I want to create a search with multiple search box. i already created on with the help of this tutorial https://www.youtube.com/watch?v=2XuxFi85GTw. so I make it 2 text box for the search. Here's what i done:
<?php
if (isset($_POST['SearchTime']))
{
$ValueToSearch = $_POST['ValueToSearchTime'];
$query = "SELECT `id`, `name`, `address`, `contact`, `email`, `date`, `time`, `ahc`, `chc`, `cottage`, `total` FROM `reserve` WHERE CONCAT (`time`) LIKE '%".$ValueToSearch."%' ORDER BY id DESC";
$search_result = filterTable($query);
}
elseif (isset($_POST['ValueToSearchTime']) == "") {
$query = "SELECT id, name, address, contact, email, date, time, ahc, chc, total, cottage FROM reserve ORDER BY id DESC";
$search_result = filterTable($query);
}
elseif (isset($_POST['SearchCottage']))
{
$ValueToSearch = $_POST['ValueToSearchCottage'];
$query = "SELECT `id`, `name`, `address`, `contact`, `email`, `date`, `time`, `ahc`, `chc`, `cottage`, `total` FROM `reserve` WHERE CONCAT (`cottage`) LIKE '%".$ValueToSearch."%' ORDER BY id DESC";
$search_result = filterTable($query);
}
elseif (isset($_POST['ValueToSearchCottage']) == "") {
$query = "SELECT id, name, address, contact, email, date, time, ahc, chc, total, cottage FROM reserve ORDER BY id DESC";
$search_result = filterTable($query);
}
function filterTable($query)
{
$connect = mysqli_connect("localhost","root","","resort");
$filter_Result = mysqli_query($connect,$query);
return $filter_Result;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Search Table</title>
<link rel="stylesheet" href="lib/table.css" media="screen" title="no title" charset="utf-8">
<link rel="stylesheet" href="lib/style.css" media="screen" title="no title" charset="utf-8">
</head>
<body>
<form action="index.php" method="post">
<div class="container">
<div class="TableGenerator">
<table>
<tr>
<td>No.</td>
<td>Name</td>
<td>Address</td>
<td>Contact</td>
<td>Email Address</td>
<td>Date</td>
<td>
Time<br/>
<input type="text" name="ValueToSearchTime" class="txt" placeholder="Search Time"/>
<input type="submit" name="SearchTime" value=">>"/>
</td>
<td>HeadCount <br/> <i>Adult</i></td>
<td>HeadCount <br/> <i>Child</i></td>
<td>Total<br/>Amount</td>
<td>
Cottage No<br/>
<input type="text" name="ValueToSearchCottage" class="txt" placeholder="Search Cottage"/>
<input type="submit" name="SearchCottage" value=">>"/>
</td>
</tr>
<?php include ("includes/row.php"); ?>
<?php while ($row = mysqli_fetch_array($search_result) ): ?>
<tr>
<td><?php echo $row['id']; ?></td>
<td><?php echo $row['name']; ?></td>
<td><?php echo $row['address']; ?></td>
<td><?php echo $row['contact']; ?></td>
<td><?php echo $row['email']; ?></td>
<td><?php echo $row['date']; ?></td>
<td><?php echo $row['time']; ?></td>
<td><?php echo $row['ahc']; ?></td>
<td><?php echo $row['chc']; ?></td>
<td><?php echo $row['total']; ?></td>
<td><?php echo $row['cottage']; ?></td>
</tr>
<?php endwhile;?>
</table>
</div>
</div>
</form>
</body>
</html>
but i want to filter it both at the same time, when I input something in both searchbox. please help!
You can use the keyword AND :
SELECT * FROM reserve WHERE firstcondition AND secondcondition
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 1 year ago.
