Search doesn't work when there's an apostrophe - php

I'm trying to make an OPAC website. Everything works fine since it's mostly just selecting from the database and displaying it. I noticed that when the book title i'm trying to search has an apostrophe, it displays nothing. If the book title doesn't contain any apostrophe it all works. I'm using mysql for my database.
<!-- {this is how i connect my datatbase} -->
<?php
include 'includes/dbh.inc.php';
?>
<!DOCTYPE <!DOCTYPE html>
<html>
<head>
<title></title>
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body>
<div id= "wrapper">
<img class="cpclogo" src="cpc.png">
<header>
<h1 class="CPC"> Colegio de la Purisima Concepcion </h1>
<h3 class="Saying"> The School of the Archdiocese of Capiz </h3>
</header>
</div>
header.php file
<?php
$dbServername = "localhost";
$dbUsername = "root";
$dbPassword = "";
$dbName = "library";
$conn = mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName);
?>
search.php file
<?php
include 'header.php'
?>
<h1 class="searchresults">Search Results:</h1>
<div class="search-container">
<?php
if (isset($_POST['submit']))
{
$search = mysqli_real_escape_string($conn, $_POST['search']);
$sql = "SELECT * FROM book WHERE Book_Title LIKE '%$search%' OR Author LIKE '%$search%' OR Call_Number LIKE '%$search%' OR Book_ID LIKE '%$search%'";
$result = mysqli_query($conn, $sql);
$queryResult = mysqli_num_rows($result);
$search = mysqli_real_escape_string($conn, $_POST['search']);
echo "<h3 class='resultcount'>There are ".$queryResult." results!</h3>";
if ($queryResult > 0)
{
while ($row = mysqli_fetch_assoc($result))
{
echo "<a href='article.php?Book_Title=".$row['Book_Title']."&id=".$row['Book_ID']."&call=".$row['Call_Number']."' class= 'search-ref'><div class=search-box>
<tr><td>".$row['Book_Title']." </td>
<td>/ ".$row['Author']."</td>
<p>".$row['Call_Number']."</p>
</div></tr><br>";
}
}
}
?>
<input class="backbtn" type="button" value="Back" onclick="history.back(-1)" />
</div>
article.php file
<?php
include 'header.php';
?>
<div class="article-container">
<?php
//Declairing Variables
$Author = "Authors: ";
$Edition = "Edition: ";
$Subject ="Subject: ";
$Summary = "Summary: ";
$Notes = "Notes: ";
$Publisher ="Publisher: ";
$Phys_Desc ="Physical Description: ";
$Call_Number ="Call Number: ";
$Book_ID = "Book ID: ";
$Title= mysqli_real_escape_string($conn, $_GET['Book_Title']);
$sql ="SELECT * FROM book WHERE Book_Title='$Title'";
$result = mysqli_query($conn, $sql);
$queryResult = mysqli_num_rows($result);
if ($queryResult > 0)
while ($row = mysqli_fetch_assoc($result))
