Simple PHP Search script help :-)

Databases
1

Hi guys,

I was a user on this forum years ago but it seems my account no longer exists. :frowning:

I just need help with this simple php search script. Seems every time I run the script it spews out everything in my database instead of the criteria I’m looking for in the sql query. Any ideas why? The page is here:

FITBC - Fitness British Columbia > Search

And here’s the code:


<form name="search" method="post" action="<?=$PHP_SELF?>">
Search for: 
<input type="text" name="find" />
 in 
<select NAME="industry">
<option VALUE="Fitness Apparel">Fitness Apparel</option>
<option VALUE="Fitness Equipment">Fitness Equipment</option>
<option VALUE="Health Clubs and Gyms">Health Clubs / Gyms</option>
<option VALUE="Martial Arts">Martial Arts</option>
<option VALUE="Massage Therapy">Massage Therapy</option>
<option VALUE="Nutrition/Supplements">Nutrition / Supplements</option>
<option VALUE="Nutritionists">Nutritionists</option>
<option VALUE="Personal Trainers">Personal Trainers</option>
<option VALUE="Physiotherapy">Physiotherapy</option>
<option VALUE="Schools Education">Schools / Education</option>
<option VALUE="Wellness Centres">Wellness Centres</option>
<option VALUE="Yoga Pilates">Yoga / Pilates</option>
</select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>
<?php 
 
 if ($searching =="yes") 
 { 
 echo "<b>Results</b><br><br>"; 
 
 if ($find == "") 
 { 
 echo "You forgot to enter a search term<br><br>"; 
 exit; 
 } 

 //$find = strtoupper($find); 
 $find = strip_tags($find); 
 $find = trim ($find); 
 
 echo "Your search results for '$find' in '$industry':<br><br>"; 
 
 $result = mysql_query("SELECT * FROM customers WHERE industry='$industry' LIKE'%{$find}%' ORDER BY company"); 


if(mysql_num_rows($result)==0) {
    echo 'I am sorry your search for <span style="font-weight:bold;color:#336699;">'.$find.'</span> returned no results.<br><br>';
	} else {
	while ($row = mysql_fetch_array($result)) {
      echo '<span class="listing">' . $row['company'] . '</span><br>';
      echo 'Phone: ' . $row['phone'] . '<br>';
      echo 'Address: ' . $row['street'] . '<br>';
      echo 'Email: <a href="mailto:'.$row['email'].'">' . $row['email'] . '</a><br>';
	  echo 'Website: <a href="http://'.$row['website'].'" target="_blank">' . $row['website'] . '</a><br><br>';
      echo $row['description'] . '<br><br><hr><br>';	  
    }
}

 }
?>
2

the reason is, your query doesn’t do what you think it does

i’m surprised that WHERE column=value LIKE string even ran

3

Hi r937, thanks for the reply. Maybe you could give me a clue as to what I have done wrong there? :slight_smile:

4

i’m not sure which column you’re trying to search

i know you want industry=‘$industry’ but which column did you want to find {$find} in?

5

I’d like to search for the string $find in all of the rows that have the $industry column. If that makes sense.

6

in which columns?

7

All of the columns and all of the rows, but only the ones in the table that have the word ‘Fitness Apparel’ in the industry column.

8

surely not the numeric columns???

9

I want to be able to find all the rows with in the table with the words ‘Fitness Apparel’ (or whatever was selected) and the string that is stored in $find.

10

No, not the index column.

11 
SELECT something
     , anything
     , just_not_the_dreaded_evil_select_star 
  FROM customers 
 WHERE industry = '$industry' 
   AND (
       somecolumn LIKE '%{$find}%' 
    OR someothercolumn LIKE '%{$find}%' 
    OR anothercolumn LIKE '%{$find}%' 
       )
ORDER 
    BY company
12

Thanks Rudy,

That makes sense. :slight_smile:

I suppose I should be buying a copy of your book eh?

Cheers!