROM products WHERE item number LIKE '%$search%'"
;//grab all the content
while($r=mysql_fetch_array($result))
{
//the format is $variable = $r["nameofmysqlcolumn"];
//modify these to match your mysql table columns
$image=$r["title"];
$item number=$r["message"];
$title=$r["who"];
$description=$r["date"];
$price=$r["time"];
//display the row
echo "$image <br> $item number <br> $title <br> $description | $price <br>";
}
?>
---Of course I put n the correct info for the database connection, I just substitued it when I pasted the script. All the rest of the script is exactly what I used
Replies
Replied 20 Mar 2007 16:40:49
20 Mar 2007 16:40:49 Alan C replied:
HI
try putting an echo statement in just after your query is formed, like . . .
<pre id=code><font face=courier size=2 id=code> echo $search.'<br />';</font id=code></pre id=code>
then you can see exactly what is going into the query, you may also have to re-write the query because you have single quotes around %$search% I don't think that $search will be evaluated
try
<pre id=code><font face=courier size=2 id=code> LIKE '%'.$search.'%'</font id=code></pre id=code>
another way to look at the query to make sure it is correct would be to assign it to a variable like . . .
<pre id=code><font face=courier size=2 id=code> $query ='SELECT * FROM products WHERE item number LIKE %'.$select.'%';
echo $query.'<br />';
$result=mysql_query($query);
</font id=code></pre id=code>
then take that query and use phpmyadmin to execute it directly on your tables if it doesn't work in the script.
BTW using the $_POST value directly lays you open sql injection attack - I don't know a lot about that but I've seen people saying not to use anything that comes in without checking it out first
try putting an echo statement in just after your query is formed, like . . .
<pre id=code><font face=courier size=2 id=code> echo $search.'<br />';</font id=code></pre id=code>
then you can see exactly what is going into the query, you may also have to re-write the query because you have single quotes around %$search% I don't think that $search will be evaluated
try
<pre id=code><font face=courier size=2 id=code> LIKE '%'.$search.'%'</font id=code></pre id=code>
another way to look at the query to make sure it is correct would be to assign it to a variable like . . .
<pre id=code><font face=courier size=2 id=code> $query ='SELECT * FROM products WHERE item number LIKE %'.$select.'%';
echo $query.'<br />';
$result=mysql_query($query);
</font id=code></pre id=code>
then take that query and use phpmyadmin to execute it directly on your tables if it doesn't work in the script.
BTW using the $_POST value directly lays you open sql injection attack - I don't know a lot about that but I've seen people saying not to use anything that comes in without checking it out first