{
echo "<div class= 'article-box'>
<h3 class='booktitle'><b>".$row['Book_Title']."</h3></b>
<p><b>$Author</b>".$row['Author']."</p>
<p><b>$Edition</b>".$row['Edition']."</p>
<p><b>$Subject</b>".$row['Subject']."</p>
<p><b>$Summary</b>".$row['Summary']."</p>
<p><b>$Notes</b>".$row['Notes']."</p>
<p><b>$Publisher</b>".$row['Publisher']."</p>
<p><b>$Phys_Desc</b>".$row['Phys_Desc']."</p>
<p><b>$Call_Number</b>".$row['Call_Number']."</p>
</div>";
}
?>
<div class="btns">
<input class="backbtn" type="button" value="Back" onclick="history.back(-1)" />
<button type="submit" id="copybtn" class= "copybtn">Copies</button>
</div>
<!-- POP-UP WINDOW -->
<div class="bg-modal">
<div class="modal-content">
<div class="close"></div>
<table class = "table">
<tr>
<th>Copy</th>
<th>Status</th>
<th>Accession Number</th>
<th>Call Number</th>
<th>Location</th>
<th>Format</th>
<th>Cost</th>
<th>Vendor</th>
<th>Fund</th>
<th>Date Acquired</th>
</tr>
<?php
$id = mysqli_real_escape_string($conn, $_GET['id']);
$call = mysqli_real_escape_string($conn, $_GET['call']);
$sql = "SELECT Copy, Status, Accession_Number, l.Location, f.Format, Cost, Vendor, u.Fund, Date_Acq
FROM copy c
INNER JOIN location l ON l.Location_Acronym = c.Location
INNER JOIN format f ON f.Format_ID = c.Format
INNER JOIN fund u ON u.Fund_ID = c.Fund
WHERE Book_ID='$id'";
$result = mysqli_query($conn, $sql);
$queryResult = mysqli_num_rows($result);
if ($queryResult > 0)
{
while ($row = mysqli_fetch_assoc($result))
{
echo "
<tr><td>".$row['Copy']."</td>
<td>".$row['Status']."</td>
<td>".$row['Accession_Number']."</td>
<td>".$call."</td>
<td>".$row['Location']."</td>
<td>".$row['Format']."</td>
<td>₱".$row['Cost']."</td>
<td>".$row['Vendor']."</td>
<td>".$row['Fund']."</td>
<td>".$row['Date_Acq']."</td></tr>
";
}
}
?>
</table>
</div>
</div>
<script src="popup.js"></script>
</body>
</html>
copies.php file
<?php
include 'header.php'
?>
<h1 class="copyresults">Copy Results:</h1>
<div class="article-container">
<table class = "table">
<tr>
<th>Barcode</th>
<th>Copy</th>
<th>Status</th>
<th>Location</th>
<th>Format</th>
<th>Vendor</th>
</tr>
<?php
{
$id = mysqli_real_escape_string($conn, $_GET['id']);
$sql = "SELECT * FROM copy WHERE Book_ID='$id'";
$result = mysqli_query($conn, $sql);
$queryResult = mysqli_num_rows($result);
if ($queryResult > 0)
{
while ($row = mysqli_fetch_assoc($result))
{
echo "
<tr><td>".$row['Barcode']."</td>
<td>".$row['Copy']."</td>
<td>".$row['Status']."</td>
<td>".$row['Location']."</td>
<td>".$row['Format']."</td>
<td>".$row['Vendor']."</td></tr>
";
}
}
}
?>
</table>