Improve this question
I'm trying to make a simple search/filter page in php/html but I'm getting these two errors and I have hours trying to fix it but I simply can't (I'm just starting to learn and I'm following a tutorial but I can't get it to work)
Notice: Undefined variable: search_result in /storage/ssd1/909/16765909/public_html/db/db_search.php on line 34
Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, null given in /storage/ssd1/909/16765909/public_html/db/db_search.php on line 34
this is my code so far
<!DOCTYPE html>
<html>
<head>
<title>PHP HTML TABLE DATA SEARCH</title>
<style>
table,tr,th,td
{
border: 1px solid black;
}
</style>
</head>
<body>
<form action="db_search.php" method="post">
<input type="text" name="valueToSearch" placeholder="Value To Search"><br><br>
<input type="submit" name="search" value="Filtrar"><br><br>
<table border="2" >
<tr>
<td>ID</td>
<td>Cédula</td>
<td>Nombre</td>
<td>Apellido</td>
<td>Género</td>
<td>Año de Nacimiento</td>
<td>Correo</td>
<td>Desde</td>
<td>Edit</td>
<td>Delete</td>
</tr>
<!-- populate table from mysql database -->
<?php
while($row=mysqli_fetch_array($search_result)):?>
<tr>
<td><?php echo $row['user_id'] ?></td>
<td><?php echo $row['user_ssn'] ?></td>
<td><?php echo $row['user_name'] ?></td>
<td><?php echo $row['user_lastname'] ?></td>
<td><?php echo $row['user_gender'] ?></td>
<td><?php echo $row['user_birthdate'] ?></td>
<td><?php echo $row['user_mail'] ?></td>
<td><?php echo $row['user_datestamp'] ?></td>
<td>Edit</td>
<td>Delete</td>
</tr>
<?php endwhile;?>
</table>
</form>
</body>
</html>
<?php
if(isset($_POST['search']))
{
$valueToSearch = $_POST['valueToSearch'];
// search in all table columns
// using concat mysql function
$query = "SELECT * FROM `user` WHERE CONCAT(`id`, `user_ssn`, `user_name`, `user_lastname`, `user_gender`, `user_birthdate`, `user_mail`, `user_datestamp`) LIKE '%".$valueToSearch."%'";
$search_result = filterTable($query);
}
else {
$query = "SELECT * FROM `user`";
$search_result = filterTable($query);
}
// function to connect and execute the query
function filterTable($query)
{
$connect = mysqli_connect("localhost", "root", "", "practice");
$filter_Result = mysqli_query($connect, $query);
return $filter_Result;
}
?>
</body>
</html>
First you need to fetch data before render it.
<!DOCTYPE html>
<html>
<head>
<title>PHP HTML TABLE DATA SEARCH</title>
<style>
table,tr,th,td
{
border: 1px solid black;
}
</style>
</head>
<body>
<?php
if(isset($_POST['search']))
{
$valueToSearch = $_POST['valueToSearch'];
// search in all table columns
// using concat mysql function
$query = "SELECT * FROM `user` WHERE CONCAT(`id`, `user_ssn`, `user_name`, `user_lastname`, `user_gender`, `user_birthdate`, `user_mail`, `user_datestamp`) LIKE '%".$valueToSearch."%'";
$search_result = filterTable($query);
}
else {
$query = "SELECT * FROM `user`";
$search_result = filterTable($query);
}
// function to connect and execute the query
function filterTable($query)
{
$db = new mysqli("localhost", "root", "", "practice");
if ($db->connect_error) {
die("Connection failed: " . $db->connect_error);
}
$filter_Result = $db->query($query) or die($db->error);
return $filter_Result;
}
?>
<form action="db_search.php" method="post">
<input type="text" name="valueToSearch" placeholder="Value To Search"><br><br>
<input type="submit" name="search" value="Filtrar"><br><br>
<table border="2" >
<tr>
<td>ID</td>
<td>Cédula</td>
<td>Nombre</td>
<td>Apellido</td>
<td>Género</td>
<td>Año de Nacimiento</td>
<td>Correo</td>
<td>Desde</td>
<td>Edit</td>
<td>Delete</td>
</tr>
<!-- populate table from mysql database -->
<?php
while($row=$search_result->fetch_assoc()):?>
<tr>
<td><?php echo $row['user_id'] ?></td>
<td><?php echo $row['user_ssn'] ?></td>
<td><?php echo $row['user_name'] ?></td>
<td><?php echo $row['user_lastname'] ?></td>
<td><?php echo $row['user_gender'] ?></td>
<td><?php echo $row['user_birthdate'] ?></td>
<td><?php echo $row['user_mail'] ?></td>
<td><?php echo $row['user_datestamp'] ?></td>
<td>Edit</td>
<td>Delete</td>
</tr>
<?php endwhile;?>
</table>
</form>
</body>
</html>
After submitting the search the results returns a blank result set, nothing returns. Expecting it to return results from mysql search. Was working at one point but I am not sure what I changed to make it stop working.
