I have been trying to filter my data according to the c_type = "Engineering' and search keyword in the search box. The searching part is working fine but the query is not working it displays the whole result.
This is for filtering my result
$query1 = mysqli_query($conn, "SELECT * FROM col_details WHERE c_type = 'Engineering' and c_name LIKE '%{$name}%' OR location LIKE '%{$name}%' ");
I am trying to display all the results in my col_details table with c_type is Engineering and c_name or location is taken from the Search Box.
The search box code is working fine but it's displaying all data and not the data with c_type = 'Engineering'.
Any help appreciated.
Thanks.
Your OR clause should be wrapped in brackets,
Try this:
$query1 = mysqli_query($conn, "SELECT * FROM col_details WHERE c_type = 'Engineering' and (c_name LIKE '%{$name}%' OR location LIKE '%{$name}%') ");
Hope it helps.
Related
I am trying to make a web application and I would like to search in a mysql database with a php script.
But my code does not work as expected.
Here is my code:
$search=$_POST['search'];
$sql_cautare="SELECT * FROM carti WHERE titlu = "$search"";
I have search form..and I want to select those values that are entered in the search form.
Can anyone help me?
Try this one
$sql_cautare = $conn->prepare("SELECT * FROM carti WHERE titlu = ?");
$sql_cautare->bind_param('s', $search);
$sql_cautare->execute();
The following should work:
$sql_cautare = "SELECT * FROM carti WHERE titlu = '$search'";
But you should definitly do some input sanitization before using it in SQL!
I have a search engine which is pretty straight forward. The query is below.
$sql = "SELECT * FROM events WHERE eventname LIKE '%".$_POST["search"]."%'
OR place LIKE '%".$_POST["search"]."%'
OR country LIKE '%".$_POST["search"]."%'
OR date LIKE '%".$_POST["search"]."%'
LIMIT 40";
But, Problem with this is this,
if I put the 'eventname' in search-box it is okay and it saws data from eventname column correctly. Or if I search only for place or country or date individually, it shows data correctly. But, if I search (FOR EXAMPLE) for both eventname and place together search results shows nothing. Using this query what are the changes I have to make to get it working?
Additionally I want to say that I have seen some of the query like "MATCH ... AGAINST". Though I don't want to use that, but if there are no other way what could be that "MATCH...AGAINST" query for this?
Here is my full code. They are straight forward. And I am working on a weird client's project and he want it to be like this and security is not a fact for him. So, you might notice some security issue which will be solved later. but the query first.
<?php
include_once("admin/connection/db.php");
$output = '';
$sql = "SELECT * FROM events WHERE eventname LIKE '%".$_POST["search"]."%'
OR place LIKE '%".$_POST["search"]."%'
OR country LIKE '%".$_POST["search"]."%'
OR date LIKE '%".$_POST["search"]."%'
OR date AND country LIKE '%".$_POST["search"]."%'
OR date AND place LIKE '%".$_POST["search"]."%'
OR date AND eventname LIKE '%".$_POST["search"]."%'
LIMIT 40";
$result = mysqli_query($db, $sql);
if(mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_array($result)) {
$output .= "<a class='search-result' href='".$row["link_pdf"]."'><li><i class='fa fa-trophy'> </i> ".$row["eventname"].'<br/>'.date('Y-m-d', strtotime($row["date"])).' || '.$row["place"].', '.$row["country"].'<img src="logos/'.$row["country"].'.png" width="30px" height="18px;" /></li></a>';
}
echo $output;
}else {
echo "<li>No Data Found Macthing Your Query</li>";
}
?>
Here is the link where you can check it directly
http://speed-timing2.6te.net/
I believe your search query term is for example "event_name place_name" and in this case your query will not work. You can use FULLTEXT search instead.
For example
at first set fulltext index for eventname, place, country field as those are string fields.
$sql = "SELECT * FROM (
SELECT *, MATCH (eventname, place, country) AGAINST ('".$_POST["search"]."' IN BOOLEAN MODE) AS score
FROM events
ORDER BY score DESC
) AS temp
WHERE temp.score>0 OR temp.date LIKE '%".$_POST["search"]."%'
";
Please check manual here http://dev.mysql.com/doc/refman/5.7/en/fulltext-boolean.html
I am trying to gather information from several columns in an SQL DB and feed this into PHP form.
