2020 Posted July 16, 2020 Share Posted July 16, 2020 Folks, I have a mysql tbl called "links". In it a column named "keywords". The row 0 has a keyword "search" in the "keywords" column. I am doing a search for the words "search" in the html form. Clicking the button gives no response! What is wrong ? I get no mysql connection error. Nor any php error. So it should work and respond! <form name = "search" method = "POST" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <label for="keywords">Keywords:*</label> <input type="text" name="keywords" id="keywords" placeholder="Input Keywords" required> <br> <input type="button" name="search_links" id="search_links" value="Search Links!"> <br> <input type="reset"> <br> </form> Full short code ... <?php //include('error_reporting.php'); ini_set('error_reporting','E_ALL');//Same as: error_reporting(E_ALL); ini_set('display_errors','1'); ini_set('display_startup_errors','1'); ?> <form name = "search" method = "POST" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <label for="keywords">Keywords:*</label> <input type="text" name="keywords" id="keywords" placeholder="Input Keywords" required> <br> <input type="button" name="search_links" id="search_links" value="Search Links!"> <br> <input type="reset"> <br> </form> <?php if($_SERVER['REQUEST_METHOD'] === 'POST') { if(ISSET($_POST['search_links'])) { if(ISSET($_POST['keywords'])) { $keywords = $_POST['keywords']; } mysqli_report(MYSQLI_REPORT_ALL|MYSQLI_REPORT_STRICT); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); $conn = mysqli_connect("localhost","root","","test"); $db_server = 'localhost'; $db_user = 'root'; $db_password = ''; $db_database = 'test'; $conn->set_charset('utf8mb4');//Always use Charset. if (!$conn) { //Error Message to show user in technical/development mode to see errors. die("Database Error : " . mysqli_error($conn)); //Error Message to show User in Layman's mode to see errors. die("Database error."); exit(); } $query = "SELECT page_url,link_anchor_text,page_description,keyphrases,keywords FROM links WHERE keywords = ?"; $stmt = mysqli_stmt_init($conn); if(mysqli_stmt_prepare($stmt,$query)) { mysqli_stmt_bind_param($stmt,'s',$keywords); $result = mysqli_stmt_bind_result($stmt,$page_url,$link_anchor_text,$page_description,$keyphrase,$keywords); mysqli_stmt_execute($stmt); mysqli_stmt_fetch($stmt); while(mysqli_stmt_fetch($result)) { echo "url"; echo "<br>"; echo "anchor_text"; echo "<br>"; echo "description"; echo "<br>"; echo "keyphrases"; echo "<br>"; echo "keywords"; echo "<br>"; echo "|"; echo "<br>"; } mysqli_stmt_close($stmt); mysqli_close($conn); } else { echo "1. QUERY failed!"; } if(mysqli_stmt_prepare($stmt,$query)) { mysqli_stmt_bind_param($stmt,'s',$keywords); mysqli_stmt_execute($stmt); $result = mysqli_stmt_get_result($stmt); while($row = mysqli_fetch_array($result,mysqli_assoc)) { $page_url = $row['page_url']; echo $page_url; echo "<br>"; $link_anchor_text = $row['link_anchor_text']; echo $link_anchor_text; echo "<br>"; $page_description = $row['page_description']; echo $page_description; echo "<br>"; $keyphrases = $row['keyphrases']; echo $keyphrases; echo "<br>"; $keywords = $row['keywords']; echo $keywords; echo "<br>"; echo "|"; echo "<br>"; } mysqli_stmt_close($stmt); mysqli_close($conn); } else { die("2. QUERY failed!"); } } } ?> Quote Link to comment Share on other sites More sharing options...
gw1500se Posted July 16, 2020 Share Posted July 16, 2020 Your action parameter is just doing an echo. It is not calling the script. Quote Link to comment Share on other sites More sharing options...
benanamen Posted July 16, 2020 Share Posted July 16, 2020 $_SERVER['PHP_SELF'] is vulnerable to an XSS Attack. Just delete the action completely. 48 minutes ago, gw1500se said: Your action parameter is just doing an echo. It is not calling the script. Yes, it is, but it is a Security problem and shouldn't be used. You "could" use it if you enclosed it in htmlspecialchars but that is just sloppy. Cleaner to leave the action out completely. 1 Quote Link to comment Share on other sites More sharing options...