I reckon there is something fishy about this:
echo "<a href='article.php?Book_Title=".$row['Book_Title']."&id=".$row['Book_ID']."&call=".$row['Call_Number']."' class= 'search-ref'><div class=search-box>...
See that your href value is wrapped in single quotes? When you click on that link, the entire querystring will be truncated at the first single quote and this is the likely culprit.
Use: urlencode() on $row['Book_Title'] if it is the only trouble maker.
echo "<a href='article.php?Book_Title=" . urlencode($row['Book_Title']) . "&id=" . $row['Book_ID'] . "&call=".$row['Call_Number'] . "' class= 'search-ref'><div class=search-box>...
Or this might make your code more attractive (certainly more robust):
$data = [
'Book_Title' => $row['Book_Title'],
'id' => $row['Book_ID'],
'call' => $row['Call_Number']
];
echo "<a href='article.php?" . http_build_query($data) . "' class='search-ref'><div class=search-box>...

Related

link not reading underscore and text after it

I have made one site which get the name from the database and display values from the data base.
Some of my database values having underscore (_) like abc_xyz.dll
But on get method it return only abc not the whole value abc_xyz.dll (skips the underscore and values after it)
Here is two links one having vales without underscore which works http://windllfiles.com/dlldata/SDACQ32MP.dll
Here is another link which have underscore which is not working
http://windllfiles.com/dlldata/ETA_USB.dll
Here is the code
('include/config.php'); $character = '';
if(isset($_GET["character"])) {
$character = $_GET["character"];
if($character=='09'){
$query = "SELECT * FROM tbl_student WHERE student_name LIKE '0%'
or student_name LIKE '1%'
or student_name LIKE '2%'
or student_name LIKE '3%'
or student_name LIKE '4%'
or student_name LIKE '5%'
or student_name LIKE '6%'
or student_name LIKE '7%'
or student_name LIKE '8%'
or student_name LIKE '9%'
";
}else{
$character = preg_replace('#[^a-z]#i', '', $character);
$query = "SELECT * FROM tbl_student WHERE student_name LIKE '$character%'";
}
} else {
$query = "SELECT * FROM tbl_student ORDER BY RAND () LIMIT 30"; } $result = mysqli_query($connect, $query); ?> <?php
require 'include/header.php';
?>
Get Your DLL
file
<?php
$character = range('A', 'Z');
echo ' <ul class="pagination alphabet_pagination">';
echo '<li>0-9</li>';
foreach($character as $alphabet)
{
echo '<li>'.$alphabet.'</li>';
}
echo '</ul>';
?>
</div>
<table class="table table-bordered">
<tr>
<th width="auto">All DLL Files</th>
</tr>
<?php
if(mysqli_num_rows($result) > 0)
{
while($row = mysqli_fetch_array($result))
{
$name=$row["student_name"]
?>
<tr>
<td><?php echo ''.$name.'';?></td>
</tr>
<?php
}
}
else
{
?>
<tr>
<td colspan="3" align="center">Data not Found</td>
</tr>
<?php
}
?>
</table>
</div>
</div>
<p> <?php include ('include/ads.php'); ?></p> </div></div>
<div class="col-sm-3">
<?php include('include/right.php');?>
Here is the data file where I am using get method
'include/header.php'; $name = $_GET['name']; ?>
class="container-fluid"> Are you missing
File? <div
class="list-group-item list-group-item-action>
Download '.$name.'
File';?>
<?php
$query = "SELECT * FROM tbl_student WHERE student_name='$name'";
$result = mysqli_query($connect, $query);
if(mysqli_num_rows($result) > 0)
{
while($row = mysqli_fetch_array($result))
{
$id=$row["student_phone"]
?>
<li class='list-group-item'><p align="justify"><?php echo $id;?></p></li>
<?php
}
}
?>
<br/> <?php $filename = "file/".$name; $filesize = filesize($filename); $filesize =round($filesize/1024, 2);
echo "File Information:"; echo ""; echo "File
Size:  ".$filesize.''; $md5file =
md5_file($filename); echo "MD5 file
sum:  ".strtoupper($md5file).''; $sha1file =
sha1_file($filename); echo "SHA1 file
sum:  ".strtoupper($sha1file).''; ?> Download '.$name.'
File';?> Dll Missing Error Message:

PHP input inside a while loop

I have wanted to loop a set of inputs according to the database inside a while loop. But I could not define the input name correctly which ended up in, the submitted POST being empty, when checked with var_dump($_POST).
<body background="images/tl.jpg">
<div id="container">
<?php include "mysql/head.php" ?>
<div id="main">
<p align="left"> Your Staff ID : <?php echo $_SESSION['u_username'] ?></p>
<p align="left"> Your E-Mail : <?php echo $_SESSION['u_acemail']; ?></p>
<form id="sub-form" action="mysql/save_result.php/">
<center>
<table align="center" width=80% border="2" cellpadding="1" cellspacing="1">
<tr>
<th>Student Index No</th>
<th>Result</th>
<?php
include "mysql/dbconnect.php";
$batchno = $_POST['batch'] ;
$year = $_POST['y'];
$semester = $_POST['s'];
$tname = $batchno."_".$year."_".$semester;
$subcode = $_POST['subject'];
$_SESSION['batchno'] = $_POST['batch'];
$_SESSION['year'] = $_POST['y'];
$_SESSION['semester'] = $_POST['s'];
$_SESSION['tname'] = $batchno."_".$year."_".$semester;
$_SESSION['subcode'] = $_POST['subject'];
echo "Results Table Name : ".$tname;
echo "<br><br>";
echo "<b>Subject Code : ".$subcode."   Batch : ".$batchno."   Year : ".$year."   Semester : ".$semester."</b><br>";
$sql = "SELECT stindex,id FROM $tname WHERE stindex NOT LIKE '%stindex%' ORDER BY id;";
$result = mysqli_query($conn, $sql);
$check = mysqli_num_rows($result);
while ($row=mysqli_fetch_assoc($result)) {
$resultid = "result_".$row['id'];
echo "<tr><td align='center'>".$row['stindex']."</td><td align='center'><input type='text' name='$resultid'>".$resultid."</td></tr>";
}
echo "</table><br>";
echo "<b>Number of Rows Fetched : ".$check."</b><br><br>";
?>
Submit Results
`

