Jump to content

Query Undefined Variable


vinson89

Recommended Posts

I got my search page error and the server pop up below message:

 

Notice: Undefined variable: query in /home/tz005/public_html/COMP1687/search.php on line 64
Minimum length is 3

 

Where should I make a correction in the script? Here is my php script:

 

<?php

 
$min_length = 3; //min length of the search
 
if(strlen($query) >= $min_length){
         
        $query = htmlspecialchars($query); 
 
        $raw_results = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM item_information
            WHERE (`itemtitle` LIKE '%".$query."%')") or die(((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)));
             
        
        if(mysqli_num_rows($raw_results) > 0){ // If it find's more than 0 results...
             
            while($results = mysqli_fetch_array($raw_results)){
 
echo "<p>".$results['itemtitle']."</p>"; // show's the results..
             
 
            }
             
        }
        else{ // If found nothing..
            echo "No results";
        }
         
    }
    else{ // if length of the search is less than defined on variable...
        echo "Minimum length is ".$min_length;
    }
?>

 

 

 

Link to comment
https://forums.phpfreaks.com/topic/288669-query-undefined-variable/
Share on other sites

Where is $query supposed to come from? Based on your description, it sounds like it comes from an HTML form. If so, you'll need to use either $_POST or $_GET to get the value for $query. The one you use is based on the "method" attribute for the form.

 

If the form is set to POST, for example, your code might look something like this:

<?php
$min_length = 3; //min length of the search
$query      = $_POST['query'];
 
if(strlen($query) >= $min_length){


//...
?>

Also note that if the query value comes from a form, you'll want to protect your database from SQL injection attacks. One way to do this is to use mysqli_real_escape_string(). More information can be found here:

http://www.php.net/manual/en/mysqli.real-escape-string.php

 

Or you could look into binding with MySQLi.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.