Jump to content

Database search to display correct results

stoni23

By stoni23
in PHP Coding Help

 Share

Recommended Posts

stoni23 Newbie

stoni23

Posted
Posted

Hey guys,

I'm a php newbie that's trying to learn php on the job, and my deadline is quickly approaching. I'm attempting to learn php through a book, which is working just fine. The only problem is it's somewhat of a slow process.

 

Anyway, I'm trying to search using a physicians name from a database of names and return only the values that are relevant to that search. Results displayed will be all fields for that record.

 

The table is organized as follows:

Physician - Specialty - Street - City - State - Zip - Phone

 

I've managed to have it display the entire database (which is 883 doctors long), but I'm having difficulty making it display only relevant information. I'm not getting any errors, but I can't seem to figure out what I'm doing wrong. I'm only trying to display physicians and city to see if I can make it work. Once I get the right code in I was going to expand it to include all 7 fields.

 

Also, if somebody wants to say I'm posting too much code, then I'll shrink it down to more relevant information. I don't want to annoy anybody here lol. Also, I've double checked my database connections, they are all working properly.

 

If anybody can assist me or point me into the right direction on how I can narrow my search results to display only relevant information I would greatly appreciate it. Thanks in advance.

 

 

<?php 
session_start(); 
// Check for login
// Call DB Connection
include('includes/db_conn.php');
// Search Form Processor
$Physician 	= $_POST['physician'];
$sql = "";
// SQL SELECT 
if(isset($_POST['searchPhysician'])){
$sql = "SELECT * FROM doctors WHERE Physician LIKE '{$physician}%'";
}//end if
if(isset($_GET['query']) <> ""){
$query = $_GET['query'];
$sql = "SELECT Physician, Specialty, Street, City, State, Zip, Phone FROM doctors WHERE Physician = '{$query}'";
$result = mysql_query($sql);
}//end if
?>
<body>
<h1 class="redLL">Major Topic Search</h1><br>
<!-- TITLE SEARCH -->
    <form name="searchphysician" method="post" action="<?php $PHP_SELF; ?>">
<table width="100%" border="0" cellspacing="0" cellpadding="1">
    	<tr>
		<td width="23%" class="description"><p>Search by Name</td>
		<td width="63%"><input name="physician" type="text" id="physician" size="20"></td>
            <td width="14%"><input type="submit" name="searchPhysician" id="search" value="Search"></td>
	</tr>
</table>
</form><br  />
    <table border="0" class="table" width="85%" cellspacing="2" cellpadding="2">
    <tr>
        <td class="description" width="20%">
        Physician
        </td>
        <td class="description">
        City
        </td>
    </tr>
<?php 
if($sql !== ""){		
	$result = mysql_query($sql);
	if(mysql_num_rows($result) > 0){
		while($row = mysql_fetch_assoc($result)){
			print "<tr>
					<td>".$row['Physician']."</td>
					<td>".$row['City']."</td>
				  </tr>";
		}//end wh	
	}else{
		print "<tr><td class=\"description\">There are no results to display</td><td> </td></tr>";
	}//end if

}//end if
?>
</table>
</div>
<br><br>
                       
</body>
</html>

greatstar00 Newbie

greatstar00

Posted
Posted

you dont have any security consideration

should use mysql_real_escape_string

 

and, why u have double mysql_query, if(isset($_GET['query']) <> "")  evaluates to  true

 

based on your condition

it looks like you search the doctors' name begins with the name  they typed in

 

what if they only remember the name in the middle?

or the name at first place, and last place (only middle the middle part)?

 

 

so, your query in the where condition should be

where physician like 'str_replace($physician, " ", " %")'  //meaning, replace all {space} with "{space}%"

if u want to it to be more line google (with operator, like AND, OR)

so, you should should consider this way too

.josh Advanced Member

.josh

Posted
Posted

greatstar, giving out "better practices" is noble, but of little use to someone who is trying to make something work in the first place. 

 

OP: first thing I see wrong is you do not have $physician capitalized in your query string.  php variables are case-sensitive.

stoni23 Newbie

stoni23

Posted
  • Author
Posted

good noticing the non capitalization, thank you for noticing that.  I've fixed that in my code, now they're Physician instead of physician.  But, unfortunately that did not solve my problem.  Another thing I forgot to mention, no matter what input I give the search, I get the same results (the entire database).  I could search for a 900 letter long string and still yield the entire database of results.

stoni23 Newbie

stoni23

Posted
  • Author
Posted

turns out that I forgot to change the physician to Physician in my search form.  Thanks a ton for all your help! : )

 

 

SELECT * FROM doctors WHERE Physician LIKE 'whateverityped%'

 

was what was echoing if i added an echo $sql; statement in the loop.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.