MySQL Database in Phpmyadmin won't update and shows no Error

I'm trying to create an Edit option in the table showing the database on my website.
The problem is even when I click Save, the database is not updated.
There are no errors showing.
There's an EditComplaint.php, which fetches data from DB and shows it in input boxes so it can be edited and Ecomp.php, which is called on clicking Save.
<?php
$id = $_GET['id'];
$db_host = 'localhost'; // Server Name
$db_user = 'Username'; // Username
$db_pass = 'Username'; // Password
$db_name = 'Database'; // Database Name
$conn = mysqli_connect($db_host, $db_user, $db_pass, $db_name);
if (!$conn) {
die ('Failed to connect to MySQL: ' . mysqli_connect_error());
}
$sql = "SELECT `id`, `ref_no`, `type`, `comp_name`, `comp_no`, `station`, `pertains`, `user_remarks`, `to_whom`, `concern`, `brief_fct`, `sec_remarks`, `depart`, `cisf_remarks`, `generalcomment`, `status` FROM `Complaintstable` WHERE `Complaintstable`.`id` = '$id'";
$query = mysqli_query($conn, $sql);
if (!$query) {
die ('SQL Error: ' . mysqli_error($conn));
}
?>
<html>
<head>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<link href="https://fonts.googleapis.com/css?family=Titillium+Web|Roboto+Condensed:400,300|Pathway+Gothic+One|ABeeZee:400,400italic" rel="stylesheet" type="text/css">
<link href="master-stylesheet.css" rel="stylesheet">
<link href="custom-stylesheet.css" rel="stylesheet">
<link href="complaintstable.css" rel="stylesheet">
<link href="dmrc-favicon.png" rel="shortcut icon" type="image/x-icon">
<title>DMRC/Login</title>
</head>
<body>
<form action="Ecomp.php" id="form1" method="post" name="form1">
<!-- header section -->
<div class="header">
<div class="header-inner">
<div class="header-top">
<div class="welcome-guest">
<span class="align-right float-right" id="lblusername" style="color:Black;">Guest</span><em><span class="welcome-cont float-right fontfamily_2" id="lblwelcome" style="padding-left:5px;padding-right:5px;color:black;">Welcome</span></em>
</div>
<div class="header-top-links">
<ul>
<li>
Home
</li>
</ul>
</div>
</div>
<div class="header-bottom">
</div>
</div>
</div>
<div class="container clearfix">
<br><br>
<table class="data-table">
<thead>
<tr>
<th>ID</th>
<th>Referral/No.</th>
<th>Type</th>
<th>Complainant Name</th>
<th>Station</th>
<th>Pertains To</th>
<th>User Remarks</th>
<th>To Whom</th>
<th>Concern</th>
<th>Brief Fact</th>
<th>Security Comments</th>
<th>Deptt</th>
<th>CISF Comments</th>
<th>General Comment</th>
<th>Status</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<?php
$i = 0;
while($row = $query->fetch_assoc())
{
$id = $row['id'];
$ref_no = $row['ref_no'];
$type = $row['type'];
$comp_name = $row['comp_name'];
$station = $row['station'];
$pertains = $row['pertains'];
$user_remarks = $row['user_remarks'];
$to_whom = $row['to_whom'];
$concern = $row['concern'];
$brief_fct = $row['brief_fct'];
$sec_remarks = $row['sec_remarks'];
$depart = $row['depart'];
$cisf_remarks = $row['cisf_remarks'];
$generalcomment = $row['generalcomment'];
$status = $row['status'];
if ($i == 0)
{
$i++;
echo "<tr>";
