xiledweb Posted September 3, 2006 Share Posted September 3, 2006 So, I have a database with sports related articles, and I'm having problems with users running a specific search.The user can search by author, category and 'containing text'. Despite that, it returns all articles listed in the database.Another, nay, several pair of eyes would be appreciated.[code]$authors = @mysql_query('SELECT id, name FROM author');if (!$authors) { exit('<p>Unable to obtain author list from the database.</p>');}$cats = @mysql_query('SELECT id, name FROM category');if (!$cats) { exit('<p>Unable to obtain category list from the database.</p>');}?><form action="articlelist.php" method="post"><p>View articles satisfying the following criteria:</p><label>By author:<select name="aid" size="1"> <option selected value="">Any Author</option><?phpwhile ($author = mysql_fetch_array($authors)) { $aid = $author['id']; $aname = htmlspecialchars($author['name']); echo "<option value='$aid'>$aname</option>\n"; }?></select></label><br /><label>By category:<select name="cid" size="1"> <option selected value="">Any Category</option><?phpwhile ($cat = mysql_fetch_array($cats)) { $cid = $cat['id']; $cname = htmlspecialchars($cat['name']); echo "<option value='$cid'>$cname</option>\n"; }?></select></label><br /><label>Containing text: <input type="text" name="searchtext" /></label><br /><input type="submit" value="Search" /></form>[/code] Quote Link to comment Share on other sites More sharing options...
zq29 Posted September 3, 2006 Share Posted September 3, 2006 You have no 'WHERE' clause in your SQL queries... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.