Sweeney Posted March 24, 2009 Share Posted March 24, 2009 I am currently trying to write a script that will search two columns in my table "video" here is the code. <?php $phrase = array_key_exists('phrase', @$_POST) ? trim(stripslashes(strip_tags(@$_POST['phrase']))) : ''; if(empty($phrase)){ echo "\n".'<p>You need to put in actual words.</p>'; }else{ // SQL injection prevention (double quote mark is allowed here but should probably be disallowed) $phrase = strtr($phrase, ',/\*&()$%^@~`?;', ' '); $phrase = trim($phrase); $phrase = str_replace('#180', '', $phrase); echo "\n".'<p>Searching for <i>'.htmlspecialchars($phrase).'</i>... </p>'; $key = 'text_index'; // Beware of the re-definition of $s in this query. $phrase = html_entity_decode($phrase, ENT_QUOTES); if(!($res = @mysql_query( 'SELECT `page_id` AS s, `link` AS c, `vid_title`, `vid_desc`, `hidden` FROM `'.$opts['videos'].'` WHERE `hidden` <> "1" AND MATCH(`vid_title`, `vid_desc`) AGAINST ("'.$phrase.'") LIMIT 10' ))){ echo "\n".'<p>No match for: <i class="red">'.$phrase.'</i></p>'; }else{ if(@mysql_num_rows($res) == 0){ echo "\n".'<p>The search engine cannot find the page you are looking for.</p>'; echo "\n".'<p>This could be because it could not find any pages containing <i>'.$phrase.'</i>'; echo "\n".'<p>Alternatively, it might have found too many pages, and could not decide which one you wanted.</p>'; }else{ $i = 0; while($row = mysql_fetch_array($res)){ $s = substr(stristr(strip_tags($row['vid_title']), $phrase), 0, 120); if($s == ''){ $s = substr(strip_tags($row["vid_desc"]), 0, 120); } $i++; echo "\n".'<p>'.$i.'.) <a href="results.php?page_id='.$row['s'].'">'.htmlentities($row['c']).' - '.htmlentities($row['vid_title']).'</a> ... '.$s.'...</p>'; } } } // Save searches to monitor user activity $phrase_qry = sprintf("INSERT INTO vs_searches (page_id, phrase, ip) VALUES ('', '%s', '%s')", addslashes($phrase), addslashes($ua['ip'])); if(!($phrase_res = @mysql_query($phrase_qry))){ $opts['error_msg'] .= 'Insert failed for search phrase'."\n".$phrase_qry."\n"; } } ?> I am having no issues with the posting but for some reason when I search for a word that I know exists in those columns it keeps telling me there is no match. For some reason it won't return any results. Help!!! Quote Link to comment Share on other sites More sharing options...
WolfRage Posted March 24, 2009 Share Posted March 24, 2009 If you are trying to build a search engine it needs to be fast so use preg_replace() Found here: http://us3.php.net/manual/en/function.preg-replace.php Quote Link to comment Share on other sites More sharing options...
Sweeney Posted March 24, 2009 Author Share Posted March 24, 2009 I need it to work before I can get it to run fast Would there be any reason it wouldn't be viewing the columns? Quote Link to comment Share on other sites More sharing options...
WolfRage Posted March 24, 2009 Share Posted March 24, 2009 Well I see an "@" in front of your MySQL query telling me you are suppressing any errors that it might produce, but I do not see a MySQL connection, which means you have not database to query. get rid of the "@" and establish a connection and lets see what kind of error you get. Also I will need to take a few minutes and look over the rest of your code... Update -- To me the rest of your code looks fine, but so much of it is dealing with the database querry that I think having the errors printed will help you out a lot. Warning: I am not a SQL pro by any means. Quote Link to comment Share on other sites More sharing options...
