Forum Moderators: coopster
Prev 1 2 3 Next
So everything works up to here. But when i click on the next link the data is not passed on to the next page so no sqlquery is executed and no results are shown. I know there are a number of methods to do this e.g. store query in session, use hidden input fields, pass query as variable in the address bar using the next links (like google) but i dont know how to implement this in my code specifically and need guidance and help as its my first time. I'll show some of my code below to show my structure.
This is search.php which contains the form.
//starts as
echo "<form enctype=\"text\" action=results.php METHOD=POST>\n";
//some dropdownboxes filled by database and some are not e.g.
echo "<tr>\n";
echo "<td class=\"classadd1\"><div class=\"maininputleft\">cat</div></td>\n";
echo "<td class=\"classadd2\">\n";
echo "<select name=\"catid\" style=\"width:200px;\" onchange=\"changecat(this.options[this.selectedIndex].value)\">$optionsforcatdb</select>";
echo "</td></tr>\n";
etc.....
//The submit button.
echo "<tr>\n";
echo "<td class=\"classadd1\"></td>\n";
echo "<td class=\"classadd2\"><div class=\"mainmenu\"><br>\n";
echo "<input type=\"hidden\" name=\"in[searchmode]\" value=\"advanced\">\n";
echo "<input type=submit value=submit><br>\n";
echo "</div></td>\n";
echo "</tr>\n";
echo "</form>\n";
Then come my results page called results.php starts a follows:
if ($in[searchmode]=="advanced"){
//validation here for form field
//build query using the form field data submited
}
//pagination and sql query for pagination using the above built query inputed data via the form goes here.
// while loop to display information via an sqlquery using LIMIT feature for pagination and displays relevant information here.
**End of Code**
what i would like to know is how i can pass information onto the second page i am happy with using sessions and hidden fields but am not sure about providing the query in the link field as i think this will be security risk due to sql injection attacks.
I though i'd give a last attempt here on this forum before i scrap the pagination all together and just let them see it all on 1 page lol like 100s of rows.
Thanx guys you know your the best. Very sorry for the long post.
page.php?q=search_terms&page=1
And you shouldn't worry about SQL injection. If you properly use mysql_real_escape_string [php.net]() on the input variables, you should be fine (which you should be using anyway).
in regards to passing it in the URI i am trying to do that but am having a bit of a problem.
so say the data inputed by the form are as follows.
name of field in form is in[location] result is $in[location]
so say selected location is Alabama, should the URI look like this.
page.php?inlocation=$in[location]&offset=$offset&poffset=$poffset
this shows the page uri as page.php?inlocation=Alabama&offset=5&poffset=0
but it still doesn't display any results on the second page. Any ideas why? I think it maybe the inlocation= in the uri it needs to be something else but i don't know what?
So i can pass it across using the uri but i don't know what to pass each field as.
Another thing is that i may need to pass in[searchmode] as advanced in the uri in order for the code to be executed but i don't know what to call it in the uri same problem as above.
page.php?inlocation=$in[location]&offset=$offset&poffset=$poffset
You must take special care when you have an array in the string. Something like this would be more appropriate:
echo '<a href="page.php?inlocation=[b]'.$in['location'].'[/b]&offset=$offset&poffset=$poffset">link</a>';
otherwise the string won't be correct.
Does anyone know how to store the query in a session?
Otherwise my users will have to see all results on 1 page is that such a bad thing?
You shouldn't give up yet; it's more simple than I think you are making it out to be. If you want, post the code that leads up to your query. With that, we should be able to get you somewhere :)
if ($in[searchmode]=="advanced") {
########################START#VALIDATION###############################
//my validation for the form goes here
#######################END#VALIDATION##################################
if ($in[catid] ¦¦ $in[subcatid] ¦¦$in[location] ¦¦ $in[text] ¦¦ $in[field1] ¦¦ $in[field2] ¦¦ $in[field3] ¦¦ $in[field4]) {
$sqlquerya=" WHERE 1=1";
if ($in[catid]) {
$sqlquerya.=" AND catid='$in[catid]'";
}
if ($in[subcatid]) {
$sqlquerya.=" AND subcatid='$in[subcatid]'";
}
if ($in[location]) {
$sqlquerya.=" AND location='$in[location]'";
}
//and so on for the other fields to build the search query...
