This question already has answers here:
search data from html input in mysql
(2 answers)
Closed 1 year ago.
I am trying to search the username from table by using form method in HTML with submit button, and what i really want is that when user write his email address in input box and press submit, the query should echo username associated with that email address.
But the problem is that when I press search button, it is showing all the usernames on that table instead of only one. My table "payments" containing the following values: id, product id, payer_email, username, password.
My code is as under. Thanks in advance.
<?php
// Database Connection String
$con = mysql_connect($db_hostname,$db_username,$db_password);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db($db_database, $con);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title></title>
</head>
<body>
<form action="" method="post">
Search: <input type="text" name="term" /><br />
<input type="submit" value="Submit" />
</form>
<?php
if (!empty($_REQUEST['term'])) {
$term = mysql_real_escape_string($_REQUEST['term']);
$sql = "SELECT * FROM payments WHERE payer_email LIKE '%".$term."%'";
$r_query = mysql_query($sql);
while ($row = mysql_fetch_array($r_query)){
echo 'Username: ' .$row['username'];
}
}
?>
</body>
</html>
try this
<?php
if (!empty($_REQUEST['payer_email'])) {
$term = mysql_real_escape_string($_REQUEST['payer_email']);
$sql = "SELECT * FROM payments WHERE payer_email ='{$term}'";
$r_query = mysql_query($sql);
$row = mysql_fetch_assoc($r_query)
echo 'Username: ' .$row['username'];
}
?>
Related
I have connected my website to my database successfully when i submit the form it goes through but nothing is getting inserted into the database.
Code Below:
<?php
if( $_POST )
{
$con = mysql_connect("server","user","pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("buycruisesdb", $con);
$users_name = $_POST['name'];
$users_email = $_POST['email'];
$users_name = mysql_real_escape_string($users_name);
$users_email = mysql_real_escape_string($users_email);
$query = "
INSERT INTO `website_subscribers`(`name_sub`, `email_sub`) VALUES ([$users_name],[$users_email])";
mysql_query($query);
echo "<h2>Thank you for subscribing!</h2>";
echo $query;
echo $users_name;
echo $users_email;
mysql_close($con);
}
?>
buycruisesdb = database
website_subscribers = table inside the database
name_sub/email_sub = columns inside the table
the form html is below:
!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<form action="php/subscriber.php" id="form" method="post" name="form">
<input id="name_sub" name="name" placeholder="Name" type="text">
<input id="email_sub" name="email" placeholder="Email" type="text">
<input type="submit" value="Submit" name="f_submit">
</form>
</body>
</html>
Not sure exactly why this is not inputing anyone have an idea?
it says that it is inserting the proper values and into the proper tables
Image
Square brackets are not valid in MySQL queries. You should be using quotes around the strings.
$query = "INSERT INTO `website_subscribers` (`name_sub`, `email_sub`) VALUES ('$users_name', '$users_email')";
change it to:
$query = "
INSERT INTO website_subscribers (name_sub,email_sub) VALUES ('".$users_name."','".$users_email."') ";
just copy the code and try it out
I have written a very simple PHP to search for a record in a field on MySQL database and return all details for that field.
Unfortunately, every time I enter the number to search for anything, nothing comes back, not even any errors.
My Code below:
<?php
mysql_connect("localhost", "root", "") or die("cant connect to db");
mysql_select_db("db name")or die("cant connect.....");
$output='';
//collect
if(isset($_POST['search'])){
$searchq=$_POST['search'];
$query = mysql_query("SELECT * FROM register WHERE licence LIKE '%$searchq%'") or die("cant search....");
$count = mysql_num_rows($query);
if($count==0){
$output='no results';
} else {
while($row=mysql_fetch_array($query)){
$fdriver=$row['driver'];
$flicence=$row['licence'];
$fofficer=$row['officer'];
$fspeed=$row['speed'];
$ffine=$row['fine'];
$fcategory=$row['category'];
$output.='<div> '.$fdriver.' '.$flicence.' '.$fspeed.' '.$ffine.' '.$fcategory.'</div>';
}
}
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Search</title>
</head>
<body>
<h3>Search</h3>
<p>You have to enter your number to search</p>
<form method="post" action="search_start.php" >
<input type="text" name="name">
<input type="submit" name="submit" value="Search">
</form>
<?php print("$output"); ?>
</body>
</html>
first change the name of your textbox to search
<input type="text" name="search">
second your query should be like this
$query = mysql_query("SELECT * FROM register WHERE licence LIKE '%".$searchq."%'");
You're checking $_POST['search'], so the name of your text element field should be changed to search.
<input type="text" name="search">
I have written this code to create a search form and get results from mysql table:
<?
