I am with some difficulties on create an Add Friend and Remove Friend button.
For example if the 'accepted' row in mysql of table friends_request is equals to 1 then it should appears the 'Remove Friend' button, otherwise it should appears the 'Add Friend' button.
Here is the code of the buttons I did, which is wrong.
<?php
$selfriendsBtn = "SELECT fr.username
FROM (select from_username AS username
FROM friends_request
WHERE to_username = '".$_GET['u']."' AND accepted = 1
UNION ALL
SELECT to_username AS username
FROM friends_request
WHERE from_username = '".$_GET['u']."' AND accepted = 1) AS fr
JOIN users AS u ON u.username = fr.username LIMIT 5";
$resultfriend_add_rmv = $sql->query($selfriendsBtn);
$rowAdd_RmvFriend = mysqli_fetch_assoc($resultfriend_add_rmv);
$accepted = $rowAdd_RmvFriend['accepted'];
if($user != $_GET['u']) {
if($accepted == 1) {
?>
<table>
<tr>
<td>
<form action="profile.php?u=<?php echo $_GET['u']; ?>&deleted=<?php echo $user; ?>" method="POST">
<input type="submit" name="rmvfriend" value="Remove Friend" />
</form>
</td>
<td>
<form action="profile.php?u=<?php echo $_GET['u']; ?>&a=compose" method="POST">
<input type="submit" name="msg" value="Message" />
</form>
</td>
</tr>
</table>
<?php
} else {
?>
<table>
<tr>
<td>
<form action="profile.php?u=<?php echo $_GET['u']; ?>&requested=<?php echo $user; ?>" method="POST">
<input type="submit" name="addfriend" value="Add Friend" />
</form>
</td>
<td>
<form action="profile.php?u=<?php echo $_GET['u']; ?>&a=compose" method="POST">
<input type="submit" name="msg" value="Message" />
</form>
</td>
</tr>
</table>
<?php
}
}
?>
The SELECT tables I pick up from the friends.php page and implemented it on here.
I don't know why it's not working. Should I use loop or not? Well, in my opinion I think a loop it would work very well on this.
You're looking for a value that isn't present in the result set:
$accepted = $rowAdd_RmvFriend['accepted'];
The only value you select from the database is the username:
SELECT fr.username
FROM ...
So $accepted will never be equal to 1. Thus, this will always be false:
if ($accepted == 1)
So the else block (the "Add Friend" button) will always be shown.
You should also select the accepted value from your query so you can use it in your logic. This is mostly a guess based on your query so far, but it looks like you'd need to add it in three places:
SELECT fr.username, fr.accepted -- here
FROM (select from_username AS username, accepted -- here
FROM friends_request
WHERE to_username = ? AND accepted = 1
UNION ALL
SELECT to_username AS username, accepted -- here
FROM friends_request
...
Keep in mind that nobody here really knows your data, so you may need to tinker with the query a little bit in your database management tools to get it just right.
Related
I was wondering how to make a search form where user has 3 options to search with
Search By age (dropdown 18-25 & 26-40)
Search By gender (male or female)
Search By name
In my code, when I click "Submit" with blank fields, it's throwing all data which i don't it to:
<?php
$output = NULL;
if (isset ( $_POST ['submit'] )) {
// Connect to database
$mysqli = new Mysqli ( "localhost", "root", "2222", "matrimonialPortal" );
$search = $mysqli->real_escape_string ( $_POST ['search'] );
// Query the databse
$resultSet = $mysqli->query ( "SELECT * FROM mp_user WHERE name LIKE '%$search%' OR email LIKE '%$search%' OR salutation LIKE '%$search%' OR id LIKE '%$search%'" );
if ($resultSet->num_rows > 0) {
while ( $rows = $resultSet->fetch_assoc () ) {
$name = $rows ['name'];
$email = $rows ['email'];
$output .= "::<strong>The Details of your search</strong> ::<br /> Name: $name<br /> Email:$email<br /><br /> ";
}
} else {
$output = "Oops No results Found!!";
}
}
?>
<!-- The HTML PART -->
<form method="POST">
<div>
<p>
Search By name: <input type="TEXT" name="search" /> <input
type="SUBMIT" name="submit" value="Search >>" />
</p>
</div>
<div>Search By Age :
<select name="age">
<option></option>
<option value="18-20">18-20</option>
<option value="20-25">20-25</option>
</select><input type="SUBMIT" name="submit" value="Search >>" />
</div>
<br />
<div>
Search By Gender:
<select name="salutation">
<option></option>
<option value="0">--- Male ---</option>
<option value="1">--- Female ---</option>
</select> <input type="SUBMIT" name="submit" value="Search >>" />
</div>
<br> <br>
</form>
<?php echo $output; ?>
It seems like you are new to PHP. Here is a solution for you.
