code:
<?php
include('config.php');
$return_arr = array();
$term = $_GET['term'];
$term = str_replace('.','',$term);
$sql = "SELECT * FROM submission where keyword like '%".$term."%' or companyname like '%".$term."%' ORDER BY CASE WHEN keyword LIKE '%".$term."%' THEN 1
ELSE 2 END";
$r = mysqli_query($link,$sql);
while($row = mysqli_fetch_assoc($r))
{
$key = explode(",", $row['keyword']);
foreach ($key as $keyword)
{
$return_arr[] = $keyword;
}
}
echo json_encode($return_arr);
?>
In my code I have created a auto complete suggestion box and its working but it always showing wrong result if I write (i) it always show result with (a) alphabet why not (i) and also want to search with short name. So, How can I do this ?Please help me.
Thank You
if you want to compare result start with input character then remove % from beginning
$sql = "SELECT * FROM submission where keyword like '".$term."%' or companyname
like '".$term."%' ORDER BY CASE WHEN keyword LIKE '".$term."%' THEN 1
ELSE 2 END";
You used %$term% in your query. So whether the data store the searched keyword anywhere in the string, it will display to you. So if you want to search the data start with a specific character remove % from the start of your query to make it as $term% as
$sql = "SELECT * FROM submission where keyword like '".$term."%' or companyname
like '".$term."%' ORDER BY CASE WHEN keyword LIKE '".$term."%' THEN 1
ELSE 2 END";
Related
I have an mysqli table having values as such:-
id | price
65| 7000
67| 7001
And a php code to echo both out using an array variable:-
require('setup.php'); // got connection
$array = array(0 => 65, 1 => 67);
$d = implode("," , $array);
$sql = "SELECT price FROM trade WHERE id IN('$d')";
$query = mysqli_query($conn, $sql);
if($query){
while ($row = mysqli_fetch_array($query)) {
echo $row['price'].'<br>';
}
}
else {
echo mysqli_error($conn);
}
The output should come as
7000
7001
but it's only 7000.
You need to do IN(65,67) while you are doing IN('65,67')
So remove ' around $d
Code needs to be:-
$sql = "SELECT price FROM trade WHERE id IN($d)";
Note:- use fetch_assoc() for lighter array iteration (as it only gives associative array resultset)
while ($row = mysqli_fetch_assoc($query)) {
Working snippet :- http://rextester.com/FEFBWZ40805
Remove extra single quotes in IN() tag.
Corrected code:
$sql = "SELECT price FROM trade WHERE id IN($d)";
$sql Outputs:
SELECT price FROM trade WHERE id IN(65,67)
You can check the code here:
Edit your query as below,
$sql = "SELECT price FROM trade WHERE id IN($d)";
Hope this helps.
Passing $d withing quotes makes the IN('65,66') look like this during execution so you need to remove that as by the default convention you just need to pass an array. So change your query to:
SELECT price FROM trade WHERE id IN($d)
Please check your SQL query
$sql = "SELECT price FROM trade WHERE id IN('$d')";
Please change this query like below:
$sql = "SELECT price FROM trade WHERE id IN($d)";
You should not use single quote with php varible.
Try something like this:
require('setup.php');
$array = [65, 67];
$d = implode(',', $array);
$sql = "SELECT price FROM trade WHERE id IN($d)";
$query = mysqli_query($conn, $sql);
if($query){
while ($row = mysqli_fetch_assoc($query)) {
echo $row['price'].'<br>';
}
}
else {
echo mysqli_error($conn);
}
I've made a crud function where users register/log in to view their own contact list. The mysql database has tables of details such as name, mobile, email, company, title etc. I want to implement a live search function where the user can type in something such as e.g. first name + title or whatever random combination, and for the live search to be able to match the search field(s).
What is your recommendation in making something that fulfills the above?
Many thanks!