echo "<td><input type='text' name='id' value='$id'/></td>";
echo "<td><input type='text' name='ref_no' value='$ref_no'/></td>";
echo "<td><input type='text' name='type' value='$type'/></td>";
echo "<td><input type='text' name='comp_name' value='$comp_name'/></td>";
echo "<td><input type='text' name='station' value='$station'/></td>";
echo "<td><input type='text' name='pertains' value='$pertains'/></td>";
echo "<td><input type='text' name='user_remarks' value='$user_remarks'/></td>";
echo "<td><input type='text' name='to_whom' value='$to_whom'/></td>";
echo "<td><input type='text' name='concern' value='$concern'/></td>";
echo "<td><input type='text' name='brief_fct' value='$brief_fct'/></td>";
echo "<td><input type='text' name='sec_remarks' value='$sec_remarks'/></td>";
echo "<td><input type='text' name='depart' value='$depart'/></td>";
echo "<td><input type='text' name='cisf_remarks' value='$cisf_remarks'/></td>";
echo "<td><input type='text' name='generalcomment' value='$generalcomment'/></td>";
echo "<td><input type='text' name='status' value='$status'/></td>";
echo "<td><a href='delete.php?id=$id' class='button-new'>Delete</a></td>";
echo "</tr>";
}
echo '<br><br>';
}
?>
</tbody>
</table>
<br><br>
<input type="submit" class="button-new" value="Save"/>
</div>
<div class="footer">
<div class="footer-top">
<div class="footer-top-inner">
<ul>
<li>
FAQs
</li>
<li>
Contact Us
</li>
<li>
Disclaimer
</li>
<li>
Terms & Conditions
</li>
</ul>
</div>
</div>
<div class="footer-bottom fontfamily_2">
<div class="footer-bottom-inner">
<div class="float-left footer-text">
</div>
</div>
</div>
</div>
</form>
</body>
</html>
And Here's the Ecomp.php that Save calls
<?php
$db_host = 'localhost'; // Server Name
$db_user = 'Username'; // Username
$db_pass = 'Username'; // Password
$db_name = 'Database'; // Database Name
// Create connection
$con = mysqli_connect($servername, $username, $password) or die("Unable to Connect to '$dname'");
// Check connection
if (!$con)
{
echo "Please try later.";
}
else
{
mysqli_select_db($con, $dname);
}
$id = $_POST['id'];
$ref_no = $_POST['ref_no'];
$type = $_POST['type'];
$comp_name = $_POST['comp_name'];
$station = $_POST['station'];
$pertains = $_POST['pertains'];
$user_remarks = $_POST['user_remarks'];
$to_whom = $_POST['to_whom'];
$concern = $_POST['concern'];
$brief_fct = $_POST['brief_fct'];
$sec_remarks = $_POST['sec_remarks'];
$depart = $_POST['depart'];
$cisf_remarks = $_POST['cisf_remarks'];
$generalcomment = $_POST['generalcomment'];
$status = $_POST['status'];
mysqli_query($con," UPDATE `Complaintstable` SET `ref_no`= '$ref_no',`type`='$type',`comp_name`=`$comp_name`,`station`='$station',`pertains`='$pertains',`user_remarks`='$user_remarks',`to_whom`='$to_whom',`concern`='$concern',`brief_fct`='$brief_fct',`sec_remarks`='$sec_remarks',`depart`='$depart',`cisf_remarks`='$cisf_remarks',`generalcomment`='$generalcomment',`status`='$status' WHERE `Complaintstable`.`id` = '$id'");
header("Location: complaintstable.php");
?>
Kindly guide me please.
Its my first time here.
Thanks in Advance.
Edit: The Update SQL query works when ran in phpmyadmin console.