First HTML PART. Here use "action" which means that the page will locate the file and process data. For example action="search_process.php". But if you are processing the data from the same page use $_SERVER['PHP_SELF'];
<!-- The HTML PART -->
<form method="POST" action="$_SERVER['PHP_SELF']"> // here it will load the self page
<div>
<p>
Search By name: <input type="text" name="search_name" />
Search By age: <input type="text" name="search_age" />
Search By gender: <input type="TEXT" name="search_gender" />
<input type="submit" name="submit_name" value="Search >>" />
</p>
</div>
Now the PHP part:
<?php
if(isset($_POST['submit_name'])
{
//What happens after you submit? We will now take all the values you submit in variables
$name = (!empty($_POST['search_name']))?mysql_real_escape_string($_POST['search_name']):null; //NOTE: DO NOT JUST USE $name = $_POST['search_name'] as it will give undefined index error (though your data will be processed) and will also be open to SQL injections. To avoid SQL injections user mysql_real_escape_string.
$age = (!empty($_POST['search_age']))?mysql_real_escape_string($_POST['search_age']):null;
$gender = (!empty($_POST['search_gender']))?mysql_real_escape_string($_POST['search_gender']):null;
//Now we will match these values with the data in the database
$abc = "SELECT * FROM table_name WHERE field_name LIKE '".$name."' or field_gender LIKE '".$gender."' or field_age LIKE '".$age."'"; // USE "or" IF YOU WANT TO GET SEARCH RESULT IF ANY OF THE THREE FIELD MATCHES. IF YOU WANT TO GET SEARCH RESULT ONLY WHEN ALL THE FIELD MATCHES THEN REPLACE "or" with "and"
$def = mysql_query($abc) or die(mysql_error())// always use "or die(mysql_error())". This will return any error that your script may encounter
//NOW THAT WE HAVE GOT THE VALUES AND SEARCHED THEM WE WILL NOW SHOW THE RESULT IN A TABLE
?>
<table cellspacing="0" cellpadding="0" border"0">
<tr>
<th>Name</th>
<th>Age</th>
<th>Gender</th>
</tr>
<?php while($row = mysql_fetch_array($def)) { // I HAD MISSED OUT A WHILE LOOP HERE. SO I AM EDITING IT HERE. YOU NEED TO USE A WHILE LOOP TO DISPLAY THE DATA THAT YOU GOT AFTER SEARCHING.
<tr>
<td><?php echo $row[field_name]; ?></td>
<td><?php echo $row[field_age]; ?></td>
<td><?php echo $row[field_gender]; ?></td>
</tr>
<?php } ?>
</table>
<?php } ?>
A perfect solution for your query. All the best.
Well i cant give you the whole code, but here are the few solutions..
Use 3 different forms with 3 different submit buttons.
Use radio buttons on html form, and make a check on PHP side and perform operations depending upon what or which radio is selected.
Use a button instead of submit, radio buttons, hidden fields, and pass data to different php page on form submit (this can be lengthy).
Well you have options.
You can replace your code
if ($resultSet->num_rows > 0) {
with this
if ($resultSet->num_rows > 0 and trim($search) != "") {
so it will not show all results if your input box is empty
hope this will help you
Edit
here is an example you can get idea
$qry = "SELECT * FROM test WHERE 1=1";
if($purpose!="")
$qry .= " AND purpose='$purpose'";
if($location!="")
$qry .= " AND location='$location'";
if($type!="")
$qry .= " AND type='$type'";
and for age
if ($age!='') {
$qry .= " AND age between ".str_replace('-',' and ',$age);
}
When you POST a blank variable and Query with %$search% and 'OR' other criteria, sql matches all records with space in column Name ! So you will have to use some variation of;
If(empty($POST['search']){ ['Query witbout Name parameter']} else{['Query with Name parameter']}
As for converting DOB to match age range. You will have to use
SELECT TIMESTAMPDIFF
answered here
calculate age based on date of birth
I need to delete a record, in this case a categories from my forum, from the database based on its id.
