[SOLVED] I want to collect what my users are searching for on my site with a basic form

[jeger003]

I want to collect what my users are searching for on my site with a basic search form. Basically i sell books and i want to be able to log what people are searching for on my site maybe log it into mysql. I have a small search engine on it (in php) and not sure really how i can make it log searches. I would have no problem starting from scratch if you guys can give a few ideas. i would appreciate any help.

 

thanks!

[dezkit]

It's easier than you think - Just insert what the person submited in the form into a database, really not that hard.

[chronister]

I imagine that somewhere in your code, your search function has a $_POST var in there.

 

Find that it will look like $_POST['NameOfSearchField'];

 

Once you have located that piece, then simply add some new code that will take that and place it in a database. If you need assistance, post the code that accepts the search term and does the actual search, we can help from there.

 

Nate

[jeger003]

Hey Guys,

First THANKS SOO MUCH for the reply. Greatly appreciating the help. Here is what i got on the search code. basically the site works from the index.php page. so everything goes through index.php and then it would "include" other php files to work together. if you look at the code below you might understand it. so the code below is whats found on the index.php and you can see that it includes search_class.php

 

include_once("classes/search_class.php");
	$search_the_classifieds = new Search_classifieds($db,$language_id,$user_id,$_REQUEST["c"],$filter_id,$state_filter,$zip_filter,$zip_distance_filter);
	if ($search_the_classifieds->configuration_data->IP_BAN_CHECK) $search_the_classifieds->check_ip($db);
	if($_REQUEST["b"] && $_REQUEST["order"])
	{
		if(!$search_the_classifieds->Search($db, $_REQUEST["b"], $_REQUEST["change"], $_REQUEST["order"]))
		{
			if (!$search_the_classifieds->search_form($db,$_REQUEST["b"]))
				$search_the_classifieds->site_error($db);
		}
	}
	elseif($_REQUEST["b"])
	{
		if(!$search_the_classifieds->Search($db, $_REQUEST["b"], $_REQUEST["change"]))
		{
			if (!$search_the_classifieds->search_form($db,$_REQUEST["b"]))
				$search_the_classifieds->site_error($db);
		}
	}
	else
	{
		if (!$search_the_classifieds->search_form($db, $_REQUEST["b"], $_REQUEST["change"]))
			$search_the_classifieds->site_error($db);
	}
	$db->Close();
	if ($get_execution_time) get_end_time($starttime);
	exit;
	break;

[chronister]

Need to see search_class.php. That is the file where you will need to add the extra code.

 

Post search_class.php and we can help from there.

 

Nate

 

 

[jeger003]

i tried....it says i exceed the 40,000 characters. I did them in parts and one part would be less than a quarter it'll be more than 8 comment boxes so i put them on a free subdomain i use for testing

 

http://microsolutions.net63.net/search_class.html

 

i changed .php to .html and used <p> tags to have the code show up properly. its lined up as it is on my end in dreamweaver.

 

i made attempts to search for "$_POST" nothing came up....i kind of know what your talkin about, about what i need to find......but with all this code its very overwhelming especially since i've no idea what im looking at.

 

 

THANKS AGAIN NATE

 

[jeger003]

if you can think of a way i can post it here please let me know.

[chronister]

I looked through the code, but could not really grasp what all of it was doing. The best I can figure, is that $_REQUEST['C'] is the value your user is searching for.

 

When you open the page in the browser and do view source, what is your fields name there??

 

I am not sure how to integrate it into your existing code, but if you determine the name you can implement another file that will take care of it for you.

 

So give me your fields name and we can go from there.

 

Nate

 

[jeger003]

I went through the source and the code below is whats on it.

 

<table border=0 cellpadding=1 cellspacing=0 width="100%">

              <tr> 
               <td class="search_box_text1">Enter Keywords:</td>
              </tr>
              <tr> 
               <td nowrap> 
               <INPUT type=hidden name=b[search_titles] value=1 >
               <INPUT type=hidden name=b[search_descriptions] value=1 >
               <INPUT name=b[search_text] type="text" size="15" maxlength="80" value="" >
               <INPUT type="submit" name="submit" value="Go">
               </td>

              </tr>
              <tr> 
               <td> </td>
              </tr>
              <tr> 
               <td><a href="index.php?a=19" class="search_box_text2">>> Advanced Search</a></td>
              </tr>
             </table>
            </td>