What i can see is that you are wrapping one of your db values $comp_name in backticks ` but it is probably a string..
In this line look at the $comp_name:
mysqli_query($con," UPDATE `Complaintstable` SET `ref_no`= '$ref_no',`type`='$type',`comp_name`='$comp_name',`station`='$station',`pertains`='$pertains',`user_remarks`='$user_remarks',`to_whom`='$to_whom',`concern`='$concern',`brief_fct`='$brief_fct',`sec_remarks`='$sec_remarks',`depart`='$depart',`cisf_remarks`='$cisf_remarks',`generalcomment`='$generalcomment',`status`='$status' WHERE `Complaintstable`.`id` = '$id'");
I agree with Magnus. Here is how you could do the same with PDO. Although prepared statements are possible in mysql too, i would always go for PDO. See this reference if you want to spend time with it.
$db = new PDO('mysql:host=localhost;dbname=someDatabase', 'someUser', 'somePass');
$stmt = $db->prepare("UPDATE `Complaintstable` SET `ref_no`= ?,`type`= ?,`comp_name`=?,`station`= ?,`pertains`= ?,`user_remarks`=?,`to_whom`= ?,`concern`= ?,`brief_fct`= ?,`sec_remarks`= ?,`depart`= ?,`cisf_remarks`= ?,`generalcomment`= ?,`status`= ? WHERE `Complaintstable`.`id` = ?");
$stmt->execute(array($ref_no,$type,$comp_name,$station,$pertains,$user_remarks,$to_whom,$concern,$brief_fct,$sec_remarks,$depart,$cisf_remarks,$generalcomment,$status,$id));