<?php
if(isset($_SESSION['signed_in']) && $_SESSION['user_level'] == 1)
{
?>
<td>
<form method="post">
<input type="hidden" value="<?= ['cat_id']; ?>">
<input type="submit" name="submit" value="Remover" />
</form>
<?php
if(isset($_POST['submit']))
{
mysql_query("DELETE FROM categories where cat_id = 'cat_id'");
}
?>
</td>
<?php
}
?>
i cant get a "good" way to do it... :(
EDIT: This is for a programming lesson not a real forum!!
Your HTML Input Field needs a name so it can be identified by your PHP.
Then, in your Code Block where you attempt to delete the category, you need to acces the category id using the $_POST array.
Another thig you want to do is read up onj the dangers of SQL injections.
If you're just playing around with PHP and MySQL at the moment: Go Ahead. But if you actually want to develop, maybe you should read up on a few other things as well, even if it seems like overkill at first: PHP The Right Way.
Nontheless, try this:
<?php
if(isset($_SESSION['signed_in']) && $_SESSION['user_level'] == 1)
{
?>
<td>
<form method="post">
<input type="hidden" name="hid_catid" id="hid_catid" value="<?php echo $cat_id; ?>">
<input type="submit" name="submit" value="Remover" />
</form>
<?php
if(isset($_POST['submit']))
{
$query = "DELETE FROM categories where cat_id = '".(int)$_POST['hid_catid']."'";
mysql_query($query);
}
?>
</td>
<?php
}
?>
--> hidden field should have name and id to use
--
Thanks
Your hidden input field needs a name to be accessable after the post. Also I am not sure if ['cat_id'] is the correcty way to reference this variable. Where does it come from?
<form method="post">
<input type="hidden" name="cat_id" value="<?= $cat_id ?>">
<input type="submit" name="submit" value="Remover" />
</form>
Then your query has to look like this to correctly grab the id from the post.
mysql_query("DELETE FROM categories where cat_id = " . mysql_real_escape_string($_POST['cat_id']));
This problem has got me tearing my face apart...
I have this code:
<?php while ($com_row = mysql_fetch_array($result_getcom)) { ?>
<tr>
<td>
<?= $com_row['name'] ?>
<?php if ($com_row['com_flag_flagged'] == 0 && $com_row['com_flag_ownerid'] == $_SESSION['sess_id']) {
echo "<span class='label label-default'>Nytt!</span> ";
} ?>
<?= $com_row['com_comment'] ?>
<?php if ($com_row['com_auth_id'] == $_SESSION['sess_id'] || $com_row['com_stat_ownerid'] == $_SESSION['sess_id']) { ?>
<br /><small><font color="#b94a48">Radera</font></small>
<?php } ?>
</td>
</tr>
<?php } ?>
It prints out comments made on a "status update" as you'd see on facebook or whatever.
Now, SOMETIMES depending on which account I'm writing from it's fine but, it seems with a specific account when I comment, that comment simply is displayed twice in a row. I've checked the database and there are no duplicate entries. But somehow on certain occasions a comment is displayed twice in a row.
http://i.imgur.com/ud27j6v.png
On the bottom, the comment appears twice. Strangely without the "New" label the second time...
Please help me! Why is this?
Thanks in advance!
/J
Page source code:
<table class="table table-striped">
<tbody>
<tr>
<td>Gabbe Heja <br /><small><font color="#b94a48">Radera</font></small></td>
</tr>
<tr>
<td>Gabbe ee <br /><small><font color="#b94a48">Radera</font></small></td>
</tr>
<tr>
<td>Gabbe aa <br /><small><font color="#b94a48">Radera</font></small></td>
</tr>
<tr>
<td>Iwar <span class='label label-default'>Nytt!</span> Sant</td>
</tr>
<tr>
<td>Iwar <span class='label label-default'>Nytt!</span> lol</td>
</tr>
<tr>
<td>Annelie <span class='label label-default'>Nytt!</span> Gött :)</td>
</tr>
<tr>
<td>Annelie Gött :)</td>
</tr>
<tr>
<td>
<form action="profile.php?id=4" name="com_form" method="post" class="form-inline" role="form">
