Jump to content

Recommended Posts

Hi guys. Hope you can help me with this.

 

I have a MySQL database running and am able to connect to it and add/remove files. However, I am trying to add a search function into my site and  it keeps throwing up the following error:

 

Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /home/a3796103/public_html/cars_search_form.php on line 44

 

Now I know this is usually to do with missing syntax but I can't for the life of me find where it is. Here is my full code:

 

<html><head><title>Cars Search Form</title>

<style type="text/css">

td {font-family: tahoma, arial, verdana; font-size: 10pt }

</style>

 

 

</head>

<body>

<table width="300" cellpadding="10" cellspacing="0" border="2">

<tr align="center" valign="top">

<td align="left" colspan="1" rowspan="1" bgcolor="64b1ff">

<h3>Car Search</h3>

<table width="450px">

</tr>

<form name="search" method="post" action="<?=$PHP_SELF?>">

Search for: <input type="text" name="find" /> in

<Select NAME="field">

<Option VALUE="make">Make/model</option>

<Option VALUE="colour">Colour</option>

<Option VALUE="year">Year</option>

<Option VALUE="fuel">Fuel type</option>

<Option VALUE="transmission">Transmission</option>

<Option VALUE="ctype">Car type</option>

</Select>

<input type="hidden" name="searching" value="yes" />

<input type="submit" name="search" value="Search" />

</form>

 

<table width="300" cellpadding="10" cellspacing="0" border="2">

<tr align="center" valign="top">

<td align="left" colspan="1" rowspan="1" bgcolor="64b1ff">

 

<?php

//This is only displayed if they have submitted the form

if ($searching =="yes") {

echo "Results”;

}

//If they did not enter a search term we give them an error

if ($find == “”) {

echo “You forgot to enter a search term”;

}

//Otherwise we connect to our Database

mysql_connect("localhost", "user", "password") or die(mysql_error());

mysql_select_db("test_dbase") or die(mysql_error());

//We perform a bit of filtering

$find = strtoupper($find);

$find = strip_tags($find);

$find = trim($find);

//Now we search for our search term, in the field the user specified

$data = mysql_query(”SELECT *

FROM users

WHERE upper($field)

LIKE’%$find%’”);

//And we display the results

while($result = mysql_fetch_array($data)) {

echo $result['make'];

echo ” “;

echo $result['colour'];

echo “”;

echo $result['year'];

echo “”;

echo $result['fuel'];

echo “”;

echo $result['transmission'];

echo “”;

echo $result['ctype'];

echo “”;

echo “”;

}

//This counts the number or results – and if there wasn’t any it gives them a little message explaining that

$anymatches=mysql_num_rows($data);

if ($anymatches == 0) {

echo “Sorry, but we can not find an entry to match your query”;

}

//And we remind them what they searched for

echo “Searched For: ”.$find;

}

?>

 

:shrug:

Link to comment
https://forums.phpfreaks.com/topic/252973-help-with-search-function-phpmysql/
Share on other sites

Try this and see if it works with the proper quotes

 

<html><head><title>Cars Search Form</title>
<style type="text/css">
td {font-family: tahoma, arial, verdana; font-size: 10pt }
</style>


</head>
<body>
<table width="300" cellpadding="10" cellspacing="0" border="2">
<tr align="center" valign="top">
<td align="left" colspan="1" rowspan="1" bgcolor="64b1ff">
<h3>Car Search</h3>
<table width="450px">
</tr>
<form name="search" method="post" action="">
Search for: <input type="text" name="find" /> in
<Select NAME="field">
<Option VALUE="make">Make/model</option>
<Option VALUE="colour">Colour</option>
<Option VALUE="year">Year</option>
<Option VALUE="fuel">Fuel type</option>
<Option VALUE="transmission">Transmission</option>
<Option VALUE="ctype">Car type</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>

<table width="300" cellpadding="10" cellspacing="0" border="2">
<tr align="center" valign="top">
<td align="left" colspan="1" rowspan="1" bgcolor="64b1ff">