applying search or filter to table with pagination

hello kind sirs can you help me with this code. What i try to do is when i type something in the search box, ex. pending it will show the 5 pending reservation per page(5 rows of pending reservation). but when i try it, it shows all the pending reservation which is more than 10.
here is the image
i try something like this.. but it shows nothing
$query = "SELECT * FROM reservations WHERE CONCAT(firstname, lastname, reservationstatus)LIKE '%".$valueToSearch."%' LIMIT " . $this_page_first_result . ',' . $results_per_page";
Here is the whole code
<?php
error_reporting(E_ALL & ~E_NOTICE);
error_reporting(E_ERROR | E_PARSE);
session_start();
?>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "srdatabase";
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
}
$results_per_page = 5;
$select= "SELECT * FROM reservations";
$result = mysqli_query($conn, $select);
$number_of_results = mysqli_num_rows($result);
if(!isset($_GET['page']))
{
$page = 1;
}
else
{
$page = $_GET['page'];
}
$this_page_first_result = ($page-1)*$results_per_page;
$sql = "SELECT * FROM reservations LIMIT " . $this_page_first_result . ',' . $results_per_page;
$result = mysqli_query($conn, $sql);
$number_of_pages = ceil($number_of_results/$results_per_page);
?>
<div id="paging-div">
<?php
for($page=1;$page<=$number_of_pages;$page++)
{
echo '<a id="pagingLink" href="adminControl.php?page=' . $page . '">' . $page . '</a>';
}
?>
<?php
if(isset($_POST['search']))
{
$valueToSearch = $_POST['valueToSearch'];
$query = "SELECT * FROM reservations WHERE CONCAT(firstname, lastname, reservationstatus)LIKE '%".$valueToSearch."%'";
$search_result = filterTable($query);
}
else
{
$query = "SELECT * FROM reservations";
$search_result = filterTable($query);
}
function filterTable($query)
{
$conn = mysqli_connect("localhost", "root", "", "srdatabase");
$filter_Result = mysqli_query($conn, $query);
return $filter_Result;
}
?>
</div>
<!DOCTYPE html>
<html>
<head>
<title>Admin Control</title>
<link rel="stylesheet" type="text/css" href="styles.css">
</head>
<body>
<div class="topnav" id="myTopnav">
Home
Speakers
About
Contact
Reservation
Sign Out
<?php echo $_SESSION['firstname']; ?>
Sign Up
Sign In
Admin control
☰
</div>
<br>
<br>
<br>
<br>
<h4 style="padding-left:10px; text-align:center;">Reservation List</h4>
<hr>
<form action="adminControl.php" method="POST">
<input type="text" name="valueToSearch" placeholder="type a value">
<input type="submit" name="search" value="Filter">
</form>
<br>
<br>
<div style="overflow-x:auto;">
<table class="reservations-table">
<tr>
<th class="thFirstName">First Name</th>
<th class="thLastName">Last Name</th>
<th class="thEmailAddress">Email Address</th>
<th class="thContactNumber">Contact Number</th>
<th class="thSpeaker">Speaker</th>
<th class="thTopic">Topic</th>
<th class="thLocation">Location</th>
<th class="thAudience">Audience</th>
<th class="thCount">Count</th>
<th class="thTime">Time</th>
<th class="thDate">Date</th>
<th class="thAction">Reservation Date</th>
<th class="thAction">Status</th>
<th class="thAction">Action</th>
<th class="thAction">Action</th>
</tr>
<?php while($row = mysqli_fetch_array($search_result)):?>
<tr>
<td><?php echo $row['firstname'];?></td>
<td><?php echo $row['lastname'];?></td>
<td><?php echo $row['emailaddress'];?></td>
<td><?php echo $row['contactnumber'];?></td>
<td><?php echo $row['speaker'];?></td>
<td><?php echo $row['topic'];?></td>
<td><?php echo $row['location'];?></td>
<td><?php echo $row['audience'];?></td>
<td><?php echo $row['count'];?></td>
<td><?php echo $row['time'];?></td>
<td><?php echo $row['date'];?></td>
<td><?php echo $row['reservationdate'];?></td>
<td><?php echo $row['reservationstatus'];?></td>
</tr>
<?php endwhile;?>
</table>
</form>
</div>
<?php
$epr='';
$msg='';
if(isset($_GET['epr']))
$epr=$_GET['epr'];
if($epr=='delete')
{
$id=$_GET['id'];
$delete=mysqli_query($conn, "DELETE FROM reservations WHERE id=$id");
if($delete)
header('location:adminControl.php');
else
$msg='Error :'.mysqli_error();
}
?>
<?php
$epr='';
$msg='';
if(isset($_GET['epr']))
$epr=$_GET['epr'];
if($epr=='approve')
{
$id=$_GET['id'];
$approve=mysqli_query($conn, "UPDATE reservations SET reservationstatus='approved' WHERE id=$id");
header('location:adminControl.php');
}
?>
<script>
function myFunction() {
var x = document.getElementById("myTopnav");
if (x.className === "topnav") {
x.className += " responsive";
} else {
x.className = "topnav";
}
}
</script>
<script>
function ifAdmin()
{
document.getElementById("signIn").style.display = "none";
document.getElementById("signUp").style.display = "none";
document.getElementById("signOut").style.display = "block";
document.getElementById("adminControl").style.display = "block";
}
</script>
<script>
function ifNotAdmin()
{
document.getElementById("signIn").style.display = "none";
document.getElementById("signUp").style.display = "none";
document.getElementById("signOut").style.display = "block";
document.getElementById("adminControl").style.display = "none";
}
</script>
<script>
function ifNotLogin()
{
document.getElementById("user").style.display = "none";
document.getElementById("signOut").style.display = "none";
document.getElementById("adminControl").style.display = "none";
}
</script>
<?php
if (isset($_SESSION['signedIn']) && $_SESSION['signedIn'] == true)
//if login
{
if($_SESSION['type'] == 1)
{
echo "<script type='text/javascript'>ifAdmin();</script>";
}
elseif($_SESSION['type'] == 0)
{
echo "<script type='text/javascript'>ifNotAdmin();</script>";
}
}
//if not login
else
{
echo "<script type='text/javascript'>ifNotLogin();</script>";
}
?>
<div id="footer" class="push">Copyright 2017</div>
</body>
</html>