$result = array();
$Query = "SELECT * FROM contact_list WHERE ";
$keyword = preg_split("/[\s,-]+/", $q);
$flag = 0;
while ($flag<count($keyword))
{
if($flag==0)
$Query.=" name LIKE '%".$keyword[$flag]."%' OR title LIKE '%".$keyword[$flag]."%'";
else
$Query.=" OR name LIKE '%".$keyword[$flag]."%' OR title LIKE '%".$keyword[$flag]."%'";
$flag++;
}
$Query .= " ORDER BY `name` ASC";
$exec = $this->db->query($Query);
foreach ($exec->result() as $row)
{
array_push($result,$row);
}
This code i have done in codigniter. you can change it as you needed.. i hope this is you want.
I am making a Search function in PHP MySQL. Currently, my code is working but when trying to search by date, all content appear. It seems that the 2 fields aren't connected.
Please help. Thanks.
<?php
$query = $_GET['query'];
$date = $_GET['date'];
// gets value sent over search form
$query = htmlspecialchars($query);
// changes characters used in html to their equivalents, for example: < to >
$query = mysql_real_escape_string($query);
// makes sure nobody uses SQL injection
$raw_results = mysql_query("SELECT * FROM tblArchive WHERE (Author LIKE '%".$query."%' OR Title LIKE '%".$query."%' or Content LIKE '%".$query."%' AND Date LIKE '%".$date."%')");
if(mysql_num_rows($raw_results) > 0){ // if one or more rows are returned do following
while($results = mysql_fetch_array($raw_results)){
// $results = mysql_fetch_array($raw_results) puts data from database into array, while it's valid it does the loop
echo "<p><h3>".$results['Title']."</h3>"."<h3>".$results['Author']."</h3>"."<h4>".$results['Date']."</h4>".$results['Content']."</p>";
// posts results gotten from database(title and text) you can also show id ($results['id'])
}
}
else{ // if there is no matching rows do following
echo "No results";
}
?>
$raw_results = mysql_query(
"SELECT * FROM tblArchive
WHERE (Author LIKE '%".$query."%'
OR Title LIKE '%".$query."%' or Content LIKE '%".$query."%')
AND (Date LIKE '%".$date."%')");
Please Try This Query It will work fine.
$get = 'SELECT * FROM tblArchive';
if(!empty($query)){
$get .= ' WHERE (Author LIKE '%".$query."%' OR Title LIKE '%".$query."%' or Content LIKE '%".$query."%' ';
}
if(!empty($date) && !empty($query)){
$get .= " And Date LIKE '%".$date."%'";
}
else{
$get .= " Where Date LIKE '%".$date."%'";
}
$result = mysql_query($get);
Solved: Not sure why, but after I reloaded LAMP stack everything started to work just fine. Thank all of you for help!
I have following MySQL statement prepared in PHP:
SELECT * FROM my_table WHERE (country LIKE 'Latvia' AND phone NOT LIKE '371%')
which selects records with incorrect country phone codes.
In php it looks like this:
$sql = "SELECT * FROM {$table_name} WHERE (
country LIKE '$country' AND phone NOT LIKE '$phone_code%')";
While it perfectly filters records in phpMyAdmin, it doesn't works in my application - I get all of the records in including correct ones. Your help is really appreciated!
EDIT:
Here's how more code looks like:
while ($row = $this->fetch_array($result_set)) {
$countries_to_check[$row['short_name']] = $row['calling_code'];
}
$i = 1;
$sql = "SELECT * FROM {$this->table_name} WHERE ";
foreach ($countries_to_check as $country => $phone_code) {
if ($i > 1) {
$sql .= " OR ";
}
$sql .= "(country LIKE '".$country."' AND phone NOT LIKE '".$phone_code."%')";
$i++;
}
$result_set = $this->query($sql);
As I wrote in comments, all the variables are not empty, I have echoed $sql and even ran this query in phpMyAdmin, with success.