$sqlquerya.=" AND deleted!='1'";
$showresult=0;
$sqlquery="SELECT * FROM tablename".$sqlquerya.$sqlqueryb.$sqlqueryc;
$result = mysql_query($sqlquery); or died(mysql_error());
$kk = mysql_fetch_array($result);
if ($kk) {
$sqlquery = $sqlquerya;
$sqlquery2 = $sqlqueryb;
$sqlquery3 = $sqlqueryc;
} else {
header("search.php");
}
}
$nsqlquery=rawurlencode(stripslashes($sqlquery));
$nsqlquery2=rawurlencode(stripslashes($sqlquery2));
$nsqlquery3=rawurlencode(stripslashes($sqlquery3));
# Calculate Page-Numbers
#################################################################################################
if (empty($perpage)) $perpage = 5;
if (empty($pperpage)) $pperpage = 5;
if (empty($offset)) $offset = 0;
if (empty($poffset)) $poffset = 0;
$sql = "SELECT count(*) FROM tablename".stripslashes($sqlquery.$sqlquery2.$sqlquery3);
$amount = mysql_query("$sql") or died("SQL Error: $sqlquery");
$amount_array = mysql_fetch_array($amount);
$pages = ceil($amount_array["0"] / $perpage);
$actpage = ($offset+$perpage)/$perpage;
$maxpoffset = $pages-$pperpage;
$middlepage=($pperpage-1)/2;
if ($maxpoffset<0) {$maxpoffset=0;}
$from_result=$offset+1;
$to_result=$offset+$perpage;
if ($to_result>$amount_array[0]) {$to_result=$amount_array[0];}
echo "<a href=\"results.php\" onmouseover=\"window.status='home'; return true;\"
onmouseout=\"window.status=''; return true;\">home</a> / Search Results $from_result-$to_result ($amount_array[0]) <br>\n";
if ($pages) { // print only when pages > 0
if ($offset) {
$noffset=$offset-$perpage;
$npoffset = $noffset/$perpage-$middlepage;
if ($npoffset<0) {$npoffset = 0;}
if ($npoffset>$maxpoffset) {$npoffset = $maxpoffset;}
echo "[<a href=\"results.php?offset=$noffset&poffset=$npoffset\" onmouseover=\"window.status='Go to previous Page'; return true;\"
onmouseout=\"window.status=''; return true;\"><</a>]\n";
}
for($i = $poffset; $i< $poffset+$pperpage && $i < $pages; $i++) {
$noffset = $i * $perpage;
$npoffset = $noffset/$perpage-$middlepage;
if ($npoffset<0) {$npoffset = 0;}
if ($npoffset>$maxpoffset) {$npoffset = $maxpoffset;}
$actual = $i + 1;
if ($actual==$actpage) {
echo "(<a href=\"results.php?offset=$noffset&poffset=$npoffset\" onmouseover=\"window.status='Go to next Page'; return true;\"
onmouseout=\"window.status=''; return true;\">$actual</a>)\n";
} else {
echo "[<a href=\"results.php?offset=$noffset&poffset=$npoffset\" onmouseover=\"window.status='Go to this Page'; return true;\"
onmouseout=\"window.status=''; return true;\">$actual</a>]\n";
}
}
if ($offset+$perpage<$amount_array["0"]) {
$noffset=$offset+$perpage;
$npoffset = $noffset/$perpage-$middlepage;
if ($npoffset<0) {$npoffset = 0;}
if ($npoffset>$maxpoffset) {$npoffset = $maxpoffset;}
echo "[<a href=\"results.php?offset=$noffset&poffset=$npoffset\" onmouseover=\"window.status='Go to next Page'; return true;\"
onmouseout=\"window.status=''; return true;\">></a>]\n";
}
}
###then the sqlquery to show the results####
$sqlquery = "SELECT * FROM tablename".stripslashes($sqlquery.$sqlquery2.$sqlquery3)." LIMIT $offset, $perpage";
$result = mysql_query("$sqlquery") or died("SQL Error: $sqlquery");
while ($db = mysql_fetch_array($result)) {
####show the ads here in the loop
}// End the while
}
Thanx a lot for trying to help eelixduppy. I've got it all worked out in my head theoretically but cant seem to implement it.
function strip_array ($in) {
reset($in);
while ($array=each($in)) {
$ckey=$array['key'];
$cvalue=$array['value'];
$cvalue = str_replace("'", "''", $cvalue);
$cvalue = stripslashes($cvalue);
$cvalue = strip_tags($cvalue);
$out[$ckey] = $cvalue;
}
return $out;
}
In my form I use the POST method it looks as follows.
//starts as
echo "<form enctype=\"text\" action=results.php METHOD=POST>\n";
//some dropdownboxes filled by database and some are not e.g.
echo "<tr>\n";
echo "<td class=\"classadd1\"><div class=\"maininputleft\">cat</div></td>\n";
echo "<td class=\"classadd2\">\n";
echo "<select name=\"in[catid]\" style=\"width:200px;\" onchange=\"changecat(this.options[this.selectedIndex].value)\">$optionsforcatdb</select>";
echo "</td></tr>\n";
etc.....
//The submit button.
echo "<tr>\n";
echo "<td class=\"classadd1\"></td>\n";
echo "<td class=\"classadd2\"><div class=\"mainmenu\"><br>\n";
echo "<input type=\"hidden\" name=\"in[searchmode]\" value=\"advanced\">\n";
echo "<input type=submit value=submit><br>\n";
echo "</div></td>\n";
echo "</tr>\n";
echo "</form>\n";
As you can see in the form I have defined the name of the drop downbox as in[catid] which is then used as $in[catid] in the results.php page.
Hope this helps you to help me. Thanx for your time eelix.
If you quickly read this thread on pagination [webmasterworld.com] you will see how this can quite easily be achieved. The only difference in your case would be that the searched item is dynamic, in which case you'd also have to pass the search query in the URI, as well, which doesn't change much or the code itself--just a line or two.
Using this example and the idea, see what you can come up with from what you already have.
