eventide7

Now THAT I know how to write (CSS I mean). Thank you, Jacques!

I currently have 18 websites opened on my desktop. Light reading for you is heavy duty for me. As I've stated, I don't understand much of php. It's Greek to me. I've been trying for several years in my spare time. I keep finding that when I think I have something down it's become "deprecated" or I'm using it incorrectly. This php search page is totally different from the way I've been doing it using a simple query. I am trying as hard as I can to understand the syntax.

Jacques1, I added the information you provided. It ended up making my output lose the breaks between the lines. i tried adding them in by rewriting echo html_escape($song['artist'].' - '.$song['title'].'<br>', 'UTF-8'); which ended up printing the <br> in my output and didn't separate the lines, and I tried adding echo '<br>'; after that statement, but it did not separate the lines either. Here's my output with the html escape (searching for "ain't country"): David Allan Coe - If That Ain't CountryTravis Tritt - Country Ain't Country

I will have your babies. I mean THANK YOU! I am so happy!

My server says my MySQL version is 5.5.44. It doesn't give me the option to update that. However, I did change my passwords and updated the script accordingly. Now upon loading the page I see this: array(2) { ["artist"]=> string(20) "? And The Mysterians" ["title"]=> string( "96 Tears" } array(2) { ["artist"]=> string( "10 Years" ["title"]=> string(16) "Through The Iris" } array(2) { ["artist"]=> string( "10 Years" ["title"]=> string(9) "Wasteland" } array(2) { ["artist"]=> string(14) "10,000 Maniacs" ["title"]=> string(17) "Because The Night" } array(2) { ["artist"]=> string(14) "10,000 Maniacs" ["title"]=> string(21) "Candy Everybody Wants" } array(2) { ["artist"]=> string(14) "10,000 Maniacs" ["title"]=> string(14) "More Than This" } array(2) { ["artist"]=> string(14) "10,000 Maniacs" ["title"]=> string(14) "These Are Days" } ...which I am assuming is the result of: foreach ($songStmt as $song) { var_dump($song); } I appreciate your help, everyone. I'm off to figure out how to understand my new output so I can format it. If you have a direction to send this puppy, please note it here. Your patience with me has been commendable. Many thanks.

Current error on loading the page: Warning: PDO::__construct(): The server requested authentication method unknown to the client [mysql_old_password] in /hermes/bosweb26d/b43/ipg.poetskaraokecom/sample2.php on line 42 Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY000] [2054] The server requested authentication method unknown to the client' in /hermes/bosweb26d/b43/ipg.poetskaraokecom/sample2.php:42 Stack trace: #0 /hermes/bosweb26d/b43/ipg.poetskaraokecom/sample2.php(42): PDO->__construct('mysql:host=p***...', '****', '****', Array) #1 {main} thrown in /hermes/bosweb26d/b43/ipg.poetskaraokecom/sample2.php on line 42 From this code: /* * Set up the database connection * - the character encoding *must* be defined in the DSN string, not with a SET NAMES query * - be sure to turn off "emulated prepared statements" to prevent SQL injection attacks * - turn on exceptions so that you don't have to manually check for errors */ $dSN = 'mysql:host='.DB_HOST.';dbname='.DB_NAME.';charset='.DB_CHARSET; $databaseConnection = new PDO($dSN, DB_USER, DB_PASSWORD, [ PDO::ATTR_EMULATE_PREPARES => false, // activate real prepared statements PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, // activate exceptions PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, // fetch associative arrays by default (this isn't critical) ]); $songStmt = $databaseConnection->prepare(' SELECT artist, title FROM songs WHERE artist LIKE :search OR title LIKE :search LIMIT 100 '); $songStmt->execute([ 'search' => "%{$_POST['search']}%", 'search' => "%{$_POST['search']}%", ]); foreach ($songStmt as $song) { var_dump($song); } // Display search result if (!$song->rowCount() == 0) { echo "Search found :<br/>"; echo "<table style=\"font-family:arial;color:#333333;\">"; echo "<tr><td style=\"border-style:solid;border-width:1px;border-color:#98bf21;background:#98bf21;\">Artist</td><td style=\"border-style:solid;border-width:1px;border-color:#98bf21;background:#98bf21;\">Title</td></tr>"; while ($results = $song->fetch()) { echo "<tr><td style=\"border-style:solid;border-width:1px;border-color:#98bf21;\">"; echo $results['artist']; echo "</td><td style=\"border-style:solid;border-width:1px;border-color:#98bf21;\">"; echo $results['title']; echo "</td></tr>"; } echo "</table>"; } else { echo 'Your search for <b><i>' .$search . '</b></i> returned no results. <br>Please try your search again using fewer terms.'; } ?>

Woo hoo! I changed to PHP5.6, and it looks like the form at least is working. I'll play with it some and see if I can get it to return search results in a coherent manner (right now it shows nothing but the search box) and get back to you. Thanks!

$databaseConnection = new PDO($dSN, DB_USER, DB_PASSWORD, array ( PDO::ATTR_EMULATE_PREPARES => false, // activate real prepared statements PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, // activate exceptions PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, // fetch associative arrays by default (this isn't critical) ) now give me this error: Parse error: syntax error, unexpected T_VARIABLE in /hermes/bosweb26d/b43/ipg.poetskaraokecom/sample2.php on line 44 iPage gives me the option to update to PHP version 5.5. or 5.6. This is my only php-dependent page on my site. Are there repercussions for changing the version on my server, or is the process pretty automatic if I tell it to change to 5.6?