2020 Posted July 16, 2020 Author Share Posted July 16, 2020 3 minutes ago, benanamen said: $_SERVER['PHP_SELF'] is vulnerable to an XSS Attack. Just delete the action completely. Yes, it is, but it is a Security problem and shouldn't be used. You "could" use it if you enclosed it in htmlspecialchars but that is just sloppy. Cleaner to leave the action out completely. You mean I should do it the old way I used to do before I learn to do it the $_SERVER['PHP_SELF'] ? If that is the case then why did the php manual start teaching this new way that injects attacks ? Old way: <form name = "search" method = "POST" action=""> New way: <form name = "search" method = "POST" action="<?php echo $_SERVER['PHP_SELF']; ?>"> Quote Link to comment Share on other sites More sharing options...
2020 Posted July 16, 2020 Author Share Posted July 16, 2020 1 hour ago, gw1500se said: Your action parameter is just doing an echo. It is not calling the script. Oh! Show me how you do it so I understand where I am really doing wrong. Thanks Quote Link to comment Share on other sites More sharing options...
gw1500se Posted July 16, 2020 Share Posted July 16, 2020 Assuming this is all one script, just leave the action parameter off. Quote Link to comment Share on other sites More sharing options...
2020 Posted July 16, 2020 Author Share Posted July 16, 2020 (edited) Update: I made the form action="". But still not luck: <form name = "search" method = "POST" action=""> Edited July 16, 2020 by 2020 Quote Link to comment Share on other sites More sharing options...
2020 Posted July 16, 2020 Author Share Posted July 16, 2020 Look. No luck. No rows from db get displayed! Try on your Xampp and see if you can spot what is wrong: <?php //include('error_reporting.php'); ini_set('error_reporting','E_ALL');//Same as: error_reporting(E_ALL); ini_set('display_errors','1'); ini_set('display_startup_errors','1'); ?> <form name = "search" method = "POST" action=""> <label for="keywords">Keywords:*</label> <input type="text" name="keywords" id="keywords" placeholder="Input Keywords" required> <br> <input type="button" name="search_links" id="search_links" value="Search Links!"> <br> <input type="reset"> <br> </form> <?php if($_SERVER['REQUEST_METHOD'] === 'POST') { if(ISSET($_POST['search_links'])) { if(ISSET($_POST['keywords'])) { $keywords = $_POST['keywords']; } mysqli_report(MYSQLI_REPORT_ALL|MYSQLI_REPORT_STRICT); mysqli_connect("localhost","root","","test"); $conn->set_charset("utf8mb4"); if(mysqli_connect_error()) { echo "Could not connect!" . mysqli_connect_error(); } $query = "SELECT page_url,link_anchor_text,page_description,keyphrases,keywords FROM links WHERE keywords = ?"; $stmt = mysqli_stmt_init($conn); if(mysqli_stmt_prepare($stmt,$query)) { mysqli_stmt_bind_param($stmt,'s',$keywords); $result = mysqli_stmt_bind_result($stmt,$page_url,$link_anchor_text,$page_description,$keyphrase,$keywords); mysqli_stmt_execute($stmt); mysqli_stmt_fetch($stmt); while(mysqli_stmt_fetch($result)) { echo "url"; echo "<br>"; echo "anchor_text"; echo "<br>"; echo "description"; echo "<br>"; echo "keyphrases"; echo "<br>"; echo "keywords"; echo "<br>"; echo "|"; echo "<br>"; } mysqli_stmt_close($stmt); mysqli_close($conn); } else { echo "1. QUERY failed!"; } if(mysqli_stmt_prepare($stmt,$query)) { mysqli_stmt_bind_param($stmt,'s',$keywords); mysqli_stmt_execute($stmt); $result = mysqli_stmt_get_result($stmt); while($row = mysqli_fetch_array($result,mysqli_assoc)) { $page_url = $row['page_url']; echo $page_url; echo "<br>"; $link_anchor_text = $row['link_anchor_text']; echo $link_anchor_text; echo "<br>"; $page_description = $row['page_description']; echo $page_description; echo "<br>"; $keyphrases = $row['keyphrases']; echo $keyphrases; echo "<br>"; $keywords = $row['keywords']; echo $keywords; echo "<br>"; echo "|"; echo "<br>"; } mysqli_stmt_close($stmt); mysqli_close($conn); } else { die("2. QUERY failed!"); } } } ?> Quote Link to comment Share on other sites More sharing options...
