PHP simple search with mysql errors

[johnz77]

i cant seem to get this tutorial to work:

http://www.phpfreaks.com/tutorial/simple-sql-search

it worked fine when doing everything  exacly the same but when i started to add my own sql data i got these errors:

 

Notice: There was an error.

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM fotos WHERE `omschrijving` LIKE '%google%' ORDER BY `omschijving`' at line 1

SQL Was: SELECT titel, omschrijving, afbeelding, FROM fotos WHERE `omschrijving` LIKE '%google%' ORDER BY `omschijving` in C:\xampp\htdocs\cmd\PHPZOEK.php on line 50

 

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\cmd\PHPZOEK.php on line 52

My Simple Search Form The following had errors:

The search term provided google yielded no results.

 

my php code:

<?php
/*****************************
*  Simple SQL Search Tutorial by Frost
*  of Slunked.com
******************************/

$dbHost = 'localhost'; // localhost will be used in most cases
// set these to your mysql database username and password.
$dbUser = 'root'; 
$dbPass = 'bla';
$dbDatabase = 'cmd'; // the database you put the table into.
$con = mysql_connect($dbHost, $dbUser, $dbPass) or trigger_error("Failed to connect to MySQL Server. Error: " . mysql_error());

mysql_select_db($dbDatabase) or trigger_error("Failed to connect to database {$dbDatabase}. Error: " . mysql_error());

// Set up our error check and result check array
$error = array();
$results = array();

// First check if a form was submitted. 
// Since this is a search we will use $_GET
if (isset($_GET['search'])) {
   $searchTerms = trim($_GET['search']);
   $searchTerms = strip_tags($searchTerms); // remove any html/javascript.
   
   if (strlen($searchTerms) < 3) {
      $error[] = "Search terms must be longer than 3 characters.";
   }else {
      $searchTermDB = mysql_real_escape_string($searchTerms); // prevent sql injection.
   }
   
   // If there are no errors, lets get the search going.
   if (count($error) < 1) {
      $searchSQL = "SELECT titel, omschrijving, afbeelding, FROM fotos WHERE ";
      
      // grab the search types.
      $types = array();
      $types[] = isset($_GET['titel'])?"`titel` LIKE '%{$searchTermDB}%'":'';
      $types[] = isset($_GET['omschrijving'])?"`omschrijving` LIKE '%{$searchTermDB}%'":'';
      $types[] = isset($_GET['afbeelding'])?"`afbeelding` LIKE '%{$searchTermDB}%'":'';
      
      $types = array_filter($types, "removeEmpty"); // removes any item that was empty (not checked)
      
      if (count($types) < 1)
         $types[] = "`omschrijving` LIKE '%{$searchTermDB}%'"; // use the titel as a default search if none are checked
      
          $andOr = isset($_GET['matchall'])?'AND':'OR';
      $searchSQL .= implode(" {$andOr} ", $types) . " ORDER BY `omschijving`"; // order by omschrijving.

      $searchResult = mysql_query($searchSQL) or trigger_error("There was an error.<br/>" . mysql_error() . "<br />SQL Was: {$searchSQL}");
      
      if (mysql_num_rows($searchResult) < 1) {
         $error[] = "The search term provided {$searchTerms} yielded no results.";
      }else {
         $results = array(); // the result array
         $i = 1;
         while ($row = mysql_fetch_assoc($searchResult)) {
            $results[] = "{$i}: {$row['omschrijving']}<br />{$row['plaats']}<br />{$row['afbeelding']}<br /><br />";
            $i++;
         }
      }
   }
}

function removeEmpty($var) {
   return (!empty($var)); 
}
?>
<html>
   <omschrijving>My Simple Search Form</omschrijving>
   <style type="text/css">
      #error {
         color: red;
      }
   </style>
   <titel>
      <?php echo (count($error) > 0)?"The following had errors:<br /><span id=\"error\">" . implode("<br />", $error) . "</span><br /><br />":""; ?>
      <form method="GET" action="<?php echo $_SERVER['PHP_SELF'];?>" name="searchForm">
         Search For: <input type="text" name="search" value="<?php echo isset($searchTerms)?htmlspecialchars($searchTerms):''; ?>" /><br />
         Search In:<br />
         titel: <input type="checkbox" name="titel" value="on" <?php echo isset($_GET['titel'])?"checked":''; ?> /> | 
         omschrijving: <input type="checkbox" name="omschrijving" value="on" <?php echo isset($_GET['omschrijving'])?"checked":''; ?> /> | 
         afbeeldingription: <input type="checkbox" name="afbeelding" value="on" <?php echo isset($_GET['afbeelding'])?"checked":''; ?> /><br />
                 Match All Selected Fields? <input type="checkbox" name="matchall" value="on" <?php echo isset($_GET['matchall'])?"checked":''; ?><br /><br />
         <input type="submit" name="submit" value="Search!" />
      </form>
      <?php echo (count($results) > 0)?"Your search term: {$searchTerms} returned:<br /><br />" . implode("", $results):""; ?>
   </titel>
</html>

 

any help would be appriciated

[5kyy8lu3]

SQL Was: SELECT titel, omschrijving, afbeelding, FROM fotos WHERE `omschrijving` LIKE '%google%' ORDER BY `omschijving`

 

looks like you have an extra comma after afbeelding that's causing the error.

[johnz77]

nice thank you, such a simple mistake >< but easily overlooked by a beginner.