Result looks like this:
country phone
Lithuania 37028694529 * Correct
Latvia 37122171755 * Correct
Latvia 37522433153 * Incorrect
Latvia +37126378238 * Incorrect
Or with curly syntax
$sql = "SELECT * FROM {$table_name} WHERE (
country LIKE '{$country}' AND phone NOT LIKE '{$phone_code}%')";
It must be this way:
$sql = "SELECT * FROM {$table_name} WHERE (
country LIKE '".$country."' AND phone NOT LIKE '".$phone_code."%')";
I don't know how to make the search through another table. how should i do that?
the table name is comments and i want to search for all the post stored in the column name kom
Another thing is that i cant get the pagination start working...
I started the pagination within an else statment because i only need it when i get more than 1 result.
I can get the page links showing and limit the search posting showing but when i click on one off the links i cant get to the next page
Heres the code
<?php
$search = $_POST["search"];
$field = $_POST["field"];
if($_POST["submit"] && $search)
{
echo "<div id='result'>";
echo "<h2>Resultat</h2>";
$search = strtoupper($search);
$search = strip_tags($search);
$search = trim($search);
$query = "SELECT * FROM blogTable WHERE title LIKE '%$search%'
UNION
SELECT * FROM blogTable WHERE post LIKE '%$search%'";
$result = mysql_query($query, $conn) or die(mysql_error());
$matches = mysql_num_rows($result);
if($matches == 0)
//code if serch didnt result any results
else if($matches == 1)
//code if the matches only 1
else
{
$per_page = 4;
$pages = ceil($matches / $per_page);
$page = (isset($_GET['page'])) ? (int)$_GET['page']: 1;
$start = ($page - 1) * $per_page;
$query2 = "SELECT * FROM blogTable WHERE title LIKE '%$search%'
UNION
SELECT * FROM blogTable WHERE post LIKE '%$search%' LIMIT $start, $per_page";
$result2 = mysql_query($query2, $conn) or die(mysql_error());
echo "<font size='-1'>Sökningen $search gav $matches resultat</font><br/>";
while ($r2 = mysql_fetch_array($result2))
{
$id = $r["id"];
$title = $r["title"];
$post = $r["post"];
$time = $r["time"];
echo "<br/><strong><a href='comment.php?id=$id'>$title</a></strong><br/>";
echo "<font size='-1'>".substr($post, 0, 60)."</font><br/>";
echo "<font size='-1'>".substr($post, 60, 70)."</font><br/>";
echo "<font size='-3'>$time</font><br/>";
}
//theese are showin but cannot click of any of them
if($pages >= 1 && $page <= $pages)
{
for($nr = 1; $nr <= $pages; $nr++)
{
if($nr == $page)
echo "<a href='?page=".$nr."' style='font-size:20px;'>$nr</a>";
else
echo "<a href='?page=".$nr."' style='font-size:15px;'>$nr</a> ";
}
}
}
}
?>
Is there a specific reason you are using a UNION?
If not, you can change:
$query = "SELECT * FROM blogTable WHERE title LIKE '%$search%'
UNION
SELECT * FROM blogTable WHERE post LIKE '%$search%'";
to:
$query = "SELECT * FROM blogTable WHERE (title LIKE '%$search%') OR (post LIKE '%$search%')";
Anyway, I would never execute the same query twice, just get the first x results if no start parameter was given (for example a page number in the query string) and calculate the start point when a start parameter was given.
And if you want the total, use a COUNT(*) query or change your query:
$query = "SELECT SQL_CALC_FOUND_ROWS * FROM blogTable WHERE (title LIKE '%$search%') OR (post LIKE '%$search%')";
One thing that catches the eye is that the code you show is vulnerable to SQL injection.
Get rid of the strip_tags() (if it's for security, in which case it's useless) and do a mysql_real_escape_string() on every value you use in the search queries, or check whether the value is actually a number when using int columns.
Another thing is that the <font> tag is outmoded. The cool CSS way of styling text is having an external CSS stylesheet, and defining in it something like
span.small { font-size: 12px; color: green }
and then using it in the HTML like so:
<span class="small">Text goes here</span>
that said, this probably belongs on CodeReview.SE....
First, I always recommend to use GET method and not POST method for searches and filters, next, maybe this pagination php class can help you.