I'm using fulltext in my search bar on my website. The code looks like this,
search.php
<form method="post" action="search.php">
<input type="text" name="search" />
<input type="submit" />
</form>
<?php
include("config.php");
$search = mysql_real_escape_string($_POST['search']);
echo $search;
$data = mysql_query("SELECT * FROM shop
WHERE MATCH (name,description,keywords) AGAINST ('$search' IN BOOLEAN MODE);") or die(mysql_error());
while ($info = mysql_fetch_assoc($data)) {
$name = stripslashes($info['name']);
$desc = stripslashes($info['description']);
Print "<h3>".$name.": <font color=\"#cd0000\">".$desc."</font></h3><br>";
}
?>
And this works completely fine...for the most part. In my database, one of the rows under the description column reads: "1. Never run mysqld as root"
When I search "Never" or "Never run" into the search bar (without quotes obviously) This result does not show up. However, if I search "Never run mysqld" or just "mysqld" then this result shows up. Any idea why not all the words trigger the result?
'never' is in the fulltext stopword list
'run' is less then the default ft_min_word_len=4 characters
Related
I'm making a search engine for my gallery website. I have the following code but it's only showing 1 result when there are 6 to be had:
<form action="?" method="get" id="form_search" name="search" class="search_form">
<input type="text" name="search_details" id="search_field"/><input type="submit" value="Search" name="search_field" form="form_search">
</form>
<?php
$tags = '%'.$_GET['search_details'].'%';
$stmt = $mysqli->prepare("SELECT rowid, tags FROM " . $username . " WHERE
tags LIKE ? AND sort=?");
$stmt->bind_param("si", $tags, $sort);
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc())
{
$arr[] = $row;
}
$stmt->close();
?>
The search engine seems to 'almost' work.
The 6 to be had each have the word "Downloads" in their tag records. The tags themselves are separated by commas only. But the search engine only seems to display 1 record. Also whilst searching another term, it displays 24 of 26 records. I'm assuming there's something wrong with the wildcard statement.
There's a foreach loop that follows in my code so the problem is different from the problem posted on this page: php search engine script
How do I get the correct number of records to be displayed?
Thanks in advance.
I am trying to make simple search engine. My problem is every code I am trying is bringing me same result "Found 0 results." My database is populated and when I put my SQL query into it, it gives me back result I look for.
I tried this code as well from stackoverflow php search engine script that did bring back 1 result for person asking that question and all I am getting is message "Sorry, there are no matching result". To write this code I followed youtube tutorial by phpacademy step by step and again same thing happened. I read all the comments under the tutorial to see if anyone came across same problem but it did work fine for everyone. I have no idea what I am doing wrong and would really appreciate if someone could help me.
That is form from my html file:
<body>
<form action="eatsearch.php" method="get">
<label>
Search
<input type="text" name="keywords" placeholder = "Type to search..">
</label>
<input type="submit" value="Search">
and this is my php:
<?php
require_once('config.php');
if(isset($_GET['keywords'])) {
$keywords = $connect->escape_string($_GET['keywords']);
$query = $connect->query("SELECT rname, tel, url, food
FROM general WHERE food LIKE '%{keywords}%'");
?>
<div class="result-count">
Found <?php echo $query->num_rows; ?> results.
</div>
<?php
if($query->num_rows) {
while($result = $query->fetch_object()) {
?>
<div class = "result">
<?php echo $result->rname;?>
</div>
<?php
}
}
}
?>
Keywords without $?
Put a $keywords
Your error is here:
$query = $connect->query("SELECT rname, tel, url, food FROM general WHERE food LIKE '%{keywords}%'");
It should be:
$query = $connect->query("SELECT rname, tel, url, food
FROM general WHERE food LIKE '%{$keywords}%'");
You forgot your $ sign in front of the keywords variable.
