Need Help with my search code!

[CountryGirl]

Hi all,

 

I really need some help with this search code on my site. Before the company I am working for switched web hosts this code and all was working great. I had a bunch of LEFT JOINs and everything was good. Now, I don't get anything. I've even reduced it down to just trying to pull ONE thing from our database (an account number, super simple). Here's the entire code, do you see where it may not be working??? I'm at a loss. I've run into one problem or another with building this search for the website since they switched webhosts and I feel like I'm getting nowhere. Please help!!

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
<?php
   error_reporting(E_ALL);
   ini_set("display_errors", 1); 
   
   $dbHost = '********'; 
   $dbUser = '********'; 
   $dbPass = '********';
   $dbDatabase = '*******'; 
  

$search = $_POST['search'];

if ($search) // perform search only if a string was entered.
{
   $con = mysql_connect($dbHost, $dbUser, $dbPass) or die("Failed to connect to MySQL Server. Error: " . mysql_error());
   mysql_select_db($dbDatabase) or die("Failed to connect to database {$dbDatabase}. Error: " . mysql_error());
   
   
   $query = "SELECT asmnt_legal.Account, 
             WHERE asmnt_legal.Account = '{$search}'
             ORDER BY asmnt_legal.Account ASC";
   $result = mysql_query($query, $con);

   if ($result)
   {
      echo "Results:<br><br>";
      echo "<table width=90% align=center border=1><tr>
      <td align=center bgcolor=#4A6B3F>Account</td>
      </tr>";
   
      while ($r = mysql_fetch_array($result))
      { // Begin while
         $act = $r["Account"];
         echo "<tr>
            <td>$act</td>
            </tr>";
      } // end while
      
      echo "</table>";
   }
   else
   {
      echo "Sorry, please try your search again.";
   }
}
else
{
   echo "Start your search";
}
?>

<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Searching Another Test</title>
</head>
<body bgcolor="#bba86d">
	<div align="center">

	</div>
	<h1></h1>
	<h1></h1>
	<h1>Search Records</h1>
	<form method="post" action="searchjoin1.php">
<table width=90% align=center>
			<tr><td>Search:</td><td><input type=text name='search' size=60 maxlength=255></td></tr>
			<td></td>
			<td><input type=submit value="Search Records"></td>
			</tr>
		</table>
</form>
	<p></p>
	<p></p>
</body>
</html>

 

Thanks!

Qadoshyah

[whansen02]

First thing I'd check is what version of Mysql the new host is running. I just had a situation where an app was written on a server with mysql 5 and later moved to a server with mysql 4... while the basics remain the same there were same quirks.

 

Do you have error reporting on?

You don't get the or die message you've created?

 

You can put an or die function after your query too.

$result = mysql_query($query, $con) or die("\nQuery was $query\n");

 

Also I assume $search is coming from using input.

You'll want to use the function mysql_real_escape_string($variable) on either $query or $search - best practice to use it on $query - easier if there's more than one input variable in your query, you only end up calling the escape function once.  This "helps" to prevent elementary mysql injection attacks.

 

Post more details if that doesn't help.

[ignace]

$search = $_POST['search'];

 

If nothing was submitted and this code is accessed it throws an error of level E_NOTICE: Undefined index 'search' in .. on line ..