           </tr>
          </form>
         </table>
        </th>
       </tr>
      </table>
     </th>
    </tr>

 

I also added below another page i found called module_display_search_link.php i know the search is a module which is how the index page is able to show everything......it uses extensions like a=19 so for the search page its /index.php?a=19 the "?a=19" is referred to the search page....and its similar for every other page but with diff extension like "/index.php?a=5&b=184" which is the categories page.....btw its a classified site for selling stuff

 

 

<? //module_display_search_link.php	

//%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
$this->get_css($db,$show_module['page_id']);
$this->get_text($db,$show_module['page_id']);
$this->body = "";

if ($this->site_category)
{	
$category_name = $this->get_category_name($db,$this->site_category);
$this->body .= "<a href=".$this->configuration_data->CLASSIFIEDS_FILE_NAME."?a=19&c=".$this->site_category." class=search_link>".urldecode($this->messages[1470])." ".$category_name->CATEGORY_NAME."</a>";
}
else	
$this->body .= "<a href=".$this->configuration_data->CLASSIFIEDS_FILE_NAME."?a=19 class=search_link>".urldecode($this->messages[1470]).urldecode($this->messages[1469])."</a>";	
?>

 

i'll keep looking for stuff you are talking about that would help you........ive been going through other pages that would need to be used for the search

[chronister]

Create a new page called captureSearch.php. In that page put this....

 

 

captureSearch.php

<?php
if(isset($_POST['b']))
{
   echo 'Search Term: '.$_POST['b']['search_text'];
}
?>

 

This file can actually be named anything you wish, but I figure captureSearch.php is descriptive and lets you know what it does without opening it.

 

At the top of your index page, below the existing include_once, add

 

include_once("path/to/captureSearch.php");

 

Make sure that you use the correct path to the newly created captureSearch.php page.

 

Once you have the new file created, and it is being included in the index page, enter a search term, hit go and see if it displays on the page like we want. If this is a live environment, and there is a possibility that others may see it, then I suggest filtering to only your IP address by using this instead of the above code...

 

<?php
/* change $myIP to your public IP, you can find it by going to www.whatismyip.com */
$myIP = '123.456.789.0123'; 

if(isset($_POST['b']))
{
if($_SERVER['REMOTE_ADDR'] == $myIP)
{
  echo 'Search Term: '.$_POST['b']['search_text'];
}
}
?>

 

The IP filter code is only needed if you wish to protect folks from seeing this for the time being.... if your server is not live, or does not have much traffic, then I would not worry about it.

 

Once you confirm that the search term you entered shows up on the page as

Search Term: XXXX

then you can move to the next part.

 

Nate

[jeger003]

ok i did like you said and it didnt effect the code....as in it didn't have any errors or anything......search still works like it did before.....now im not sure if im supposed to see anything different cause i dont.

 

 

thanks Nate!

[jeger003]

i take that back.........i just did a search in the Advanced Search and it does show "Search Term:(and what i searched for)" in the upper left corner of the site....it also works on the regular search.........im sorry i didnt see it the first time i must've scrolled down to quick.

 

 

Thanks Nate!

[chronister]

So now you can take that newly created page and use it to "intercept" what folks are searching for. Just code that out to write to a db or do whatever it is you want with that data.

 

Nate

[jeger003]

hey thanks sooo much i can't believe you did

 

i tried to make it store it here is what i have so far.....does this look right?

 

<?php

include 'dbconfig.php';


if(isset($_POST['b']))
{
   echo 'Search Term: '.$_POST['b']['search_text'];
}


$search_text=$_POST['search_text'];

$query="INSERT INTO searched (text) VALUES ('$search_text')";

?>

[jeger003]

i got it.......it stores whats searched into a mysql db.....last thing i dont know how to do is to hide the out of "Search Term:" so that it doesnt show up is that possible?

 

<?php

include 'dbconfig.php';


if(isset($_POST['b']))
{
   echo 'Search Term: '.$_POST['b']['search_text'];
}


$search_text=$_POST['b']['search_text'];

mysql_query("INSERT INTO searched (text) VALUES ('$search_text')");

?>

[chronister]

<?php

include 'dbconfig.php';


if(isset($_POST['b']))
{
  // you only want this query to run when the field is posted 
$search_text=$_POST['b']['search_text'];

mysql_query("INSERT INTO searched (text) VALUES ('$search_text')");
}

?>

 

Try that and see what you get.

