St-evo Posted June 9, 2008 Share Posted June 9, 2008 Hi all, I wont lie to you my PHP skills are poor, and because my company sent me on a SQL course they think I know everything, now they have lumped me with a 4 year old script to update and Im really confused. Basically the past scripter was brilliant but he couldnt spell to save his life, so nows he's gone they want to make it more user friendly so you can find the data easily. This is his current code <?php //check some stuff and put in defaults if not set. if(!isset($order)) $order="ChemName"; //if no sort order, sets it to chemname //if(!isset($offset)) $offset=0; //if no offeset sets it to first. if(!isset($sort)) $sort="ASC"; //if not set the sort ascending. $find=$_POST['find']; mysql_select_db($database_chem, $chem); $query_chm = "SELECT DISTINCT(main.ChemID), quant.Quantity, chem.ChemName FROM chem, quant, main WHERE chem.ChemID=main.ChemID AND main.QuaID=quant.QuaID AND MATCH(chem.ChemName) AGAINST ('$find') ORDER BY $order $sort"; $chm = mysql_query($query_chm, $chem) or die(mysql_error()); $row_chm = mysql_fetch_assoc($chm); $totalRows_chm = mysql_num_rows($chm); ?> The problem with this is that the item spelling needs to be 100% correct, what would I need to change so its "like" instead of "match" I have some ideas, but not 100% sure. If you can help thank you very much if not then not to worry Link to comment https://forums.phpfreaks.com/topic/109369-search-problems/ Share on other sites More sharing options...
phpzone Posted June 9, 2008 Share Posted June 9, 2008 The answer is more or less in your question: $query_chm = "SELECT DISTINCT(main.ChemID), quant.Quantity, chem.ChemName FROM chem, quant, main WHERE chem.ChemID=main.ChemID AND main.QuaID=quant.QuaID AND chem.ChemName LIKE '%$find%' ORDER BY $order $sort"; However, there is a small problem, make sure you use mysql_real_escape_string on $find before you query. If GPC magic quotes are on on your server it may already be being escaped with slashes for security, however don't rely on this, read up on magic quotes. Newer version of PHP do not have magic quotes turned on by default. If it's not already escaping with magic quotes, then its a security flaw. Link to comment https://forums.phpfreaks.com/topic/109369-search-problems/#findComment-560978 Share on other sites More sharing options...
St-evo Posted June 9, 2008 Author Share Posted June 9, 2008 Cheers, doesnt seem to like it now. I have made sure everything is still working around the actual site (connections and includes) but no matter what I type in now it just comes up with Sorry your search returned no results. Currently looking around some of the bits, should be able to find a problem soon Link to comment https://forums.phpfreaks.com/topic/109369-search-problems/#findComment-560989 Share on other sites More sharing options...
St-evo Posted June 11, 2008 Author Share Posted June 11, 2008 Fixed the problem now, the original web designer forgot something out of the old script which stopped it from working. Tested with the update and its working cheers for the help Link to comment https://forums.phpfreaks.com/topic/109369-search-problems/#findComment-562971 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.