Sweeney Posted March 24, 2009 Author Share Posted March 24, 2009 I appreciate it I added this require that states all my database information then put in the connection there. <?php require "../_admin/config.php"; ?> <?php $phrase = array_key_exists('phrase', @$_POST) ? trim(stripslashes(strip_tags(@$_POST['phrase']))) : ''; if(empty($phrase)){ echo "\n".'<p>No words placed in the search box. </p>'; }else{ // SQL injection prevention (double quote mark is allowed here but should probably be disallowed) $phrase = strtr($phrase, ',/\*&()$%^@~`?;', ' '); $phrase = trim($phrase); $phrase = str_replace('#180', '', $phrase); echo "\n".'<p>Searching for <i>'.htmlspecialchars($phrase).'</i>... </p>'; $key = 'text_index'; // Beware of the re-definition of $s in this query. $phrase = html_entity_decode($phrase, ENT_QUOTES); if(!($res = mysql_query("$host", "$user", "$pass") or die(mysql_error()); mysql_select_db("$db") or die(mysql_error()); 'SELECT `page_id` AS s, `link` AS c, `vid_title`, `vid_desc`, `hidden` FROM `'.$opts['videos'].'` I'm getting a Parse error: syntax error, unexpected T_STRING in /home/bgreel/public_html/videos/search_process.php on line 29 I really appreciate your help. Quote Link to comment Share on other sites More sharing options...
WolfRage Posted March 24, 2009 Share Posted March 24, 2009 Which one is line 29? Also please repost the complete code... Quote Link to comment Share on other sites More sharing options...
Sweeney Posted March 24, 2009 Author Share Posted March 24, 2009 mysql_select_db("$db") or die(mysql_error()); its the connection. Quote Link to comment Share on other sites More sharing options...
Philip Posted March 24, 2009 Share Posted March 24, 2009 if(!($res = mysql_query("$host", "$user", "$pass") or die(mysql_error()); mysql_select_db("$db") or die(mysql_error()); 'SELECT `page_id` AS s, `link` AS c, `vid_title`, `vid_desc`, `hidden` FROM `'.$opts['videos'].` First of all you have a query where you probably meant connect. Secondly, why is the following there? 'SELECT `page_id` AS s, `link` AS c, `vid_title`, `vid_desc`, `hidden` FROM `'.$opts['videos'].` Quote Link to comment Share on other sites More sharing options...
Sweeney Posted March 24, 2009 Author Share Posted March 24, 2009 The idea was to select the columns from video table Quote Link to comment Share on other sites More sharing options...
Philip Posted March 24, 2009 Share Posted March 24, 2009 But it's out in the open, not in a query or variable You need first connect to the database, then run a query on that. $res = mysql_connect($host, $user, $pass) or die(mysql_error()); mysql_select_db($db, $res) or die(mysql_error()); mysql_query("SELECT `page_id` AS s, `link` AS c, `vid_title`, `vid_desc`, `hidden` FROM `'.$opts['videos'].`", $res) or die(mysql_error()); Quote Link to comment Share on other sites More sharing options...
WolfRage Posted March 25, 2009 Share Posted March 25, 2009 King Philip is right on your second posting of code your querry is out in the middle of nowhere. Can you repost the code all of it, except you database connection. Also please ensure you have error reporting set to on and all. ini_set ('display_errors', 1) error_reporting (E_ALL & ~E_NOTICE); Quote Link to comment Share on other sites More sharing options...
Sweeney Posted March 25, 2009 Author Share Posted March 25, 2009 okay the code now reads like this $phrase = html_entity_decode($phrase, ENT_QUOTES); $res = mysql_connect($host, $user, $pass) or die(mysql_error()); mysql_select_db($db) or die(mysql_error()); if(!($res = @mysql_query( 'SELECT `page_id` AS s, `link` AS c, `heading`, `content`, `hidden` FROM `'.$opts['tb'].'` WHERE `hidden` <> "1" AND MATCH(`heading`, `content`) AGAINST ("'.$phrase.'") LIMIT 10' ))){ echo "\n".'<p>No match for: <i class="red">'.$phrase.'</i></p>'; I am not getting error messages when I use the search but I still am not getting back any results that I should. I search for words that I know are in the columns yet I still get no matches. Quote Link to comment Share on other sites More sharing options...