I had already replaced const DB_HOST = 'localhost'; const DB_USER = '...'; const DB_PASSWORD = '...'; const DB_NAME = '...'; const DB_CHARSET = 'UTF8'; with my information for logging on to the read-only song database. My php version is 5.3.

Okay, I got the error reporting to display. It says, "Parse error: syntax error, unexpected '[' in /hermes/bosweb26d/b43/ipg.poetskaraokecom/sample2.php on line 38." That line starts here: $databaseConnection = new PDO($dSN, DB_USER, DB_PASSWORD, [ PDO::ATTR_EMULATE_PREPARES => false, // activate real prepared statements PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, // activate exceptions PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, // fetch associative arrays by default (this isn't critical) ]);

First of all, I really appreciate you all taking the time to try to help me. I don't speak the same language you do, but you've been very kind to offer explanations for 'whys' and 'hows', and I'm doing my best to understand. Of course, I have more questions: 1) I have the database connection set to a user profile that is read-only. Is this not enough to prevent SQL injections? 2) I rewrote the code to match what Jacques posted, but got a 500 Internal Server Error. I then tried changing the $_POST['search'] to $_POST['%search%'], and the error remained. If I'm too newb for this, let me know. I have a generally decent grasp of html and css, but php is like Chinese to me. For some reason I just haven't been able to wrap my head around it.

I have a table of "artist" and "title" data for songs. When a user enters any search term that contains an apostrophe ("ain't" for example) it returns no text, not even the message that no matches were found. What am I doing wrong (and please use simple terms that an old technology-challenged lady can understand). Any assistance is appreciated. $pdo = new PDO("mysql:host=$host;dbname=$database_name", $user, $password, array( PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION )); // Search from MySQL database table $search=$_POST['search']; $query = $pdo->prepare("select * from songs where artist LIKE '%$search%' OR title LIKE '%$search%' LIMIT 0 , 100"); $query->bindValue(1, "%$search%", PDO::PARAM_STR); $query->execute(); // Display search result if (!$query->rowCount() == 0) { echo "Search found :<br/>"; echo "<table>"; echo "<tr><td>Artist</td><td>Title</td></tr>"; while ($results = $query->fetch()) { echo "<tr><td>"; echo $results['artist']; echo "</td><td>"; echo $results['title']; echo "</td></tr>"; } echo "</table>"; } else { echo 'Your search for <b><i>' .$search . '</b></i> returned no results. <br>Please try your search again using fewer terms.'; }

Thank you. I'll do that. I've been taking bits of code from tutorials online, so I'm sure much of what I find is outdated. I'm an old dog, so I'm slower at learning new tricks, but I still like to try.

Oh! I forgot to add that my server's MySQL version is 5.0.91

I apologize in advance for my utter noobness. I've been learning php in bits and pieces. My database structure: 3 fields only, the relevant ones being "artist" and "title" I made a search page (POETS Karaoke songs) that searches correctly, but only if the user inputs partial or complete words in the correct order, and the words only appear in one of the two fields. I wanted to make it possible to find artist/title combination when multiple or partial words are input in any order. I did something wrong, in that my new coding returns the database regardless of the search terms. This broken page is here. <form name="search" method="post" action="<?=$PHP_SELF?>"> <span> <input type="text" name="find" /> <input type="hidden" name="searching" value="yes" /> <input type="submit" name="search" value="Search" /> </span> </form> <? //This is only displayed if they have submitted the form if ($searching =="yes") { echo "<br><b>You searched for: " .$find; echo "<hr>"; //If they did not enter a search term we give them an error if ($find == "") { echo "<p>No search term entered. Please go back to the previous page and try again."; exit; } // Begin Search $searchQuery = ''; // search query is empty by default $searchCondition = "(artist LIKE '%%' OR title LIKE '%%')"; $searchFieldName = 'artist'; // name of the field to be searched $searchFieldName2 = 'title'; if(isset($find['text'])) { // check if a query was submitted $searchQuery = trim($find['text']); // getting rid of unnecessary white space $searchTerms = explode(" ", $searchQuery); // Split the words $searchCondition = "($searchFieldName LIKE '%" . implode("%' OR $searchFieldName LIKE '%", $searchTerms) . "%')"; // Forming the condition for the sql $searchCondition .= " OR ($searchFieldName2 LIKE '%" . implode("%' OR $searchFieldName2 LIKE '%", $searchTerms) . "%')"; } // End Search $sql = "SELECT * FROM songs WHERE $searchCondition;"; // the rest is just database connection and retrieving the results $dblink = mysql_connect("poetskaraokecom.ipagemysql.com", "poets", "guest"); mysql_select_db("poets_songs", $dblink); $result = mysql_query($sql, $dblink); echo "<ol>"; // Capture the result in an array, and loop through the array while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { printf("<li>%s<font color='grey'> ... </font><i>%s</i></li>", $row[artist], $row[title]); } echo "</ol>"; //This counts the number or results - and if there wasn't any it gives them a little message explaining that $anymatches=mysql_num_rows($result); if ($anymatches == 0) { echo "No entries matched your query<br><br>"; } } ?> I haven't been able to determine whether my error is in my query of the database, or if it's in the return of the results. Any help would be much appreciated. Thanks, Cindy