gw1500se Posted July 16, 2020 Share Posted July 16, 2020 (edited) When I said leave the action off I meant that literally. Don't put that in at all but I don't think that is the real problem. Start debugging by putting print statements after each mysqli to follow your logic so you can tell where it is failing. If you are getting a blank page then make sure there is no logic path where there is no output. Also check the page source to see if there is anything there that the browser is not displaying. Edited July 16, 2020 by gw1500se 1 Quote Link to comment Share on other sites More sharing options...
kicken Posted July 16, 2020 Share Posted July 16, 2020 3 hours ago, 2020 said: $result = mysqli_stmt_bind_result($stmt,$page_url,$link_anchor_text,$page_description,$keyphrase,$keywords); [...] while(mysqli_stmt_fetch($result)) mysqli_stmt_bind_result just returns a bool value, not something you'd use in mysqli_stmt_fetch. You use your $stmt variable there like you did just above. Speaking of the line just above, it shouldn't be there. You don't fetch before your loop. 1 Quote Link to comment Share on other sites More sharing options...
2020 Posted July 17, 2020 Author Share Posted July 17, 2020 Issue SOLVED! No one in this forum or another could figure out what the problem was. I got a handful of programmers in this forum and another that usually are able to help me but on this occassion everyone failed BUT one programmer on another forum who came across my thread last night or so! Some new guy to me. No offense to anyone here. Didn't come here to gloat but share my SOLUTION. 2 of my threads will be closed here and there soon thanks to him. The issue was the buttons I was using weren't working. His button did. Look at my current code. You will see his button (last button out of the 4) and a few (3) of my own above his. None of my buttons work. Test it for yourself! I thought I will mention this in this forum so others can benefit. The first 3 buttons are mine and a failure. The 4th one is his and a PASS: <button type="submit">Submit</button> <button type="submit" value="submit">Submit</button> <input type="submit" value="submit"> <button name=submit value=" ">Submit</button> Quote Link to comment Share on other sites More sharing options...
2020 Posted July 19, 2020 Author Share Posted July 19, 2020 On 7/17/2020 at 3:23 AM, kicken said: mysqli_stmt_bind_result just returns a bool value, not something you'd use in mysqli_stmt_fetch. You use your $stmt variable there like you did just above. Speaking of the line just above, it shouldn't be there. You don't fetch before your loop. So, this is wrong ? $stmt_fetch = mysqli_stmt_fetch($stmt); if($stmt_fetch === FALSE) { printf("Error: %s.\n", mysqli_stmt_error($stmt)); printf("Error: %d.\n", mysqli_stmt_errno($stmt)); die; } while(mysqli_stmt_fetch($stmt)) { echo "$page_url"; echo "<br>"; echo "$link_anchor_text"; echo "<br>"; echo "$page_description"; echo "<br>"; echo "$keyphrase"; echo "<br>"; echo "$keywords"; echo "<br>"; echo "|"; echo "<br>"; } Show me how it should be then in procedural style. Here you go so you don;t have to type from scratch, just re-arrange this how you see fit. In other words, EDIT this ... <?php include 'error_reporting.php'; error_reporting(E_ALL); ini_set('error_reporting',E_ALL); ini_set('display_errors','1'); ini_set('display_startup_errors','1'); if($_SERVER['REQUEST_METHOD'] === 'POST') { if(ISSET($_POST['submit'])) { if(ISSET($_POST['keywords'])) { $keywords = $_POST['keywords']; } $query = "SELECT page_url,link_anchor_text,page_description,keyphrases,keywords FROM links WHERE keywords = ?"; $stmt = mysqli_stmt_init($conn); if(mysqli_stmt_prepare($stmt,$query)) { mysqli_stmt_bind_param($stmt,'s',$keywords); $stmt_execution = mysqli_stmt_execute($stmt); if($stmt_execution === FALSE) { printf("Error: %s.