Site is https://searchsoftball.com/search
I have verified the queries work with MySQL. No connection errors.
<?php
$localhost = "localhost";
$username = "";
$password = "";
$dbname = "seargobh_c";
$con = new mysqli($localhost, $username, $password, $dbname);
if( $con->connect_error){
die('Error: ' . $con->connect_error);
}
if( isset($_GET['search']) ){
$name = mysqli_real_escape_string($con, htmlspecialchars($_GET['search']));
$sql = "SELECT College.School, City, State, Conference, Division, Main, Softball, Camp FROM College
inner join Links on Links.School = College.School
WHERE College.school like '%$name%' or City like '%$name%' or Conference like '%$name%'
or Division like '%$name%' or State like '%$name%' or Team like '%$name%' order by Division, School desc";
}
$result = $con->query($sql);
?>
<!DOCTYPE html>
<html>
<head>
<title>Search Form</title>
<link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
</head>
<body>
<div class="container">
<label>Search</label>
<form action="search2a.php" method="GET">
<input type="text" placeholder="" name="search">
<input type="submit" value="Search Softball" name="btn" class="btn btn-sm btn-primary">
</form>
<h2>Search any of the below</h2>
<p> Until the search is more robust use these tips:<br>
Use the full state name<br>
For division, type out Division 1, etc.<br>
Searching for California will show schools, state, conference.</p>
<table class="table table-striped table-responsive">
<tr>
<th>School</th>
<th>City</th>
<th>State</th>
<th>Conference</th>
<th>Division</th>
<th>Main</th>
<th>Softball</th>
<th>Camp</th>
</tr>
<?php
while($row = $result->fetch_assoc()){
?>
<tr>
<td><?php echo $row['School']; ?></td>
<td><?php echo $row['City']; ?></td>
<td><?php echo $row['State']; ?></td>
<td><?php echo $row['Conference']; ?></td>
<td><?php echo $row['Division']; ?></td>
<td><?php echo 'Main'; ?></td>
<td><?php echo 'Softball'; ?></td>
<td><?php echo 'Softball'; ?></td>
</tr>
<?php
}
?>
</table>
</div>
</body>
</html>
Results are based on criteria entered in search box. ie. California
I have a table containing multiple rows. Behind every row is a button you can click to update a column (baatinn) in the database from 0 to 1. However when you click the button it will update all the rows from 0 to 1 instead of the row you are clicking the button on. How do i make it so it will only update the row you are clicking on
Picture of database:
HTML:
<tr>
<th>Båt ut</th>
<th>Båt inn</th>
<th>Båtnr</th>
<th>Fornavn</th>
<th>Etternavn</th>
<th>Tid</th>
<th>Kr</th>
<th>Edit</th>
</tr>
PHP:
$sql = "SELECT utleid, inntid, baatnr, fornavn, etternavn, tid, kr, baatinn FROM utleie WHERE baatnr LIKE '%$sok%' or fornavn LIKE '%$sok%' or etternavn LIKE '%$sok%' or tid LIKE '%$sok%' ORDER BY id desc";
$result = $conn-> query($sql);
if ($result-> num_rows > 0) {
while ($row = $result-> fetch_assoc()) {
?>
<tr>
<td><?php echo $row["utleid"]; ?></td>
<td><?php echo $row["inntid"]; ?></td>
<td><?php echo $row["baatnr"]; ?></td>
<td><?php echo $row["fornavn"]; ?></td>
<td><?php echo $row["etternavn"]; ?></td>
<td><?php echo $row["tid"]; ?></td>
<td><?php echo $row["kr"]; ?></td>
<td><form method="post" action="innlevering.php">
<button name="edit" value="1">Edit</button>
</form></td>
</tr>
<?php
}
echo "</table>";
} else {
echo "0 results";
}
$conn-> close();
innlevering.php:
<?php
include_once 'dbconnect.php';
if ($_POST['edit']) {
$conn->query("UPDATE utleie SET baatinn=1");
}
?>