Sweeney Posted March 25, 2009 Author Share Posted March 25, 2009 <?php require "../_admin/config.php"; ?> <?php $phrase = array_key_exists('phrase', $_POST) ? trim(stripslashes(strip_tags($_POST['phrase']))) : ''; if(empty($phrase)){ echo "\n".'<p>No words placed in the search box. </p>'; }else{ // SQL injection prevention (double quote mark is allowed here but should probably be disallowed) $phrase = strtr($phrase, ',/\*&()$%^@~`?;', ' '); $phrase = trim($phrase); $phrase = str_replace('#180', '', $phrase); echo "\n".'<p>Searching for <i>'.htmlspecialchars($phrase).'</i>... </p>'; $key = 'text_index'; // Beware of the re-definition of $s in this query. $phrase = html_entity_decode($phrase, ENT_QUOTES); $res = mysql_connect($host, $user, $pass) or die(mysql_error()); mysql_select_db($db) or die(mysql_error()); if(!($res = @mysql_query( 'SELECT `page_id` AS s, `link` AS c, `heading`, `content`, `hidden` FROM `'.$opts['tb'].'` WHERE `hidden` <> "1" AND MATCH(`heading`, `content`) AGAINST ("'.$phrase.'") LIMIT 10' ))){ echo "\n".'<p>No match for: <i class="red">'.$phrase.'</i></p>'; }else{ if(@mysql_num_rows($res) == 0){ echo "\n".'<p>The search engine cannot find the page you are looking for.</p>'; echo "\n".'<p>This could be because it could not find any pages containing <i>'.$phrase.'</i>'; echo "\n".'<p>Alternatively, it might have found too many pages, and could not decide which one you wanted.</p>'; }else{ $i = 0; while($row = mysql_fetch_array($res)){ $s = substr(stristr(strip_tags($row['vid_title']), $phrase), 0, 120); if($s == ''){ $s = substr(strip_tags($row["vid_desc"]), 0, 120); } $i++; echo "\n".'<p>'.$i.'.) <a href="results.php?page_id='.$row['s'].'">'.htmlentities($row['c']).' - '.htmlentities($row['vid_title']).'</a> ... '.$s.'...</p>'; } } } // Save searches to monitor user activity $phrase_qry = sprintf("INSERT INTO vs_searches (page_id, phrase, ip) VALUES ('', '%s', '%s')", addslashes($phrase), addslashes($ua['ip'])); if(!($phrase_res = @mysql_query($phrase_qry))){ $opts['error_msg'] .= 'Insert failed for search phrase'."\n".$phrase_qry."\n"; } } ?> Quote Link to comment Share on other sites More sharing options...
Sweeney Posted March 25, 2009 Author Share Posted March 25, 2009 Okay Messing around with it a bit last night and I am getting a new error message up. Parse error: syntax error, unexpected ')' in search_process.php on line 36 here is the code <?php require "../_admin/config.php"; ?> <?php $phrase = array_key_exists('phrase', $_POST) ? trim(stripslashes(strip_tags($_POST['phrase']))) : ''; if(empty($phrase)){ echo "\n".'<p>No words placed in the search box. </p>'; }else{ // SQL injection prevention (double quote mark is allowed here but should probably be disallowed) $phrase = strtr($phrase, ',/\*&()$%^@~`?;', ' '); $phrase = trim($phrase); $phrase = str_replace('#180', '', $phrase); echo "\n".'<p>Searching for <i>'.htmlspecialchars($phrase).'</i>... </p>'; $key = 'text_index'; // Beware of the re-definition of $s in this query. $phrase = html_entity_decode($phrase, ENT_QUOTES); $res = mysql_connect($host, $user, $pass) or die(mysql_error()); mysql_select_db($db) or die(mysql_error()); mysql_query('SELECT `page_id` AS s, `link` AS c, `vid_title`, `vid_desc`, `hidden` FROM `'.$opts['videos'].'` WHERE `hidden` <> "1" AND MATCH(`vid_title`, `vid_desc`) AGAINST ("'.$phrase.'") LIMIT 10' ))){ echo "\n".'<p>No match for: <i class="red">'.$phrase.'</i></p>'; }else{ if(@mysql_num_rows($res) == 0){ echo "\n".'<p>The search engine cannot find the page you are looking for.</p>'; echo "\n".'<p>This could be because it could not find any pages containing <i>'.$phrase.'</i>'; echo "\n".'<p>Alternatively, it might have found too many pages, and could not decide which one you wanted.</p>'; }else{ $i = 0; while($row = mysql_fetch_array($res)){ $s = substr(stristr(strip_tags($row['vid_title']), $phrase), 0, 120); if($s == ''){ $s = substr(strip_tags($row["vid_desc"]), 0, 120); } $i++; echo "\n".'<p>'.$i.'.) <a href="results.php?page_id='.$row['s'].'">'.htmlentities($row['c']).' - '.htmlentities($row['vid_title']).'</a> ... '.$s.'...</p>'; } } } // Save searches to monitor user activity $phrase_qry = sprintf("INSERT INTO vs_searches (page_id, phrase, ip) VALUES ('', '%s', '%s')", addslashes($phrase), addslashes($ua['ip'])); if(!($phrase_res = @mysql_query($phrase_qry))){ $opts['error_msg'] .= 'Insert failed for search phrase'."\n".$phrase_qry."\n"; } } ?> now line 36 is right below my query. These are lines 30-36 mysql_query('SELECT `page_id` AS s, `link` AS c, `vid_title`, `vid_desc`, `hidden` FROM `'.$opts['videos'].'` WHERE `hidden` <> "1" AND MATCH(`vid_title`, `vid_desc`) AGAINST ("'.$phrase.'") LIMIT 10' ))){ Any ideas? Quote Link to comment Share on other sites More sharing options...