[jeger003]

Nate Thank YOU SO SO SO  MUCH!

 

you were exactly right......it would collect empty search if the page was refreshed....and it doesnt display the search in the corner anymore

 

 

Thanks again Nate!

[Prismatic]

<?php

include 'dbconfig.php';


if(isset($_POST['b']))
{
   if($_POST['b']['search_text'])
   {
       $cleanText = mysql_real_escape_string($_POST['b']['search_text']);
       mysql_query("INSERT INTO searched (text) VALUES ('{$cleanText}')");   
   }
}

?>

 

You were open to injection taking the form data directly into the DB

[jeger003]

Thank You Prismatic,

I put in the code but now it doesnt log the searches. doesn't give any errors either. im not sure what injections are but they dont sound very safe........i get alot of visitors from africa and europe (Scammers) so i would like to get this working for the safety of the site.

 

i would appreciate if you could explain injections a little

 

 

Thanks Again!

[chronister]

<?php
ini_set('error_reporting', E_ALL); // add this line to see if it shows any errors
include 'dbconfig.php';


if(isset($_POST['b']))
{
   if($_POST['b']['search_text'])
   {
       $cleanText = mysql_real_escape_string($_POST['b']['search_text']);
       mysql_query("INSERT INTO searched (text) VALUES ('{$cleanText}')");   
   }
}

?>

 

See what you get with that.

[jeger003]

It works!!

 

i dont know what i did, if anything at all....but i put the code in with the "ini_set('error_reporting', E_ALL);" and it gave me "notices," none said errors, none had to do with the search codes either......i then removed the "ini_set('error_reporting', E_ALL);" tried it and it worked

 

these are the notices it gave

 

Notice: Undefined variable: persistent_connections in....(the location)

 

Notice: Undefined index: set_language_cookie in....(the location)

 

Notice: Undefined property:

 

should i be worried about these?

 

Thank You guys again for the time you are putting into this!! you have no idea how great full i am.

[chronister]

Good, glad it it working for ya. I ignore the undefined indexes. I believe that it means that variables are not "initialized" before they are set/declared.

 

This would produce an undefined index.

 

$thisVar = 'bob';

 

So when I need to use that line, I typically do this...

 

ini_set('error_reporting', E_ALL ^ E_NOTICE); 

 

It shows all errors minus notices.

 

Glad to help..

 

Nate

[xtopolis]

I wouldn't ignore the notices... they are easy enough to fix, even if it means declaring $val = ''; at the top.  Code it properly !

[jeger003]

I went through the notices.......and couldnt make much of it.......they are all from my index.php page

 

these are a few things its pointing to

 

$cookie_debug = 0; it says Notice: Undefined variable: persistent_connections

 

Notice: Undefined variable: auth in (looked at this and its a blank line)

 

I wanted to do one last thing......i want to make it so it doesnt collect/store searches from my ip....so i know its not me searching...i know i start off with the code below.....the one you gave nate

 

<?php
/* change $myIP to your public IP, you can find it by going to www.whatismyip.com */
$myIP = '123.456.789.0123'; 

if(isset($_POST['b']))
{
   if($_SERVER['REMOTE_ADDR'] == $myIP)
   {
     echo 'Search Term: '.$_POST['b']['search_text'];
//i tried to put the two together, the other code with "mysql_real_escape_string" and this one but no luck..
//i tried looking at how i can make it deny my IP

   }
}
?>

 

but not sure where to go from here

i hope it makes sense

 

 

 

 

[chronister]

<?php
ini_set('error_reporting', E_ALL); // add this line to see if it shows any errors
include 'dbconfig.php';

if(isset($_POST['b']['search_text']))
{
/* change $myIP to your public IP, you can find it by going to www.whatismyip.com */
$myIP = '123.456.789.0123';
if($_SERVER['REMOTE_ADDR'] != $myIP) // if remote address NOT EQUAL to $myIP then track the search term.
{
	 $cleanText = mysql_real_escape_string($_POST['b']['search_text']);
	 mysql_query("INSERT INTO searched (text) VALUES ('$cleanText')");   
}
}

?>

 

Keep in mind, that your IP address most likely changes. If you have a DSL connection, it will probably change once every few weeks or so. If you have a cable connection it probably changes once every couple months or so. This will depend on your ISP though. Most ISP's charge extra for a static IP, so you may need to update this every once in a while.