<?php
//This is only displayed if they have submitted the form
if ($searching =="yes") {
echo "Results";
}
//If they did not enter a search term we give them an error
if ($find == "") {
echo "You forgot to enter a search term";
}
//Otherwise we connect to our Database
mysql_connect("localhost", "user", "password") or die(mysql_error());
mysql_select_db("test_dbase") or die(mysql_error());
//We perform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim($find);
//Now we search for our search term, in the field the user specified
$data = mysql_query("SELECT * FROM users WHERE upper($field) LIKE '%$find%'");
//And we display the results
while($result = mysql_fetch_array($data)) {
echo $result['make'];
echo " ";
echo $result['colour'];
echo "";
echo $result['year'];
echo "";
echo $result['fuel'];
echo "";
echo $result['transmission'];
echo "";
echo $result['ctype'];
echo "";
echo "";
}
//This counts the number or results and if there wasn't any it gives them a little message explaining that
$anymatches=mysql_num_rows($data);
if ($anymatches == 0) {
echo "Sorry, but we can not find an entry to match your query";
}
//And we remind them what they searched for
echo "Searched For: ".$find;
}
?>

Ahh that seems to have been it...

Ok. Well the script runs without error but now isn't bringing up any records - when i search nothing happens? I'm sure the connections to the host and database are correct as they work fine on my other scripts. Do I need to put the array results in a table or should it do that automatically?? Do I need to have separate search boxes for each field or can I just use the one?

 

Sorry, I'm still relatively new to php (if you can't tell already  :D)

I've had another look and separated the search form and php functions into two different files as i read the <?=$PHP_SELF?> can cause problems. It still runs fine but the search box comes back empty and the blank search error message isn't showing up either. Any ideas what I'm missing?

 

Here's my code as it is now:

 

 

17193_.php

17194_.php

Your problem is this line

 

if ($searching =="yes") {

 

$searching never had a value

 

$searching = $_POST['searching'];
if ($searching =="yes") {

 

or

 

if ($_POST['searching'] =="yes") {

 

also look into checking the form if isset()

Correct, but you have the hidden value there and checking that.

 

One more thing would be to escape any user input before using it.

mysql_real_escape_string()

 

$find = mysql_real_escape_string($find);

All your program variables from the form fields and the $PHP_SELF variable don't exist, because they are dependent on a setting that was turned off by default 9 years ago due to a huge security hole the setting opened.

 

You need to have php's error_reporting set to E_ALL so that all the errors will be reported. Each of the non-existant program variables will be producing an undefined notice message.

 

All of the form fields need to be accessed using $_POST['some_field_name']

 

To cause a form to submit to the same page, you can just use an empty action="" attribute.

 

 

Ok. Thankyou both. I will give it another go... Just to clarify:

 

1. $find = mysql_real_escape_string($find); needs to go at the beginning of the php code in the process page?

 

2. $searching = $_POST['searching'];

      if ($searching =="yes") { can be used instead of the isset() function?

 

and

 

3. $find = $_POST['find']; - Where does this need to be in the exec file? 

 

mysql_real_escape_string() can only be used after a mysql connection

 

any $_POST['whatever'] are usually done in the beginning, but as long as you defined it before using it is fine

 

using your hidden field in the form could make it work

hopefully going by your original code and the added coding, this could get you some results

 

<html><head><title>Cars Search Form</title>
<style type="text/css">
td {font-family: tahoma, arial, verdana; font-size: 10pt }
</style>


</head>
<body>
<table width="300" cellpadding="10" cellspacing="0" border="2">
<tr align="center" valign="top">
<td align="left" colspan="1" rowspan="1" bgcolor="64b1ff">
<h3>Car Search</h3>
<table width="450px">
</tr>
<form name="search" method="post" action="">
Search for: <input type="text" name="find" /> in
<Select NAME="field">
<Option VALUE="make">Make/model</option>
<Option VALUE="colour">Colour</option>
<Option VALUE="year">Year</option>
<Option VALUE="fuel">Fuel type</option>
<Option VALUE="transmission">Transmission</option>
<Option VALUE="ctype">Car type</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>

<table width="300" cellpadding="10" cellspacing="0" border="2">
<tr align="center" valign="top">
<td align="left" colspan="1" rowspan="1" bgcolor="64b1ff">

<?php
$searching = $_POST['searching'];
$find = $_POST['find'];
$field = $_POST['field'];

//This is only displayed if they have submitted the form
if ($searching == "yes") {