Sweeney Posted March 25, 2009 Author Share Posted March 25, 2009 Okay fixed the error on line 36 now it reads $res = mysql_connect($host, $user, $pass) or die(mysql_error()); mysql_select_db($db) or die(mysql_error()); if(!($res =mysql_query('SELECT `page_id` AS s, `link` AS c, `vid_title`, `vid_desc`, `hidden` FROM `'.$opts['videos'].'` WHERE `hidden` <> "1" AND MATCH(`vid_title`, `vid_desc`) AGAINST ("'.$phrase.'") LIMIT 10' ))){ echo "\n".'<p>No match for: <i class="red">'.$phrase.'</i></p>'; and all works well. However the entire thing is still now reading things I have saved in the table. I know the fields I am searching for are inside the columns that I have listed in the code but for some reason it just won't recognize the match! errrrrrrr. <?php require "../_admin/config.php"; ?> <?php $phrase = array_key_exists('phrase', $_POST) ? trim(stripslashes(strip_tags($_POST['phrase']))) : ''; if(empty($phrase)){ echo "\n".'<p>No words placed in the search box. </p>'; }else{ // SQL injection prevention (double quote mark is allowed here but should probably be disallowed) $phrase = strtr($phrase, ',/\*&()$%^@~`?;', ' '); $phrase = trim($phrase); $phrase = str_replace('#180', '', $phrase); echo "\n".'<p>Searching for <i>'.htmlspecialchars($phrase).'</i>... </p>'; $key = 'text_index'; // Beware of the re-definition of $s in this query. $phrase = html_entity_decode($phrase, ENT_QUOTES); $res = mysql_connect($host, $user, $pass) or die(mysql_error()); mysql_select_db($db) or die(mysql_error()); if(!($res =mysql_query('SELECT `page_id` AS s, `link` AS c, `vid_title`, `vid_desc`, `hidden` FROM `'.$opts['videos'].'` WHERE `hidden` <> "1" AND MATCH(`vid_title`, `vid_desc`) AGAINST ("'.$phrase.'") LIMIT 10' ))){ echo "\n".'<p>No match for: <i class="red">'.$phrase.'</i></p>'; }else{ if(mysql_num_rows($res) == 0){ echo "\n".'<p>The search engine cannot find the page you are looking for.</p>'; echo "\n".'<p>This could be because it could not find any pages containing <i>'.$phrase.'</i>'; echo "\n".'<p>Alternatively, it might have found too many pages, and could not decide which one you wanted.</p>'; }else{ $i = 0; while($row = mysql_fetch_array($res)){ $s = substr(stristr(strip_tags($row['vid_title']), $phrase), 0, 120); if($s == ''){ $s = substr(strip_tags($row["vid_desc"]), 0, 120); } $i++; echo "\n".'<p>'.$i.'.) <a href="results.php?page_id='.$row['s'].'">'.htmlentities($row['c']).' - '.htmlentities($row['vid_title']).'</a> ... '.$s.'...</p>'; } } } // Save searches to monitor user activity $phrase_qry = sprintf("INSERT INTO vs_searches (page_id, phrase, ip) VALUES ('', '%s', '%s')", addslashes($phrase), addslashes($ua['ip'])); if(!($phrase_res = @mysql_query($phrase_qry))){ $opts['error_msg'] .= 'Insert failed for search phrase'."\n".$phrase_qry."\n"; } } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.