<input type="hidden" name="su_id" value="10" />
<input type="hidden" name="su_authorid" value="4" />
<div class="form-group">
<label class="sr-only" for="com_input">Kommentar</label>
<input type="text" name="com_input" size="45" class="form-control" id="com_input" placeholder="Skriv en kommentar...">
</div>
<button type="submit" name="com_submit" data-loading-text="Skickar..." class="btn btn-default">Skicka!</button>
</form>
</td>
</tr>
</tbody>
</table>
Here's more of the PHP code on the same page:
while ($su_row = mysql_fetch_assoc($result_getsu)) {
$sql_getcom = "SELECT * FROM status_comments INNER JOIN users ON id=com_auth_id INNER JOIN com_flags ON com_flag_cid=com_id WHERE com_stat_id='{$su_row['su_id']}' ORDER BY com_date ASC";
$result_getcom = mysql_query($sql_getcom); ?>
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title"><table width="100%"><tr><td><?php echo "{$su_row['name']} säger: <small>({$su_row['su_date']})</small></td>"; if ($_SESSION['sess_id'] == $_GET['id']) : echo "<td align=\"right\"><a href='?del={$su_row['su_id']}'><button type='button' class='close' aria-hidden='true'>×</button></a>
</td></tr></table></h3>"; else : echo "</tr></table></h3>"; endif; ?>
</div>
<div class="panel-body">
<p><?php echo $su_row['su_message']; ?></p>
<div class="panel panel-default">
<!-- Table -->
<table class="table table-striped">
<tbody>
<?php while ($com_row = mysql_fetch_assoc($result_getcom)) { ?>
<tr>
<td class="<?= $com_row['com_id'] ?>"><?= $com_row['name'] ?> <?php if ($com_row['com_flag_flagged'] == 0 && $com_row['com_flag_ownerid'] == $_SESSION['sess_id']) { echo "<span class='label label-default'>Nytt!</span> "; } ?><?= $com_row['com_comment'] ?>
<?php if ($com_row['com_auth_id'] == $_SESSION['sess_id'] || $com_row['com_stat_ownerid'] == $_SESSION['sess_id']) { ?>
<br /><small><font color="#b94a48">Radera</font></small><?php } ?></td>
</tr>
<?php } ?>
<tr>
<td>
<form action="<?php echo basename($_SERVER['PHP_SELF']); ?>?id=<?php echo $_GET['id']; ?>" name="com_form" method="post" class="form-inline" role="form">
<input type="hidden" name="su_id" value="<?= $su_row['su_id'] ?>" />
<input type="hidden" name="su_authorid" value="<?= $su_row['su_auth_id'] ?>" />
<div class="form-group">
<label class="sr-only" for="com_input">Kommentar</label>
<input type="text" name="com_input" size="45" class="form-control" id="com_input" placeholder="Skriv en kommentar...">
</div>
<button type="submit" name="com_submit" data-loading-text="Skickar..." class="btn btn-default">Skicka!</button>
</form>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<?php
}
?>
Edit for Chris:
Thank you, but none of those solutions will work out for what I'm trying to do. I will explain the com_flags as simply as I can.
com_flags: http://i.imgur.com/i62g8kW.png
Com_flag_id is just a unique id for that specific flag, com_flag_cid is referring to the id of the comment (com_id) that the flag is put on. com_flag_ownerid is referring to the user id that "owns" that flag and lastly, com_flag_flagged is 0 if the comment is unread or unseen, I will later program it to change to 1 as soon as the user in question has seen that comment.
Now, the flags are there to keep track of what comment is NEW for a specific user. If someone writes a comment on another users status update, the author of that status update will recieve a flag in com_flags with the information about that comment. If that user then posts a comment on his own status update again, the other person will recieve a flag letting him know there's been a comment on a status update that he's already commented on, you see? So, if there's 10 different people all commenting on one status update, they will all recieve flags as soon as another user comments that status update.