//If they did not enter a search term we give them an error
if ($find == "") {
echo "You forgot to enter a search term";
DIE;
}
//Otherwise we connect to our Database
//mysql_connect("localhost", "user", "password") or die(mysql_error());
//mysql_select_db("test_dbase") or die(mysql_error());
//We perform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim($find);
$find = mysql_real_escape_string($find);
$field = mysql_real_escape_string($field);
//Now we search for our search term, in the field the user specified
$data = mysql_query("SELECT * FROM users WHERE upper($field) LIKE '%$find%'");
//And we display the results
while($result = mysql_fetch_array($data)) {
echo $result['make'];
echo " ";
echo $result['colour'];
echo "";
echo $result['year'];
echo "";
echo $result['fuel'];
echo "";
echo $result['transmission'];
echo "";
echo $result['ctype'];
echo "";
echo "";
}
//This counts the number or results and if there wasn't any it gives them a little message explaining that
$anymatches=mysql_num_rows($data);
if ($anymatches == 0) {
echo "Sorry, but we can not find an entry to match your query";
}
//And we remind them what they searched for
echo "Searched For: ".$find;
}

?>

 

The code should at least work now

see this part of code

 

if ($searching == "yes") {
echo "Results";
}

 

in this way it would just echo the word Results

 

I edited the code here http://www.phpfreaks.com/forums/index.php?topic=349717.msg1650539#msg1650539

Sure. Here's the basic script I used. Works perfectly in Chrome, not sure about IE or FF though :) :

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<title>Vehicle Search</title>

 

 

</head>

<body>

 

<tr>

 

            <table width="800" cellpadding="10" cellspacing="0" border="0">

            <table style="margin: auto;">

            <tr align="center" valign="center">

                          <td align="center" colspan="1" rowspan="1" bgcolor="ffffff">

                                               

                       

                            <table width="450px">

</tr>

 

<form name="search" method="post" action="">

Search for: <input type="text" name="find" /> in

<Select NAME="field">

<Option VALUE="option1">option1</option>  //change the name of the option in the "" brackets and the >< markers

<Option VALUE="option2">option2</option>

<Option VALUE="option3">option3</option>

<Option VALUE="option4">option4</option>

<Option VALUE="option5">option5</option>

<Option VALUE="option6">option6</option>

</Select>

<input type="hidden" name="searching" value="yes" />

<input type="submit" name="search" value="Search" />

</form>

<p></p>

<table width="500" cellpadding="10" cellspacing="0" border="2">

<tr align="center" valign="center">

<td align="center" colspan="1" rowspan="1" bgcolor="ffffff">

 

<?php

$searching = $_POST['searching'];

$find = $_POST['find'];

$field = $_POST['field'];

 

//This is only displayed if they have submitted the form

if ($searching == "yes") {

 

//If they did not enter a search term we give them an error

if ($find == "") {

echo "You forgot to enter a search term";

DIE;

}

//Otherwise we connect to our Database

mysql_connect("host", "username", "password") or die(mysql_error());

mysql_select_db("databasename") or die(mysql_error());

//We perform a bit of filtering

$find = strtoupper($find);

$find = strip_tags($find);

$find = trim($find);

$find = mysql_real_escape_string($find);

$field = mysql_real_escape_string($field);

//Now we search for our search term, in the field the user specified

$result = mysql_query("SELECT * FROM tablename WHERE upper($field) LIKE '%$find%'") or die("SELECT Error: ".mysql_error());

$num_rows = mysql_num_rows($result);

print "There are $num_rows records.<br><br>";

//And we display the results

print "<table width=600 border=1>";

//Change the field names in table to reflect

print "<tr><th>ID</th><th>Field 1</th><th>Field 2</th><th>Field 3</th><th>Field 4</th><th>Field 5</th><th>Field 6</th></tr>";

while ($get_info = mysql_fetch_row($result)){

print "<tr>";

foreach ($get_info as $field)

print "<td>$field</td>";

print "</tr>";

}

print "</table>";

 

//This counts the number or results and if there wasn't any it gives them a little message explaining that

$anymatches=mysql_num_rows($result);

if ($anymatches == 0) {

echo "Sorry, but we can not find an entry to match your query";

}

//And we remind them what they searched for

echo "Searched For: ".$find;

}

 

?>

</div>

</div>

</body>

</html>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.