$db_hostname = 'localhost';
$db_username = 'root';
$db_password = '';
$db_database = 'jatc_university_j32';
// Database Connection String
$con = mysql_connect($db_hostname, $db_username, $db_password);
if (!$con) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db($db_database, $con);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title></title>
</head>
<body>
<form action="" method="post">
Search: <input type="text" name="FieldValue" /><br />
<input type="submit" value="Submit" />
</form>
<?
if (!empty($_REQUEST['FieldValue'])) {
$FieldValue = mysql_real_escape_string($_REQUEST['FieldValue']);
$result = mysqli_query($con, "SELECT Fieldvalue from #__rsform_submission_values WHERE FieldName = 'candidatname'");
while ($row = mysqli_fetch_array($result)) {
echo $row;
echo "<br>";
}
}
?>
</body>
</html>
In my database table I have FieldName: candidatname, candidatsurname and FieldValue: John, Wayne etc.
I want to search entering a name and return the other details for this candidate
Anyway when I run code nothing happens
Can you please check if I am doing wrong something because I get the same result in a lot of trials
1.Nothing happens beacuse you are using <? ?> for php, but you should use <?php ?>
2.Your form method is post then you should check variblae like this on form submit:
if (!isset($_POST['FieldValue']))
3. "SELECT Fieldvalue from #__rsform_submission_values WHERE FieldName = 'candidatname'"
instead of candidatename, give the value that you got from the form:
"SELECT Fieldvalue from #__rsform_submission_values WHERE FieldName = '".$FieldValue."'" <BR>
4. <input type="submit" value="Submit" /> add a name property to this like:
<input type="submit" value="Submit" name="Submit"/>
and it will work, i tested after applying these changes!
Try this:
<?php
$formpartone = <<<EODformpartone
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title></title>
</head>
<body>
<form action="{$_SERVER['PHP_SELF']}" method="get">
Search: <input type="text" name="FieldValue" value=""/><br />
<input type="submit" value="Submit" />
</form>
EODformpartone;
$formparttwo = <<<EODformparttwo
</body>
</html>
EODformparttwo;
if (!isset($_GET["FieldValue"]))
{
echo $formpartone;
echo $formparttwo;
}
ELSE {
function search_candidate(){
$host = "localhost";
$user = "root";
$password = "";
$database = "jatc_university_j32";
$searchstring = $_GET["FieldValue"];
$link = mysqli_connect($host, $user, $password, $database);
IF(!$link){
echo ('unable to connect to database');
}
ELSE {
$query = "SELECT candidatename, candidatesurname
FROM (
SELECT c.SubmissionID,
max(CASE WHEN c.FieldName='candidatename' THEN c.Fieldvalue ELSE 0 END) AS 'candidatename',
max(CASE WHEN c.FieldName='candidatesurname' THEN c.Fieldvalue ELSE 0 END) AS 'candidatesurname'
FROM mf2sn_rsform_submission_values as c
GROUP BY c.SubmissionID
) a
WHERE a.candidatename LIKE '".$searchstring."' OR a.candidatesurname LIKE '".$searchstring."'";
$result = mysqli_query($link, $query);
echo "<table>";
while($row = mysqli_fetch_array($result, MYSQLI_BOTH)){
echo "<tr><td>".$row['candidatename']."</td><td>".$row['candidatesurname']."</td></tr>";
} echo "</table>";
}
mysqli_close($link);
}
echo $formpartone;
echo search_candidate();
echo $formparttwo;
}
?>
Sample table mysql
CREATE TABLE candidates
(
id int auto_increment primary key,
SubmissionID int,
FieldName varchar(20),
Fieldvalue varchar(30)
);
INSERT INTO candidates
(SubmissionID, FieldName, Fieldvalue)
VALUES
(1,'candidatename','Bob'),
(1,'candidatesurname', 'Smith'),
(2,'candidatename','Jack'),
(2,'candidatesurname', 'Doe');
SQLFiddle demo of the sample data
You should look into the validation and sanitation of the search string to avoid SQL injection. And what to do when no candidates are found with the name you inserted. However, I think for now it is important to test if everything works.
I want to enter data into my mysql db but into a specific row, when the user enters a number and clicks a button. For example, if the user logged in, is called 'user', then the data which is entered will go into a column called 'ticket' which is in the same row as the username 'user'.
I have written the code for it to go into the db but in a new row:
Code for page which user enters the data:
<?php require('check.php')?>
<html>
<head>
<title><?php echo $row['username']; ?> Profile</title>
</head>
<body>
<p style="float: right">LOG OUT</p>
<?php
include ('connect.php');
$user_id= $_SESSION['id'];
$sql = "SELECT username FROM user WHERE user_id = '$user_id'";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
$uname = mysql_fetch_array($result);
$user_id= $_SESSION['id'];
$sql = "SELECT email FROM user WHERE user_id = '$user_id'";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
$uemail = mysql_fetch_array($result);
echo "Hello" . " " . $uname['username'];
?>
<h1>Choose ticket Amount</h1>
<hr />
<form method="post" action="addticket.php">
<label for="elliegoulding">Ellie Goulding Ticket Amount: </label>
<input type="text" name="elliegoulding" max="3" maxlength="3" /><br />
<br />
<input type="submit" value="Add ticket"/>
<br />
<hr />
<div id="footer">
</div>
</form>
</body>
</html>
Code for php page which processes information and adds to db:
<?php
$elliegoulding = $_REQUEST["elliegoulding"];
$linkme = mysql_connect("mysql.cms.gre.ac.uk","ta210","*****");
if (!$linkme)
die ("Could not connect to database");
mysql_select_db("mdb_ta210", $linkme);
$query = "INSERT INTO user (ticket) VALUES ('$elliegoulding, Ellie Goulding Tickets')";
mysql_query ($query, $linkme)
or die ("Ticket purchase failed.");
echo ("You have just bought $elliegoulding Ellie Goulding tickets");
mysql_close($linkme);
?>
Like I said the above code works and enters it into the database but just into a new row.