To help your injection problem, parameterize. It would be something like this (I use PDO, so you will want to double check):
/functions/getUtleie.php
function getUtleie($so, $conn)
{
$query = $conn->prepare("SELECT utleid, inntid, baatnr, fornavn, etternavn, tid, kr, baatinn FROM utleie WHERE baatnr LIKE ? or fornavn LIKE ? or etternavn LIKE ? or tid LIKE ? ORDER BY id desc");
$so = "%{$so}%";
$query->bind_param('ssss',$so, $so, $so, $so);
$result = $query->execute();
if($result->num_rows == 0)
return [];
while($row = $result->fetch_assoc()) {
$data[] = $row;
}
return $data;
}
Now, when you go to use it, include the function, then the key on the form is to make the id in a hidden field:
# Fetch the data
$result = getUtleie($so, $conn);
# If there are any results
if(!empty($result)): ?>
<table>
<?php foreach($result as $row): ?>
<tr>
<td><?php echo $row["utleid"] ?></td>
<td><?php echo $row["inntid"] ?></td>
<td><?php echo $row["baatnr"] ?></td>
<td><?php echo $row["fornavn"] ?></td>
<td><?php echo $row["etternavn"] ?></td>
<td><?php echo $row["tid"]; ?></td>
<td><?php echo $row["kr"]; ?></td>
<td>
<form method="post" action="innlevering.php">
<input type="hidden" name="action" value="update_utleie" />
<input type="hidden" name="utleid" value="<?php echo $row["utleid"] ?>" />
<input type="text" name="val" />
<input type="submit" value="Edit" />
</form>
</td>
</tr>
<?php endforeach ?>
</table>
<?php else: ?>
0 results
<?php endif ?>
After you submit the form, you will want to update using a WHERE clause:
<?php
include_once 'dbconnect.php';
# Check to make sure the form was submitted
if(!empty($_POST['action'] && $_POST['action'] == 'update_utleie') {
# Trim these. You should also check they aren't empty (especially the id)
$id = trim($_POST['utleid']);
$value = trim($_POST['val']);
$query = $conn->prepare("UPDATE `utleie` SET `baatinn` = ? WHERE `utleid` = ?");
$query->bind_param('si', $value, $id);
$query->execute();
}
Anyway, I haven't checked these scripts but it should be pretty close. Should at least point you in the right direction.
I have a table named forums with 4 fields: id_forum, title, theme, fk_user.
I have an overview over some elements below:
I would like to click on the element of the theme and recuperate only the pseudo on another page. Is it possible?
Here is my code PHP for the overview
<?php
$bdd = new PDO('mysql:host=localhost;charset=utf8;dbname=exo', 'root', '');
$requestSQL = "SELECT forums.*, users.pseudo
FROM forums INNER JOIN users
ON forums.fk_user=users.id_user
ORDER BY theme ASC";
$stm = $bdd->prepare($requestSQL);
$stm->execute();
?>
<!doctype html>
<html lang="fr">
<head>
<meta charset="utf-8">
<title>Forum</title>
<link rel="stylesheet" href="style.css">
<script src="script.js"></script>
</head>
<body>
<div class="title"><h1>List forum</h1></div>
</div>
<br /><br /><br /><br />
<table id="tab">
<tr>
<th>Id</th>
<th>Title</th>
<th>Theme</th>
<th>Pseudo</th>
</tr>
<?php
while($row = $stm->fetch()){ ?>
<tr>
<td><?php echo $row ['id_forum'];?></td>
<td><?php echo $row ['title'];?></td>
<td><?php echo $row ['theme'];?></td>
<td><?php echo $row['pseudo'];?></td>
</tr>
<?php
}
?>
</table>
</body>
</html>
How to add <a href> on my line <td><?php echo $row ['theme'];?></td> ?
I have tried this
<?php
while($row = $stm->fetch()){ ?>
<tr>
<td><?php echo $row ['id_forum'];?></td>
<td>?php echo $row ['title'];?></td>
<td><?php echo $row ['theme'];?></td>
<td><?php echo $row['pseudo'];?></td>
</tr>
<?php
}
?>
My overview is catastrophic...
