I try to create search system using php and sql current condition is working fine but if I want
to search for John Doe (firstname + lastname) nothing happens. I try the + between firstname and lastname but it did not work.
Condition is here:
if(isset($_POST["query"])){
$search = mysqli_real_escape_string($conn, $_POST["query"]);
$query = "
SELECT * FROM users
WHERE firstname LIKE '%".$search."%'
OR lastname LIKE '%".$search."%'
";
}
You msy try something like this (using CONCAT):
$query = "SELECT * FROM users
WHERE firstname LIKE '%".$search."%'
OR lastname LIKE '%".$search."%'
OR CONCAT(firstname,' ', lastname) LIKE '%".$search."%'";
Related
I want to include a search by D.O.B with these fields "birth_day", "birth_month"
function search_users($term, $limit = 10, $friends = false) {
$sql = "SELECT * FROM `users` WHERE
(username LIKE '%{$term}%' OR first_name LIKE '%{$term}%' OR last_name LIKE '%{$term}%' OR email_address LIKE '%{$term}%') AND bannned='0'
";
$combined = $term;
$searchfield = explode(" ", $combined);
$sql = "SELECT * FROM `users` WHERE
(username LIKE '%{$term}%' OR first_name LIKE '%{$term}%' OR last_name LIKE '%{$term}%' OR email_address LIKE '%{$term}%' OR birth_month LIKE '%{$term}%' OR birth_day LIKE '%{$searchfield[0]}%' ) AND bannned='0'
";
I would like to make "Search you'r LOGIN" like in facebook :
Eg. searching for "Stock Overflow" would return
Stack Overflow
SharePoint Overflow
Math Overflow
Politic Overflow
VFX Overflow
Eg. searching for "LO" would return:
pabLO picasso
michelangeLO
jackson polLOck
Eg. searching for username "user123" would return :
user123
user1234
and etc ...
My Database rows :
userid | username | useremail | user_fname | user_lname
I would like to make a search input that search the word in any of this rows like above examples,
Here my php till now :
$string = $purifier->purify(#$_POST['string']);
$query = "SELECT * FROM users WHERE user_fname = '".$string."' OR user_lname = '".$string."' OR username = '".$string."' OR useremail= '".$string."'";
mysql_query("SET NAMES 'utf8'");
$result2 = mysql_query($query);
$num = mysql_num_rows($result2);
if($num == 1)
{
//true
}else{
//not found nothing
}
this way is not working good , and its not return all the similar reuslts of the word that i put in search input.
plus how i return it with foreach if there is more then 1 similar result ?
Thanks allot.
Update :
Thanks all , my updated code to fix it :
$query = "SELECT * FROM users WHERE user_fname like '%".$string."%' OR user_lname like '%".$string."%' OR username like '%".$string."%' OR useremail like '%".$string."%'";
and i am not using mysql , just for the examples i had more easy to do like this..
try this
$string = $purifier->purify(#$_POST['string']);
$query = "SELECT * FROM users WHERE user_fname like '%".$string."%' OR user_lname like '%".$string."%' OR username like '%".$string."%' OR useremail like '%".$string."%'";
mysql_query("SET NAMES 'utf8'");
$result2 = mysql_query($query);
$num = mysql_num_rows($result2);
if($num == 1)
{
//true
}else{
//not found nothing
}
try this
$query = "SELECT * FROM users WHERE user_fname like '%".$string."%' OR user_lname like '%".$string."%' OR username like '%".$string."%' OR useremail like '%".$string."'%";
try this way
$query = "SELECT * FROM users WHERE user_fname LIKE '%".$string."%' OR user_lname = '%".$string."%' OR username = '%".$string."%' OR useremail= '%".$string."%'";
for info for Like keyword
Note
Please avoid mysql_... use mysqli_ or PDO
Change your query with this
$query = "SELECT * FROM users WHERE user_fname LIKE '".$string."%' OR user_lname LIKE '".$string."%' OR username LIKE '".$string."%' OR useremail LIKE '".$string."%'";
NOTE:
If you have user123 keyword and you want to make a search for all the rows that have data user123* you can apply the wildcard $string%
And in case of *user123* you can use %$string%
And in case of *user123 you can use %$string
try this:
$query = "SELECT * FROM users
WHERE user_fname LIKE '%$string%'
OR user_lname LIKE '%$string%'
OR username LIKE '%$string%'
OR useremail LIKE '%$string%'";
I have this code pretty much like a search engine within the database for peoples names.
if (isset($_POST['submit'])){
$keyword = $_POST['stats'];
$orderby = $_POST['orderby'];
if (!empty($_POST['stats'])) {
$getStats = $db->query("SELECT * FROM `stats` WHERE
`lastname` LIKE '%$keyword%' OR `firstname` LIKE '%$keyword%' OR
`nickname` LIKE '%$keyword%' ORDER BY `$orderby`
DESC");
This then prints the results back into a table, I thought the table code wasn't necessary and too long.
The above query works for if I search just the last name or just the first name, or nickname
but if there is for example a user in the database with the name, John Smith
so
Firstname: John
Lastname: Smith
If just searched 'John' he would be printed into the table, which is good and same if I just searched 'Smith'
But if I search 'John Smith' he would not be printed into the table.