This seems to be a common question as I have seen plenty of similar questions.
however, none of the answers actually pointing out how to do the selecting from mysql database and this is my issue as the moment.
basically I have a table which I store the search data in it.
it looks like this:
id blond darkHair busty curvy
---------------------------------------------------
1 blond busty
2 dark hair busty curvy
3 blond curvy
4 blond curvy
and I have a form with checkboxes like so:
<form action="search.php" method="post">
<input name="keyword[]" type="checkbox" value="blond" />
<input name="keyword[]" type="checkbox" value="dark hair" />
<input name="keyword[]" type="checkbox" value="busty" />
<input name="keyword[]" type="checkbox" value="curvy" />
</form>
and the PHP codes like this:
if(isset($_POST['keyword']))
{
$keyword = $_POST['keyword'];
foreach ($_POST['keyword'] as $keyword) {
$keywordarray[] = mysqli_real_escape_string($conx, $keyword);
}
$keywords = implode (",", $keywordarray);
$sql = "SELECT * FROM girlsStaff
WHERE (`blond` LIKE '%".$keyword."%') OR (`darkHair` LIKE '%".$keyword."%') OR (`busty` LIKE '%".$keyword."%') OR (`thin` LIKE '%".$keyword."%')" or die();
$query = mysqli_query($conx, $sql);
Now, apart from converting this code to PDO or prepared statement, there is another issue which I don't understand!
it doesn't matter how many chechboxes i select... it always returns the result for last checked/selected checkbox value from mysql database....
is there something that I am missing?
i also, did echo $keywords at the top of my page to see whats being sent to the page and I get the value of all the selected/checked boxes being sent correctly.. so I know the issue is not there.
any help or advice would be appreciated.
You require to build query dynamically.
<?php
$clause = " WHERE ";//Initial clause
$sql="SELECT * FROM `girlsStaff` ";//Query stub
if(isset($_POST['submit'])){
if(isset($_POST['keyword'])){
foreach($_POST['keyword'] as $c){
if(!empty($c)){
$sql .= $clause."`".$c."` LIKE '%{$c}%'";
$clause = " OR ";//Change to OR after 1st WHERE
}
}
}
echo $sql;//Remove after testing
}
?>
<form method="POST" action="#">
<form action="search.php" method="post">
Blond: <input name="keyword[]" type="checkbox" value="blond" />
Dark Hair: <input name="keyword[]" type="checkbox" value="dark hair" />
Busty : <input name="keyword[]" type="checkbox" value="busty" />
Curvy; <input name="keyword[]" type="checkbox" value="curvy" />
<input type="submit" name="submit" value="Submit">
</form>
Sample queries
2 check boxes filled
SELECT * FROM `girlsStaff` WHERE `dark hair` LIKE '%dark hair%' OR `curvy` LIKE '%curvy%'
4 filled
SELECT * FROM `girlsStaff` WHERE `blond` LIKE '%blond%' OR `dark hair` LIKE '%dark hair%' OR `busty` LIKE '%busty%' OR `curvy` LIKE '%curvy%'
I think that small change from $keyword to $keywords will solve your problem :)
Now you are looking for items like your last value from $_POST['keyword'] array.
This line:
$sql = "SELECT * FROM girlsStaff WHERE (`blond` LIKE '%".$keyword."%') OR (`darkHair` LIKE '%".$keyword."%') OR (`busty` LIKE '%".$keyword."%') OR (`thin` LIKE '%".$keyword."%')" or die();
You should also use IN instead of LIKE if you have list aaa, bbb, ccc...., but then you will look for elements that have exactly same string in those fields.
After change to $keywords you will have:
... WHERE (`blond` LIKE '%".$keywords."%')
will also not work due to it will mean:
... WHERE (`blond` LIKE '%aaa,bbb,ccc%')
If you want to use like (if fields in DB only contain strings from array) then I suggest to build your query in foreach loop. Example:
$sql = "SELECT * FROM girlsStaff WHERE ".
foreach ($_POST['keyword'] as $keyword) {
$sql .= "(`blond` LIKE '%".$keyword."%') OR ";
}
//and here cut last four character " OR " part that will be unusefull
Typos:
$keywords = implode (",", $keywordarray);
^--- with an S
WHERE (`blond` LIKE '%".$keyword."%')
^--- without an S
You're stuffing in your original $_POST['keyword'] array. An array in string context is the literal word Array, so your query is actually executing as
WHERE (`blond` LIKE '%Array%')
I have written an sqlite full text search which i am doing something wrong. If i type in my search "Puma Adidas" i want to search both words in the column MAKE.