The PHP and embedded SQL query i am running at present is as follows:
< ?php
$region = $_POST['region'];
$serach = "Select clm_england, clm_ireland, clm_scotland, clm_wales
FROM tbl_data
WHEN clm_england LIKE '%$region'
OR clm_ireland LIKE '%$region'
OR clm_scotland LIKE '%$region'
OR clm_wales LIKE '%$region'";
$result = mysql_query($search);
if(!$result) {
echo "Failed:" . mysql_error();
}
? >
I need the query to see clm_england has england in this column and return the result if this is what is searched for. the search form has an option to search for each region or non at all. I am struggling to find a way to return the results based on the region selected to search for or return all results if no region is selected.
You use WHEN and not WHERE in your request :
Select clm_england, clm_ireland, clm_scotland, clm_wales
FROM tbl_data
WHERE clm_england LIKE '%$region'
OR clm_ireland LIKE '%$region'
OR clm_scotland LIKE '%$region'
OR clm_wales LIKE '%$region'
I'm trying to follow this pagination tutorial http://www.phpfreaks.com/tutorial/basic-pagination to add pagination to my search page i've built. The following line from the tutorial:
$sql = "SELECT COUNT(*) FROM numbers";
I need it to count based on rows which match user inputted data that's being pulled in from a small form. This is the working query i was running before trying to add pagination
$raw_results = mysql_query("SELECT * FROM Pictures WHERE (`RimWidth` LIKE '%".$RimWidth."%') AND (`TyreWidth` LIKE '%".$TyreWidth."%') AND (`Aspect` LIKE '%".$Aspect."%') AND (`TyreDia` LIKE '%".$TyreDia."%') AND (`TyreMan` LIKE '%".$TyreMan."%')") or die(mysql_error());
I'm unsure how i can add this. I've tried this:
$sql = mysql_query("SELECT COUNT FROM Pictures WHERE (`RimWidth` LIKE '%".$RimWidth."%') AND (`TyreWidth` LIKE '%".$TyreWidth."%') AND (`Aspect` LIKE '%".$Aspect."%') AND (`TyreDia` LIKE '%".$TyreDia."%') AND (`TyreMan` LIKE '%".$TyreMan."%')") or die(mysql_error());
But it just errors out.
How do i need to format the query?
You are getting an error using COUNT instead of COUNT(expression), so you have to change your query so that you use SELECT COUNT(*) as in the first example you gave.
EDIT That's how you can get the exact count:
$query = "SELECT COUNT(*) FROM Pictures WHERE (`RimWidth` LIKE '%".$RimWidth."%') AND (`TyreWidth` LIKE '%".$TyreWidth."%') AND (`Aspect` LIKE '%".$Aspect."%') AND (`TyreDia` LIKE '%".$TyreDia."%') AND (`TyreMan` LIKE '%".$TyreMan."%')";
$result = mysql_query($query) or die(mysql_error());
$count = mysql_fetch_row($result);
COUNT(*) - skipped what to count.
Basically if your query is working but you need to get the count instead of actual data you should be good with replacing the columns you're trying to select with the COUNT(*)
One more thing. The result of your last code line is not the string itself. It's the resource that can be used to fetch the count you need.
Problem solved
The answer was
$query = "SELECT manager FROM tablename WHERE manager='$manager'";
Subtle difference, but removing the dots before and after $manager was the answer.
Credit to PHPFreaks.com
I had this;
<?php include 'dbdetails.php';
$id = mysql_real_escape_string($_GET['id']);
$query = 'SELECT `column` FROM `tablename` WHERE `id` = '.$id.' ';
$result = mysql_query($query);
$row = mysql_fetch_array($result);
echo $row['column'];
?>
(taken from here)
This works fine if I am solely working with an ID, however I have repeated values in the column I need to work with so ID will not work for what I am trying to achieve.
Essentially I am trying to create pages on the fly using the Manager column as the query as opposed to the ID.
What would be the correct way to achieve this? I presume DISTINCT comes into play?
I am aiming for;
Micky Adams
as my structure, where it fetches all instances of Micky Adams or whichever manager name is set up as the anchor.
If you changed it to:
$manager = $_GET['manager'];
$query = 'SELECT `column` FROM `tablename` WHERE `manager` = '.$manager.' ';
Wouldn't that achieve what you want? If you had more than one instance of the manager DISTINCT only partly helps depending how your data is actually stored.