Jump to content

creating a search form

dudleylearning

By dudleylearning
in PHP Coding Help

 Share
Go to solution Solved by Jacques1,

Recommended Posts

dudleylearning Member

dudleylearning

Posted
Posted

Hi,

 

so I've had an attempt at creating a search form I can get data from it so that's a positive. This is the relevant snippet:

$joke_text_search = $_REQUEST['text'];
$joke_text = '%' . $joke_text_search . '%';
$search  = $dbConnection->prepare("SELECT * FROM joke WHERE joke_text LIKE ?");
$search->execute([$joke_text]);
$result = $search->fetchAll();

but if I type in % it shows all the data. Having a read of the PHP manual, seems that I should use str_replace. I have had an attempt with it but the % symbol still shows all the data:

$joke_text_search = $_REQUEST['text'];
$joke_text_search_filter = str_replace(array('%','_'),'',$joke_text_search);
$joke_text = '%' . $joke_text_search_filter . '%';
$search  = $dbConnection->prepare("SELECT * FROM joke WHERE joke_text LIKE ?");
$search->execute([$joke_text]);
$result = $search->fetchAll(); 

Could someone lend a hand?

 

Link to comment
https://forums.phpfreaks.com/topic/302942-creating-a-search-form/
Share on other sites
  • Solution
Jacques1 Prolific Member

Jacques1

Posted
  • Solution
Posted

Having a read of the PHP manual, seems that I should use str_replace.

 

Yes, but you also need to understand what to replace the percent character with. Right now, you're replacing it with an underscore which stands for “exactly one arbitrary character”. Obviously that doesn't help.

 

If you want percent characters to be interpreted literally, you need to escape them with backslashes:

$search = '%'.str_replace('%', '\\%', $_GET['text']).'%';
dudleylearning Member

dudleylearning

Posted
  • Author
Posted

Of course it does. "%" is the wildcard character which matches anything.

 

It's like searching a directory for *.* - you get all the files.

 

ok, didn't know that. thanks for the tip. I tried it in another commercial website and it gave all the data  :happy-04:

dudleylearning Member

dudleylearning

Posted
  • Author
Posted

 

Yes, but you also need to understand what to replace the percent character with. Right now, you're replacing it with an underscore which stands for “exactly one arbitrary character”. Obviously that doesn't help.

 

If you want percent characters to be interpreted literally, you need to escape them with backslashes:

$search = '%'.str_replace('%', '\\%', $_GET['text']).'%';

 

that worked like a charm, exactly what I wanted. thanks Jacques1.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.