How can I change this query so that this will happen, I have tried this:
$getStats = $db->query("SELECT * FROM `stats` WHERE
`firstname`, `lastname` = '$keyword' OR `lastname` LIKE '%$keyword%' OR `firstname` LIKE '%$keyword%' OR
`nickname` LIKE '%$keyword%' ORDER BY `$orderby`
DESC");
WHERE CONCAT(firstname, ' ', lastname) LIKE %$keyword%
Also you should be binding parameters rather than directly interpolating user input into the query string, your current code is vulnerable to SQL injection.
$keyword = str_replace(" ", "%", $keyword);
You can try REGEXP:
$keyword = $db->real_escape_string($_POST['stats']); // escape data
$orderby = $db->real_escape_string($_POST['orderby']); // escape data
$keyword = implode("|", explode(" ", $keyword));
$getStats = $db->query("SELECT * FROM stats
WHERE firstname REGEXP '$keyword'
OR lastname REGEXP '$keyword'
OR nickname REGEXP '$keyword'
ORDER BY $orderby DESC");
try this
$sql = "SELECT *
FROM stats
WHERE
firstname LIKE '%$keyword%'
OR lastname LIKE '%$keyword%'
OR CONCAT_WS(' ',firstname,lastname,) LIKE '%$keyword%'
OR CONCAT_WS(' ',lastname,firstname) LIKE '%$keyword%'
OR nickname LIKE '%$keyword%'
ORDER BY $orderby DESC";
I am trying to search the field firstname and lastname for a keyword
$q1 = strtolower($_GET["q"]);
$q=str_replace(" ","%",$q1);
$sql = "select DISTINCT users.*, user_id FROM users WHERE $email_filter
firstname LIKE '%$q%' OR lastname LIKE '%$q%' ORDER BY lastname";
$rsd = mysql_query($sql);
while($rs = mysql_fetch_array($rsd)) { echo $results }
this is what I have so far, issue is if you use John Doe as an example once you type John it finds it, doe it finds it, but john doe ... no results
I recommend that you bind the variables. You are exposed to sql injections otherwise.
$stmt = $mysqli->prepare("select * from users where firstname like ? AND lastname like ?");
$stmt->bind_param('ss', $firstname,$lastname);
Something like
SELECT * FROM users where CONCAT(firstname, ' ', lastname) like '%$q%'
Or
SELECT * FROM users where CONCAT_WS(' ', firstname, lastname) like '%$q%'
And if reversing is desirable, try this:
SELECT * FROM users where CONCAT_WS(' ', firstname, lastname) like '%$q%'
or CONCAT_WS(' ', lastname, firstname) like '%$q%'
(that is, if searching for "A B" should return "A B" as well as "B A")
you have to split your query string and search for each terms
$query_terms = explode(" ", $q1);
$conditions = ''
foreach($query_terms as $term){
$conditions = $conditions.' firstname LIKE "%'.$term.'%" OR lastname LIKE "%'.$term.'%"';
}
$sql = "select DISTINCT users.*, user_id FROM users WHERE $email_filter $conditions ORDER BY lastname";
So i have this PM system.
At the recipient field, You can type in the full name of who you want to write to.
So I want to help the user alittle, if he don't remember the name.
So if you want to write the full name "Megan Fox" and only know:
Megan
Megan F
Megan Fo
Meg Fo
M Fox
etc..
It will return "Did you mean Megan Fox?" This already works fine.
Now what I need In this is that if you write only Fox , with no firstname, i want it to echo "Did you mean Megan Fox?"
Here's where Im stuck, as it creates $lastname after the space. And i really don't want to use two fields for first and last.
How can I do that?
Here's my code:
list($firstname, $lastname) = array_map('ucfirst', explode(' ', $mot, 2));
$qur = mysql_query("
SELECT id, firstname, lastname,
(firstname = '$firstname' AND lastname = '$lastname') AS full FROM users
WHERE (firstname = '$firstname' AND lastname='$lastname')
OR (firstname LIKE '$firstname%' AND lastname LIKE '$lastname%')
ORDER BY (firstname = '$firstname' AND lastname='$lastname') DESC");
$get = mysql_fetch_array($qur);
if($get["full"] == 1){
echo $get["id"];
}else{
echo "Did you mean: ".$get["firstname"]." ".$get["lastname"]." ?";
}
This should work.
$qur = mysql_query("
SELECT id, firstname, lastname,
(firstname = '$firstname' AND lastname = '$lastname') AS full FROM users
WHERE (firstname = '$firstname' AND lastname='$lastname')
OR (firstname LIKE '$firstname%' AND lastname LIKE '$lastname%')
OR ('$lastname' = '' AND lastname LIKE '$firstname%')
ORDER BY (firstname = '$firstname' AND lastname='$lastname') DESC");
OR ('$lastname'='' AND lastname LIKE '$firstname%')
I guess it is better to match against single value instead of two. For example it is hard to guess where is first name and where is last as user can type Magan Fox or Fox Megan.
so query would look like this:
SELECT id, firstname, lastname, CONCAT (firstname, ' ', lastname) AS fullname
FROM `users`
WHERE firstname LIKE '{$string}%' OR lastname LIKE '{$string}%'
GROUP BY firstname, lastname
ORDER BY firstname ASC, lastname ASC