I THINK I've got the part of adding flags down correctly, here's the code:
if (isset($_POST['com_submit'])) {
$_POST = db_escape($_POST);
if (empty($_POST['com_input'])) {
$sus = "<br /><div class=\"alert alert-danger\"><i class=\"fa fa-exclamation-triangle\"></i> Fältet var tomt.</div>";
} else {
$_POST['com_input'] = htmlspecialchars($_POST['com_input']);
$sql_com = "INSERT INTO status_comments(com_stat_id,com_stat_ownerid,com_auth_id,com_comment) VALUES('{$_POST['su_id']}', '{$_POST['su_authorid']}', '{$_SESSION['sess_id']}', '{$_POST['com_input']}')";
$result_com = mysql_query($sql_com);
$res = mysql_query('SELECT LAST_INSERT_ID()');
$lastrow = mysql_fetch_array($res);
$lastInsertId = $lastrow[0];
$sql_commentors = "SELECT DISTINCT com_auth_id FROM status_comments WHERE com_stat_id='{$_POST['su_id']}' AND (com_auth_id!='{$_SESSION['sess_id']}' AND com_auth_id!='{$_POST['su_authorid']}')";
$result_commentors = mysql_query($sql_commentors);
$num_commentors = mysql_num_rows($result_commentors);
if ($_POST['su_authorid'] != $_SESSION['sess_id']) {
$sql_comflags = "INSERT INTO com_flags(com_flag_cid,com_flag_ownerid) VALUES('{$lastInsertId}', '{$_POST['su_authorid']}')";
$result_comflags = mysql_query($sql_comflags);
if ($num_commentors > 0) {
while ($listcoms = mysql_fetch_array($result_commentors)) {
$sql_comflags2 = "INSERT INTO com_flags(com_flag_cid,com_flag_ownerid) VALUES('{$lastInsertId}', '{$listcoms['com_auth_id']}')";
$result_comflags2 = mysql_query($sql_comflags2);
}
}
header("Location: ?id={$_GET['id']}&coms=");
} else {
if ($num_commentors > 0) {
while ($listcoms = mysql_fetch_array($result_commentors)) {
$sql_comflags = "INSERT INTO com_flags(com_flag_cid,com_flag_ownerid) VALUES('{$lastInsertId}', '{$listcoms['com_auth_id']}')";
$result_comflags = mysql_query($sql_comflags);
}
}
header("Location: ?id={$_GET['id']}&coms=");
}
}
}
Final edit (hopefully):
I made a new SELECT:
$sql_getflags = "SELECT * FROM com_flags WHERE com_flag_cid='{$com_row['com_id']}' AND com_flag_ownerid='{$_SESSION['sess_id']}'";
$result_getflags = mysql_query($sql_getflags);
and I put this inside the while for each comment:
while ($flags_row = mysql_fetch_assoc($result_getflags)) { if ($flags_row['com_flag_flagged'] == 0 && $flags_row['com_flag_ownerid'] == $_SESSION['sess_id']) { echo "<span class='label label-default'>Nytt!</span> "; } }
That seemed to fix it right up! Do you understand what I was trying to do? And if so, do you think this is a final solution? Oh, and of course, thank you a thousand times for your help, Chris. You're GOLD.
For starters, here is the obligatory reminder that the mysql* functions are now deprecated and you should move to PDO or mysqli.
Next, mysql_fetch_array() can return either numerically indexed arrays or associative arrays depending on how you use it. Your use suggests you may want to use mysql_fetch_assoc() instead.
Lastly, when the duplicate comment appears, is it just the comment body or is it the entire code structure that appears?
UPDATE: SQL Issue
When we look at the query that pulls all of your comments (and associated table data) we have this query/line:
$sql_getcom = "SELECT * FROM status_comments INNER JOIN users ON id=com_auth_id INNER JOIN com_flags ON com_flag_cid=com_id WHERE com_stat_id='{$su_row['su_id']}' ORDER BY com_date ASC";
status_comments is the table containing each comment. We do an inner join to the users table, which pulls in the comment author information based on status_comments.com_auth_id. Next, we do an inner join on the com_flags table. I'm not entirely clear what we use the flags for in this context, but that's not important. The reason you see 2 entries for comment 67 is that the inner join returns 2 rows since there are 2 entries in the com_flags table for it (com_flags.com_flag_id 49 and 50). Your code assumes a 1:1 relationship here and doesn't account for the fact that there are 2 flags.
You've got 2 ways to solve this:
You can set a variable before your loop that tracks the current comment and if the current comment appears twice, you'll skip the 2nd one. The downside is this invalidates whatever use you have for the 2nd flag on that comment and will produce inconsistencies since sometimes 49 may be first and sometimes 50 will be first.
You can ditch the 2nd flag and guarantee there is a 1:1 relationship between flags and comments and no code changes are required.
Here's some code for the first solution. You'll have to set the correct variable names and merge it with your existing code.
$current_comment = 0;
while($row = mysql_fetch_assoc($results))
{
if($current_comment != $row['comment_id']) // This is a new comment
{
$current_comment = $row['comment_id']; // Set our new one to the current
echo "Print out some stuff, like our comment";
}
// else - not needed - but this means we are processing the same comment as last time so we skip it
}
Okay so users on my game have a page. Other users can comment on the page. I made a script to where the user can set it to where people can comment on their wall or if it's disabled. If I manually change the database it works, but I have it setup with radio buttons and it's not updating. Here's the form.