... when i try it, it shows all the pending reservation which is more than 10.
That's because when you hit 2nd, 3rd, ... pages(after navigating from the 1st page), the $_POST array would be empty i.e. $_POST['search'] won't be set, and that's why else{...} part of the code will get executed every time you navigate to 2nd, 3rd, ... pages. Since you're not sending any sensitive data with the form, use GET instead of POST in the method attribute of the form, like this:
<form action="..." method="get">
and get the user inputted data like this:
if (isset($_GET['search'])) {
$valueToSearch = $_GET['valueToSearch'];
...
Subsequently, you need to attach that search query in each of your pagination links, so that the search query would be available when you hop from page to page.
// your code
<?php
for($page=1;$page<=$number_of_pages;$page++)
{
echo "<a id='pagingLink' href='adminControl.php?page=" . $page . "&valueToSearch=". urlencode($_GET['valueToSearch']) ."&search'>" . $page . "</a>";
}
?>
// your code

Showing data from category with php mysql

My tables are:
barangtbl: id, judul_barang, judul_seo, keywords, deskripsi, id_kat, id_sub, id_supersub, kategori_seo, view, gambar
kategori: id_kat, nama_kat
subkategori: id_sub, id_kat, nama_sub
supersubkategori: id_supersub, id_sub, id_kat, nama_supersub
I have a problem with showing data in category from database with PHP, the problem is when i click link: localhost/test/category.php?name=HPI, it doesn't show any data, but if I change HPI with number: 15, it show all.
15 is id_supersub data on supersubkategori table where I join with barangtbl table. So, all i want is if someone click: localhost/test/category.php?name=HPI it will show data with HPI category inside. How solve this problem?
<?php
if (isset($_GET['name']))
{
$kategori = $_GET['name'];
}
include "config.php";
if ((isset($kategori)) =='')
{
$query = "SELECT * FROM barangtbl INNER JOIN supersubkategori on supersubkategori.id_supersub = barangtbl.id_supersub ORDER BY id DESC LIMIT 0,12";
$hasil = mysql_query($query);
$numrows = mysql_num_rows($hasil);
}
else
{
echo "
<table width=\"100%\">
<tr>
<td align=\"center\"><b><font color=\"red\" size=\"2.5\">[ ".$_GET['name']." ]</b></font></td>
</tr>
</table>";
$query = "SELECT * FROM barangtbl WHERE id_supersub = '$kategori' ORDER BY id";
$hasil = mysql_query($query);
$numrows = mysql_num_rows($hasil);
}
?>
<table cellpadding="10" cellspacing="2" align="center">
<tr>
<?php
$kolom=3;
$x = 0;
if($numrows > 0)
{
while($data=mysql_fetch_array($hasil))
{
if ($x >= $kolom)
{
echo "</tr><tr>";
$x = 0;
}
$x++;
?>
<th>
<div id="title">
<a href="product.php?id=<?php echo $data['id']; ?>">
<?php echo $data['judul_barang']; ?>
</a>
<br><br>
</div>
<div id="image">
<a href="product.php?id=<?php echo $data['id']; ?>">
<img width='150' height='150' valign='top' border='1,5' src="product/<?php echo $data['gambar']; ?>" />
</a>
<br><br>
</div>
<div id="action">
<?php
echo '
<a href="product.php?id='.$data['id'].'">
<img src="images/detail.jpg"\ title="Detail Barang" border="0" width=\"50\" height=\"30\">
</a>';
?>
</div>
<hr />
</th>
<?php
}
}
?>
</tr>
</table>

Try removing the quotes
$query = "SELECT * FROM barangtbl WHERE id_supersub = $kategori ORDER BY id";

Categories