Jump to content

trying to search a mysql db using php code searching html form


diamondlifestyle

Recommended Posts

I'm trying to do something that I thought was very simple about 2 weeks ago :-(

I want to put a form on my site and link it to a database so when a user types a surname into the form they can search the db and the page will only display the surnames that match the search criteria. I got the db set up using phpmyadmin in about 2 minutes flat, but keep getting error messages when I write the php. I'm currently working with the below script, which keeps giving me the error 'unexpected T_string' on line 176

 

I've searched every forum and help site I can find, and the mysql and php manuals are just mind-boggling. I'm sure I'm making some really amateur mistake, but I'd really appreciate help with this!

thanks all!

 

 

<html>

<head>

<title>SEARCH RECORDS</title>

</head>

<body>

 

<FORM NAME ="Search" METHOD ="POST" ACTION = "test3">

 

<INPUT TYPE = "TEXT" VALUE ="surname" NAME = "surname">

<INPUT TYPE = "Submit" Name = "Search" VALUE = "Search">

 

</FORM>

</body>

</html>

 

 

 

<?

 

$user_name = "*****";

$password = "*****";

$database = "*****";

$server = "localhost";

$db_handle = mysql_connect($server, $user_name, $password);

 

$db_found = mysql_select_db($database, $db_handle);

 

if ($db_found) {

 

$SQL = "SELECT * FROM *****" WHERE surname=$_POST['surname'];

$result = mysql_query($SQL);

 

while ($db_field = mysql_fetch_assoc($result)) {

print $db_field['Grave'] . "<BR>";

print $db_field['Surname'] . "<BR>";

print $db_field['Forenames'] . "<BR>";

print $db_field['Death_Date'] . "<BR>";

print $db_field['Birth_Year'] . "<BR>";

}

 

mysql_close($db_handle);

}

else {

print "Database NOT Found ";

mysql_close($db_handle);

}

 

?>

 

 

Link to comment
Share on other sites

Replace your opening form element with this: 

 

<form name ="Search" method ="POST" action = "">

 

 

You were sending it to "test3" but that is an invalid file as there is no file extension on it.  Setting the action to an empty string, returns the form to itself.

 

PS. Your query will only return a surname if it is typed exactly as it appears in the database.  If you want it to return surnames that start with the characters typed, use:

 

$SQL = "SELECT * FROM ***** WHERE surname LIKE '" . mysql_real_escape_string($_POST['surname']) . "%'";

 

Link to comment
Share on other sites

the latest code is:

 

<html>

<head>

<title>SEARCH RECORDS</title>

</head>

<body>

 

<FORM NAME ="Search" METHOD ="POST" ACTION = "test2.php">

 

<INPUT TYPE = "TEXT" VALUE ="surname" NAME = "surname">

<INPUT TYPE = "Submit" Name = "Search" VALUE = "Search">

 

</FORM>

</body>

</html>

 

 

 

<?

 

$user_name = "*****";

$password = "*****";

$database = "*****";

$server = "localhost";

$db_handle = mysql_connect($server, $user_name, $password);

 

$db_found = mysql_select_db($database, $db_handle);

 

if ($db_found) {

 

$SQL = "SELECT * FROM ***** WHERE surname LIKE '" . mysql_real_escape_string($_POST['surname']) . "%'";

$result = mysql_query($SQL);

 

while ($db_field = mysql_fetch_assoc($result)) {

print $db_field['Grave'] . "<BR>";

print $db_field['Surname'] . "<BR>";

print $db_field['Forenames'] . "<BR>";

print $db_field['Death_Date'] . "<BR>";

print $db_field['Birth_Year'] . "<BR>";

}

 

mysql_close($db_handle);

}

else {

print "Database NOT Found ";

mysql_close($db_handle);

}

 

?>

 

 

thank you all for your help with this!!

Link to comment
Share on other sites

right, that's given me:

 

Parse error: syntax error, unexpected T_WHILE on line177

 

which has thrown me completely; I thought the 'while' clause was necessary to tabulate the results?

 

I was wondering if it's because the html is above the php, when the 'submit' button is pressed and it sends the data back to the same page, is it hitting the html before the php and just resetting the form? or will that not make any difference?

 

thanks again for everyone's help!

Link to comment
Share on other sites

I just noticed something. You have the value= attribute of the surname field specified as "surname". Remove the value="surname" from the <input tag completely.

 

For the parse error, did you paste the or die() statement in, or type it? There's probably a missed quote, or something like that.

 

Paste your current code in here, please.

Link to comment
Share on other sites

the code currently stands at:

 

<html>

<head>

<title>SEARCH RECORDS</title>

</head>

<body>

 

<FORM NAME ="Search" METHOD ="POST" ACTION = "test2.php">

 

<INPUT TYPE = "TEXT" NAME = "surname">

<INPUT TYPE = "Submit" Name = "Search" VALUE = "Search">

 

</FORM>

</body>

</html>

 

 

 

<?