At the moment it will only display one word if it exactly matches the search word. I just cannot figure out what i have missed, could i have some assistance please?
Thanks
HTML:
<form action="search.php" method="get">
Search: <input type="text" name="SEARCH">
<input type="submit" class="btn btn-default">
</form>
PHP:
$search_string = $_GET['SEARCH'];
$result = $db->query("SELECT * FROM PRODUCTS WHERE MAKE IN('$search_string') AND VISIBLE='YES' ORDER BY DATE DESC");
I did change the PHP code to this:
$result = $db->query("SELECT * FROM PRODUCTS WHERE MAKE LIKE ('%$search_string%') AND VISIBLE='YES' ORDER BY DATE DESC");
But it still does not work unfortunately, same issue.
Try using LIKE, not IN. IN is used for a different purpose.
$search_string = $_GET['SEARCH'];
$result = $db->query("SELECT * FROM PRODUCTS WHERE MAKE LIKE '$search_string') AND VISIBLE='YES' ORDER BY DATE DESC");
Check the syntax for the LIKE statement; you'll need to surround your search string with percent signs if you want to search the entire field for the search term.
I really would like some help on this as I'm pulling hair out!!!
I have two fields, one being an input box & the other being a drop down list which search the database and display the results, however I cannot seem to figure it out...here is what I have so far...
This is the actual search form:
<form id="myform" name="myform" action="<?php echo $_SERVER['PHP_SELF']?>" method="get"><br />
<div class="T1"><br /><p></div> <input name="term" type="text" value="<? php echo $_GET['searched']; ?>" size="10" maxlength="4" placeholder="e.g. BS1"/>
<select>
<option value="">I feel like...</option>
<option value="">Anything</option>
<option value="Indian">Indian</option>
<option value="Chinese">Chinese</option>
<option value="Thai">Thai</option>
</select>
<input type="submit" name="submit" value="Go"/>
</form>
And this is the PHP code:
<?php
if (isset($_GET['submit'])){
mysql_connect ("host", "user","password") or die (mysql_error());
mysql_select_db ("database");
$term = $_GET['term'];
$term = $_GET['option value'];
}
else
$sql = mysql_query("select pagetitle from Restaurant where extra like '%$term%' and showing like '1'");
$sql = mysql_query("select cuisine from Restaurant where cuisine like 'option value' and showing like '1'");
echo Restaurants in $term and Cuisine $option value:";
}
while ($row = #mysql_fetch_array($sql)){
echo ''.$row['pagetitle'];
echo '<br/>';
}
}
?>
The database has a table called Restaurant with two coloumns, one called 'Extra' which contains the postcode & the other called 'Cuisine' which containts the cuisine.
I would like it to return a list of restaurants that match both 'Extra' and 'Cuisine'
Any help will be greatly appretiated.
Echoing $_SERVER['PHP_SELF'] or $_GET['searched'] anywhere in your script (even in the form action) will open your site up to XSS attacks. Do not do this unless you sanitize them first.
For all new projects, it is recommended to use prepared statements for mysql queries. You can do this with either mysqli or PDO. Your code is just asking for SQL injection by the looks of what you are trying to do.
You are missing a bracket in your code and you have some extra ones at the end. Also after echo you're missing a quotation mark. I'm not sure what's going on there. Try to get those fixed.
What is with the # before mysql_fetch_array() ? There are really very few cases where # should ever be used in PHP. It is usually an indicator that there is some sort of error somewhere in your code that should be fixed instead of suppressed.
Your needs a name attribute if you want to be able to use it in PHP.
In your SQL query, you should not be using LIKE when you should be using equals. Also, you should not quote integers.
Why are you echoing an empty string like echo ''.$somevar; ? Just echo the variable.
I'm not sure what "showing" is for but I assume is a record that can be displayed. The first thing to do is update your query:
$sql = mysql_query("select pagetitle, cuisine from Restaurant where (extra like '%$term%') and (showing like '1') and (cuisine like 'option value')");
You also need to check if the user did not enter an option or selected 'anything' in which case the query needs to be changed a little:
$sql = mysql_query("select pagetitle, cuisine from Restaurant where (extra like '%$term%') and (showing like '1') and (cuisine like 'option value' or 'option value' = '')");