Any help or suggestions would be great.
INSERT will only add a new row and you don't want that. You need to UPDATE the row.
Something along the line of... :
$query = 'UPDATE user SET ticket="Ellie Goulding rocks!" WHERE username="'.$user.'"';
Make sure that username is unique (can't have 2 "Pierre" in your database or both users will get updated).
This question already has answers here:
How can I get a PHP value from an HTML form?
(2 answers)
Closed 1 year ago.
I am currently trying to complete a project where the specifications are to use a search form to search through a packaging database. The database has lots of variables ranging from Sizes, names, types and meats. I need to create a search form where users can search using a number of different searches (such as searching for a lid tray that is 50 cm long).
I have spent all day trying to create some PHP code that can search for info within a test database I created. I have had numerous amounts of errors ranging from mysql_fetch_array errors, boolean errors and now currently my latest error is that my table doesn't seem to exist. Although i can enter data into it (html and php pages where I can enter data), I don't know what is causing this and I have started again a few times now.
Can anyone give me some idea or tips of what I am going to have to do currently? Here is just my small tests at the moment before I move onto the actual sites SQL database.
Creation of database:
<body>
<?php
$con = mysql_connect("localhost", "root", "");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
if (mysql_query("CREATE DATABASE db_test", $con))
{
echo "Database created";
}
else
{
echo "Error creating database: " . mysql_error();
}
mysql_select_db("db_test", $con);
$sql = "CREATE TABLE Liam
(
Code varchar (30),
Description varchar (30),
Category varchar (30),
CutSize varchar (30),
)";
mysql_query($sql, $con);
mysql_close($con);
?>
</body>
HTML search form page:
<body>
<form action="form.php" method="post">
Search: <input type="text" name="term" /><br />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
The PHP code I am using to attempt to gather info from the database
(I have rewritten this a few times, this code also displays the "table.liam doesn't exist")
<body>
<?php
$con = mysql_connect ("localhost", "root", "");
mysql_select_db ("db_test", $con);
if (!$con)
{
die ("Could not connect: " . mysql_error());
}
$sql = mysql_query("SELECT * FROM Liam WHERE Description LIKE '%term%'") or die
(mysql_error());
while ($row = mysql_fetch_array($sql)){
echo 'Primary key: ' .$row['PRIMARYKEY'];
echo '<br /> Code: ' .$row['Code'];
echo '<br /> Description: '.$row['Description'];
echo '<br /> Category: '.$row['Category'];
echo '<br /> Cut Size: '.$row['CutSize'];
}
mysql_close($con)
?>
</body>
try this out let me know what happens.
Form:
<form action="form.php" method="post">
Search: <input type="text" name="term" /><br />
<input type="submit" value="Submit" />
</form>
Form.php:
$term = mysql_real_escape_string($_REQUEST['term']);
$sql = "SELECT * FROM liam WHERE Description LIKE '%".$term."%'";
$r_query = mysql_query($sql);
while ($row = mysql_fetch_array($r_query)){
echo 'Primary key: ' .$row['PRIMARYKEY'];
echo '<br /> Code: ' .$row['Code'];
echo '<br /> Description: '.$row['Description'];
echo '<br /> Category: '.$row['Category'];
echo '<br /> Cut Size: '.$row['CutSize'];
}
Edit: Cleaned it up a little more.
Final Cut (my test file):
<?php
$db_hostname = 'localhost';
$db_username = 'demo';
$db_password = 'demo';
$db_database = 'demo';
// Database Connection String
$con = mysql_connect($db_hostname,$db_username,$db_password);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db($db_database, $con);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title></title>
</head>
<body>
<form action="" method="post">
Search: <input type="text" name="term" /><br />
<input type="submit" value="Submit" />
</form>
<?php
if (!empty($_REQUEST['term'])) {
$term = mysql_real_escape_string($_REQUEST['term']);
$sql = "SELECT * FROM liam WHERE Description LIKE '%".$term."%'";
$r_query = mysql_query($sql);
while ($row = mysql_fetch_array($r_query)){
echo 'Primary key: ' .$row['PRIMARYKEY'];
echo '<br /> Code: ' .$row['Code'];
echo '<br /> Description: '.$row['Description'];
echo '<br /> Category: '.$row['Category'];
echo '<br /> Cut Size: '.$row['CutSize'];
}
}
?>
</body>
</html>
You're getting errors 'table liam does not exist' because the table's name is Liam which is not the same as liam. MySQL table names are case sensitive.