 

$user_name = "*****";

$password = "*****";

$database = "*****";

$server = "localhost";

$db_handle = mysql_connect($server, $user_name, $password);

 

$db_found = mysql_select_db($database, $db_handle);

 

if ($db_found) {

$SQL = "SELECT * FROM ***** WHERE surname = '" . mysql_real_escape_string($_POST['surname']) . "$'";

$result = mysql_query($SQL) or die ('<br>Query string: ' . $SQL . '<br>Produced error: ' . mysql_error() . '<br>');

 

while ($db_field = mysql_fetch_assoc($result)) {

print $db_field['Grave'] . "<BR>";

print $db_field['Surname'] . "<BR>";

print $db_field['Forenames'] . "<BR>";

print $db_field['Death_Date'] . "<BR>";

print $db_field['Birth_Year'] . "<BR>";

}

 

mysql_close($db_handle);

}

else {

print "Database NOT Found ";

mysql_close($db_handle);

}

 

?>

 

 

 

which is producing the error 'unexpected T_while on line 190' (however before I added the 'die' phrase it looked right except when the 'submit' button was pressed it refreshed the form, rather than showing the results of the search)

Link to comment
Share on other sites

Side note: change your <? short open tag to full syntax <?php. Not the cause of this issue, but not good form nonetheless.

 

I believe the $ at the end your query string should be changed to a percent sign for the wildcard character.

 

 

EDIT: Didn't see your post saying you found a typo . . .

Since it indicates the problem is on line 190, and there aren't nearly that many lines of code, there has to be a missing brace or semicolon or something in the preceding script. The code above, on its own, has no parse errors.

Link to comment
Share on other sites

it's not displaying any parse errors now, I've got the page looking exactly as I want it to, except when I submit a query in the form it refreshes the page rather than loads the results of the search. I've tried swapping the code over so the php script is on top and the html table is on the bottom (just in case!) but it hasn't altered anything :-(

Link to comment
Share on other sites

That form submits to itself, right? I don't think the query is returning any results from the database. Add an echo to send the query string to the screen, then paste the query into phpMyAdmin and see if any results are returned.

 

After the result = line, add:

echo $SQL;

Link to comment
Share on other sites

I've added the echo, but it's repeating the same error, except now above the table are the words

 

SELECT * FROM ***** WHERE surname='%'

 

Is this possibly an error with the LIKE function? when I write in the script

 

$SQL = "SELECT * FROM ***** WHERE surname LIKE '" . mysql_real_escape_string($_POST['surname']) . "%'";

 

I get an parse error message about using LIKE with % (I'm using version 5.0.91) but when I omit the like and just use

 

$SQL = "SELECT * FROM ***** WHERE surname '" . mysql_real_escape_string($_POST['surname']) . "%'";

 

I get the page showing properly but it reloads on itself when I submit a query in the form.

Link to comment
Share on other sites

Try this. It has some additional output for debugging so we can get an idea of what's going on.

 

<html>
<head>
<title>SEARCH RECORDS</title>
</head>
<body>
<?php
if( isset($_POST['Search']) ) {
echo '////////////////// DEBUGGING CODE ////////////////////////////////////////////';
echo '<pre>';
print_r($_POST);
echo '</pre>';
echo '/////////////////////// END DEBUGGING /////////////////////////////////////////';
}
?>
<FORM NAME ="Search" METHOD ="POST" ACTION = "test2.php">
<INPUT TYPE = "TEXT" NAME = "surname">
<INPUT TYPE = "Submit" Name = "Search" VALUE = "Search">
</FORM>

<?php
if( isset($_POST['Search']) ) {
$user_name = "*****";
$password = "*****";
$database = "*****";
$server = "localhost";
$db_handle = mysql_connect($server, $user_name, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) {
	$SQL = "SELECT * FROM ***** WHERE surname LIKE '" . mysql_real_escape_string($_POST['surname']) . "%'";
	$result = mysql_query($SQL) or die ('<br>Query string: ' . $SQL . '<br>Produced error: ' . mysql_error() . '<br>');
                echo $SQL; // debugging output
	while ($db_field = mysql_fetch_assoc($result)) {
		print $db_field['Grave'] . "<BR>";
		print $db_field['Surname'] . "<BR>";
		print $db_field['Forenames'] . "<BR>";
		print $db_field['Death_Date'] . "<BR>";
		print $db_field['Birth_Year'] . "<BR>";
	}
	mysql_close($db_handle);
} else {
	print "Database NOT Found ";
	mysql_close($db_handle);
}
} else {
echo '<br>(Form not yet submitted.)<br>';  // debugging output
}
?>
</body>
</html>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.