<form action="settings" method="post">
Comments: <br />
Enabled:
<input type="radio" name="change_wall" id="change_wall" value="no" checked="checked" />
<br />
Disabled:
<input type="radio" name="change_wall" id="change_wall" value="yes" />
<br />
<input type="submit" value="Change" />
</form>
Below this is the SQL of the database updating.
<?php
if ( isset ( $_POST['change_wall'] ) )
{
$change_wall = mysql_real_escape_string($_POST['change_wall']);
if ($cash >= 5000) {
$sql = "UPDATE users SET disable_wall='".$change_wall."' , cash=(cash - 5000) WHERE id='".$id."'";
$res = mysql_query($sql);
echo
'<table width="800" align="center" class="SettingsTable">
<tr>
<td>You sucessfully changed your comment settings!</td>
</tr>
</table>
<br />';
}
else {
echo
'<table width="800" align="center" class="SettingsTable">
<tr>
<td>You don\'t have enough cash to change your comment settings!</td>
</tr>
</table>
<br />';
}
}
?>
Here's the coding for the user's page to display their comments or if it's disabled.
<?php
if ($disable_wall = 0) {
include 'users_wall.php';
}
elseif ($disable_wall = 1) {
echo
'<table width="800" align="center" class="DisabledWall">
<tr>
<td>' . $userp['name'] . '\'s ' . 'Comments Disabled!</td>
</tr>
</table>';
}
?>
first of all, be sure that the sql query is executed - $cash is really >= 5000 and $id variable consists proper value
then, what type does the table field 'disable_wall' have? varchar or enum? not int?
if instructions above didnt help, type this after last line of your script:
die("error: ".mysql_error());
submit the form and watch, what error happened while you are updating the table
Because you need a boolean (yes/no) response, you can simply set them to 0 or 1, to be safe.
To answer your question, do
$sql = "UPDATE users SET disable_wall='1' , cash=(cash - 5000);
And to disable the wall
$sql = "UPDATE users SET disable_wall='0' , cash=(cash - 5000);
Better yet, use a boolean column for it.
Also, ensure that $id is a valid value, and currently has at least a row in the table.
More importantly, use PDO or MySQLi; MySQL extensions are already deprecated.
Hope this helps.
i have a search function on my website where users can search for products. it works perfectly fine except for the fact that when a user searches for 'ipod' it comes up with no result as the name of the product is 'apple ipod'. how do i code it so that when part of the name of the product is searched, the correct product comes up?
my code is as follows:
<div id="search" align="right">
<form action="" method="get">
<span id="sprytextfield1">
<input name="search" id="search2" type="text" width="250px"/>
<span class="textfieldRequiredMsg"></span></span>
<input name="" type="submit" value="Search"/>
</form></div>
<br /><br />
<h2>Your Search Results For "<?php echo $_GET['search'] ?>":</h2><hr />
<table border="0" cellpadding="2px" width="600px">
<?
$search = $_GET['search'];
$result=mysql_query("select * from products WHERE name = '$search'")
or die(mysql_error());
if (mysql_num_rows($result) == 0) {
echo ' '.'Could Not Be Found';
}
else {
while($row=mysql_fetch_array($result)){
?>
<tr>
<td><?php echo'<img src="getImage.php?id=' . $row['serial'] .'"/>'
?> </td>
<td> <b><?=$row['name']?></b><br />
Price:<big style="color:green">
£<?=$row['price']?></big><br /><br />
<input type="button" value="Add to Cart" onclick="addtocart(<?=$row['serial']?>)" />
</td>
</tr>
<tr><td colspan="2"><hr size="1" /></td>
<?
}
}?>
</table>
thanks for any advice given! :)
Ignoring the fact that your code should never be used for production (it's unsafe), you should use a LIKE in your query.
mysql_query("select * from products WHERE name LIKE '%$search%'")
Now, optimized against SQL injections and other things you don't want, this would become:
mysql_query("select * from products WHERE name LIKE '%".mysql_real_escape_string($search)."%'")
You can use a LIKE statement, like so
select * from products WHERE name LIKE '%$search%'
The above will match both 'apple ipod', 'ipod' and 'apple ipod'
Searching keyword in a table (eg: your product list) LIKE can be very useful but doesn't perform well on long text fields (eg: description), so consider also full text index and the MATCH () AGAINST operator.
Here mysql manual page
To avoid to return the page No results found, sorry, (after a none results query) you can use the SOUNDEX operator
mysql_query("select * from products WHERE SOUNDEX(name) > 0 ORDER BY SOUNDEX(name) DESC" ):
Here mysql soundex manual page