I am trying to query a database and display the results. The query is based on information from an html form. However, when I enter a name such as john in the form, for which the table has 2 entries with that name, I get 0 results. I don't know what the problem is.
Here is the html form:
<form action="cust_details_search.php" method="post">
Name :
<input type="text" name="name_search" id="name_search" >
Email :
<input type="email" name="email_search" id ="email_search" >
Phone no. :
<input type="phone" name="phone_search" id="phone_search" >
Address :
<input type="text" name="address_search" id="address_search" >
City :
<input type="text" name="city_search" id="city_search" >
State :
<input type="text" name="state_search" id="state_search" >
<br> <br>
Country :
<input type="text" name="country_search" id="country_search">
Product Enquired for :
<input type="text" name="prod_search" id="prod_search">
<input type="submit" value="Submit">
</form>
And the php file:
<?php
$server = "127.0.0.1";
$dbUsername = "root";
$dbPassword = "";
//create connection
$dbconn = new mysqli($server, $dbUsername, $dbPassword, $dbname);
$name_search = $_POST['name_search'];
$email_search = $_POST['email_search'];
$phone_search = $_POST['phone_search'];
$address_search = $_POST['address_search'];
$city_search = $_POST['city_search'];
$state_search = $_POST['state_search'];
$country_search = $_POST['country_search'];
$prod_search = $_POST['prod_search'];
$run_query = mysqli_query($dbconn,
"SELECT *
FROM CustomerDetails
WHERE (Name LIKE '%.$name_search.%')
OR (`Phone no.` LIKE '%.$phone_search.%')
OR (`Address` LIKE '%.$address_search.%')
OR (`City` LIKE '%.$city_search.%')
OR (`State` LIKE '%.$state_search.%')
OR (`Country` LIKE '%.$country_search.%')
OR (`Product Enq. For` LIKE '%.$prod_search.%')
OR (`Email` LIKE '%.$email_search.%')");
?>
<html>
<head>
<title>Search Resutls</title>
<style>
body {
background-color: rgb(131,41,54);
}
h1 { color:#FFFFFF
}
h2 { color:#FFFFFF
}
p { color:#FFFFFF
}
</style>
</head>
<body>
<center>
<h2> Customer Details </h2>
<table style="width:100%">
<thead>
<tr>
<th>Name</th>
<th>Email</th>
<th>Phone no. </th>
<th>Address </th>
<th>City </th>
<th>State </th>
<th>Country</th>
<th>Product Enquired for </th>
<th>Follow up details </th>
</tr>
</thead>
<tbody>
<?php
while($result = mysqli_fetch_assoc($run_query)) {
?>
<tr>
<td><?php echo $result['Name'] ?> </td>
<td><?php echo $result['Email'] ?></td>
<td><?php echo $result['Phone no.'] ?></td>
<td><?php echo $result['Address'] ?></td>
<td><?php echo $result['City'] ?></td>
<td><?php echo $result['State'] ?></td>
<td><?php echo $result['Country'] ?></td>
<td><?php echo $result['Product Enq. For'] ?></td>
<td><?php echo $result['Follow Up'] ?></td>
</tr>
<?php } ?>
</tbody>
</table>
</center>
</body>
</html>
Any help is appreciated. Thank you in advance!
You are using the PHP concatenator . but you dont need to in a double quoted string. $variables are automatically expanded in a double quoted string so try
$run_query = mysqli_query($dbconn,
"SELECT *
FROM CustomerDetails
WHERE (Name LIKE '%$name_search%')
OR (`Phone no` LIKE '%$phone_search%')
OR (`Address` LIKE '%$address_search%')
OR (`City` LIKE '%$city_search%')
OR (`State` LIKE '%$state_search%')
OR (`Country` LIKE '%$country_search%')
OR (`Product Enq For` LIKE '%$prod_search%')
OR (`Email` LIKE '%$email_search%')");
ALso some of your column names had a . in them? I assume these column names do not actually contain dots. However if the do, I suggest you remove them by editing your schema.
Your script is wide open to SQL Injection Attack
Even if you are escaping inputs, its not safe!
Use prepared parameterized statements in either the MYSQLI_ or PDO API's