Simple PHP Search script help :-)

Hi guys,

I was a user on this forum years ago but it seems my account no longer exists. :frowning:

I just need help with this simple php search script. Seems every time I run the script it spews out everything in my database instead of the criteria I’m looking for in the sql query. Any ideas why? The page is here:

FITBC - Fitness British Columbia > Search

And here’s the code:


<form name="search" method="post" action="<?=$PHP_SELF?>">
Search for: 
<input type="text" name="find" />
 in 
<select NAME="industry">
<option VALUE="Fitness Apparel">Fitness Apparel</option>
<option VALUE="Fitness Equipment">Fitness Equipment</option>
<option VALUE="Health Clubs and Gyms">Health Clubs / Gyms</option>
<option VALUE="Martial Arts">Martial Arts</option>
<option VALUE="Massage Therapy">Massage Therapy</option>
<option VALUE="Nutrition/Supplements">Nutrition / Supplements</option>
<option VALUE="Nutritionists">Nutritionists</option>
<option VALUE="Personal Trainers">Personal Trainers</option>
<option VALUE="Physiotherapy">Physiotherapy</option>
<option VALUE="Schools Education">Schools / Education</option>
<option VALUE="Wellness Centres">Wellness Centres</option>
<option VALUE="Yoga Pilates">Yoga / Pilates</option>
</select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>
<?php 
 
 if ($searching =="yes") 
 { 
 echo "<b>Results</b><br><br>"; 
 
 if ($find == "") 
 { 
 echo "You forgot to enter a search term<br><br>"; 
 exit; 
 } 

 //$find = strtoupper($find); 
 $find = strip_tags($find); 
 $find = trim ($find); 
 
 echo "Your search results for '$find' in '$industry':<br><br>"; 
 
 $result = mysql_query("SELECT * FROM customers WHERE industry='$industry' LIKE'%{$find}%' ORDER BY company"); 


if(mysql_num_rows($result)==0) {
    echo 'I am sorry your search for <span style="font-weight:bold;color:#336699;">'.$find.'</span> returned no results.<br><br>';
	} else {
	while ($row = mysql_fetch_array($result)) {
      echo '<span class="listing">' . $row['company'] . '</span><br>';
      echo 'Phone: ' . $row['phone'] . '<br>';
      echo 'Address: ' . $row['street'] . '<br>';
      echo 'Email: <a href="mailto:'.$row['email'].'">' . $row['email'] . '</a><br>';
	  echo 'Website: <a href="http://'.$row['website'].'" target="_blank">' . $row['website'] . '</a><br><br>';
      echo $row['description'] . '<br><br><hr><br>';	  
    }
}

 }
?>

the reason is, your query doesn’t do what you think it does

i’m surprised that WHERE column=value LIKE string even ran

Hi r937, thanks for the reply. Maybe you could give me a clue as to what I have done wrong there? :slight_smile:

i’m not sure which column you’re trying to search

i know you want industry=‘$industry’ but which column did you want to find {$find} in?

I’d like to search for the string $find in all of the rows that have the $industry column. If that makes sense.

in which columns?

All of the columns and all of the rows, but only the ones in the table that have the word ‘Fitness Apparel’ in the industry column.

surely not the numeric columns???

I want to be able to find all the rows with in the table with the words ‘Fitness Apparel’ (or whatever was selected) and the string that is stored in $find.

No, not the index column.

SELECT something
     , anything
     , just_not_the_dreaded_evil_select_star 
  FROM customers 
 WHERE industry = '$industry' 
   AND (
       somecolumn LIKE '%{$find}%' 
    OR someothercolumn LIKE '%{$find}%' 
    OR anothercolumn LIKE '%{$find}%' 
       )
ORDER 
    BY company  

Thanks Rudy,

That makes sense. :slight_smile:

I suppose I should be buying a copy of your book eh?

Cheers!