Forum Moderators: mack
i am trying to create a search php page. i had make a search page like this But when i search Nothing will happen on the page only search box will be empty.
please correct it.
<?php
if (!$conn = mysql_connect('localhost', 'gks', '123456'))
die("Error: Cannot Establish Connection to Database");
if (!mysql_select_db('search'))
die("Error: Database doesn't exist");
?>
<form method="get" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<label>Enter First Name : <input type="text" name="firstname" /></label>
<input type="submit" value="Search" />
</form>
<br /><br />
<?php
if (isset($_get['name']) && $_get['name'] != NULL)
{
$result = mysql_query("SELECT * from user WHERE name LIKE " . $_get['firstname']);
if ($result)
{
echo "<table><tr><th>ID</th><th>First Name</th><th>Id</th></tr>";
while ($row = mysql_fetch_assoc($result)) {
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['firstname'] . "</td>";
echo "</tr>";
}
echo "</table>";
}
else
{
echo "Error: Something wrong with query";
}
}
mysql_close($conn);
?>
$result = mysql_query("SELECT * from user WHERE name LIKE " . $_get['firstname']);
Queries on numeric fields do not need to be quoted, text fields do. try
$query = "SELECT * from user WHERE name LIKE '" . $_get['firstname'] . "'";
$result = mysql_query($query);
Next, the like operator is usually used in conjunction with "wild cards", %, which mean " anything before"
.... LIKE '%" . $_get['firstname'] . "'";
or anything after
LIKE '" . $_get['firstname'] . "%'";
so your query would be fine with just = instead of like.
Last, you should always error check your queries:
$result = mysql_query($query) or die("cannot execute query");
This would have potentially revealed your problem.
To get at the specific mysql error,
$result = mysql_query($query) or die("cannot execute query " . mysql_error());
But be sure to remove the mysql_error from any public scripts, it will reveal info about your database.