\n", mysqli_stmt_error($stmt)); printf("Error: %d.\n", mysqli_stmt_errno($stmt)); die; } $bind_result = mysqli_stmt_bind_result($stmt,$page_url,$link_anchor_text,$page_description,$keyphrase,$keywords); /*RIDDING THIS BASED ON mac_guyver's ADVICE. if($bind_result === FALSE) { printf("Error: %s.\n", mysqli_stmt_error($stmt)); printf("Error: %d.\n", mysqli_stmt_errno($stmt)); die; } */ $stmt_fetch = mysqli_stmt_fetch($stmt); if($stmt_fetch === FALSE) { printf("Error: %s.\n", mysqli_stmt_error($stmt)); printf("Error: %d.\n", mysqli_stmt_errno($stmt)); die; } while(mysqli_stmt_fetch($stmt)) { echo "$page_url"; echo "<br>"; echo "$link_anchor_text"; echo "<br>"; echo "$page_description"; echo "<br>"; echo "$keyphrase"; echo "<br>"; echo "$keywords"; echo "<br>"; echo "|"; echo "<br>"; } /*RIDDING THIS BASED ON mac_guyver's ADVICE. mysqli_stmt_close($stmt); mysqli_close($conn); */ } else { die("QUERY failed!"); } //die; //2ND ATTEMPT TO DISPLAY TBL RESULTS. THIS TIME USING mysqli_stmt_get_result() FUNCTION. TEST RESULT: ATTEMPT A FAILURE! //Re-write the following 4 lines ... mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT); $conn = mysqli_connect("localhost","root","","test"); $conn->set_charset("utf8mb4"); $query = "SELECT page_url,link_anchor_text,page_description,keyphrases,keywords FROM links WHERE keywords = ?"; $stmt = mysqli_stmt_init($conn); if(mysqli_stmt_prepare($stmt,$query)) { mysqli_stmt_bind_param($stmt,'s',$keywords); $stmt_execution = mysqli_stmt_execute($stmt); if($stmt_execution === FALSE) { printf("Error: %s.\n", mysqli_stmt_error($stmt)); printf("Error: %d.\n", mysqli_stmt_errno($stmt)); die; } $get_result = mysqli_stmt_get_result($stmt); if($get_result === FALSE) { printf("Error: %s.\n", mysqli_stmt_error($stmt)); printf("Error: %d.\n", mysqli_stmt_errno($stmt)); die; } while($row = mysqli_fetch_array($get_result,MYSQLI_ASSOC)) { $page_url = $row['page_url']; echo $page_url; echo "<br>"; $link_anchor_text = $row['link_anchor_text']; echo $link_anchor_text; echo "<br>"; $page_description = $row['page_description']; echo $page_description; echo "<br>"; $keyphrases = $row['keyphrases']; echo $keyphrases; echo "<br>"; $keywords = $row['keywords']; echo $keywords; echo "<br>"; echo "|"; echo "<br>"; } /*RIDDING THIS BASED ON mac_guyver's ADVICE. mysqli_stmt_close($stmt); mysqli_close($conn); */ } else { die("QUERY failed!"); } } } ?> <form name = "search" method = "GET"> <label for="keywords">Keywords:*</label> <input type="text" name="keywords" id="keywords" placeholder="Input Keywords" required> <br> <button type="submit">Submit</button><br> <button type="submit" value="submit">Submit</button><br> <input type="submit" value="submit"><br> <button name=submit value=" ">Search</button><br> <button type="submit" name="submit" value="submit">Search</button> <br> <input type="reset"> <br> </form> That way, I understand your message with no misunderstandings. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.