Jump to content

[SOLVED] Could somebody help me with this code please...

joshgarrod

By joshgarrod
in PHP Coding Help

 Share

Recommended Posts

joshgarrod Regular Member

joshgarrod

Posted
Posted

This is a PHP search script which customers use to search our table for products we have in stock. However, there is an error if one where to search a phrase with more than one word. Below I have quoted the errors and shown my script:

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/file/sites/www.myurl.co.uk/Search.php on line 58

 

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/file/sites/www.myurl.co.uk/Search.php on line 76

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Search for spares</title>
<style type="text/css">
<!--
.style1 {font-family: Arial, Helvetica, sans-serif}
-->
</style>
</head>

<body>
<h2 class="style1">Search</h2> 
<form action="<?=$PHP_SELF?>" method="post" name="search" class="style1">
Seach for: <input type="text" name="find" /> in 
<Select NAME="field">
<Option VALUE="ID">Stock ID</option>
<Option VALUE="StockNumber">Stock number</option>
<Option VALUE="StockDescription">Stock description</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>
<p class="style1">
  <? 
//This is only displayed if they have submitted the form 
if ($searching =="yes") 
{ 
echo "<h2>Results</h2><hr>"; 

//If they did not enter a search term we give them an error 
if ($find == "") 
{ 
echo "<p>You forgot to enter a search term"; 
exit; 
} 

// Otherwise we connect to our Database 
mysql_connect("localhost", "ssfjdg", "idffhh") or die(mysql_error()); 
mysql_select_db("sto21") or die(mysql_error()); 

// We preform a bit of filtering 
$find = strtoupper($find); 
$find = strip_tags($find); 
$find = trim ($find); 

//Now we search for our search term, in the field the user specified 
$find_array = explode(" ", $find);
$find_sql = "";     // init
foreach ($find_array as $temp)
   $find_sql .= "LIKE '%$temp%' OR ";
$find_sql = substr($find_sql, 0, -3);  // throw away last OR statement

$data = mysql_query("SELECT * FROM stock WHERE upper($field) $find_sql");

//And we display the results 
while($result = mysql_fetch_array( $data )) 
{ 
echo "<b>Stock ID:   </b>";
echo $result['ID']; 
echo "<br>"; 
echo "<b>Stock number:   </b>";
echo $result['StockNumber']; 
echo "<br>"; 
echo "<b>Stock description:   </b>";
echo $result['StockDescription']; 
echo "<br>"; 
echo "<b>Price:   </b>";
echo $result['ItemPrice']; 
echo "<br>"; 
echo "<hr>";
} 

//This counts the number or results - and if there wasn't any it gives them a little message explaining that 
$anymatches=mysql_num_rows($data); 
if ($anymatches == 0) 
{ 
echo "Sorry, but we can not find an entry to match your query<br><br>"; 
} 

//And we remind them what they searched for 
echo "<b>Searched For:</b> " .$find; 
} 
?>
</p>
</body>
</html>

trq Prolific Member

trq

Posted
Posted

Echo your query prior to execution so you can try and debug the problem.

 

Also, the reason your actually seeing the errors is becasue you have failed to check the query has succeeded before attempting to use it results. This is just poor coding practice, and alot of people do it. Anything that might return false, should be enclosed in an if() to check.

per1os Member

per1os

Posted
Posted 

<?php
//etc above...
$find_sql = substr($find_sql, 0, -3);  // throw away last OR statement
echo "SQL Was: " . $find_sql . "<br />"
$data = mysql_query("SELECT * FROM stock WHERE upper($field) $find_sql") OR DIE("SQL Was: " . $find_sql . "<br />ERROR: " . mysql_error());

//And we display the results

 

See what that outputs.

trq Prolific Member

trq

Posted
Posted

Instead of placing your query directly into mysql_query(), place it in a variable, from here you can echo it for debuging.

 

<?php

  $sql = "SELECT * FROM stock WHERE upper($field) $find_sql";
  // debug sql.
  die($sql);
  $data = mysql_query($sql);

?>

 

As for the checks, the typical syntax for a slect query should be....

 

<?php

  $sql = "SELECT foo FROM bar";
  if ($result = mysql_query($sql)) {
    if (mysql_num_rows($result)) {
      // It is now safe to use $result.
    } else {
      // No results found.
    }
  } else {
    // Query failed. Good place to debug, eg;
    echo "Query failed<br />" . $sql . "<br />" . mysql_error();
  }

?>

joshgarrod Regular Member

joshgarrod

Posted
  • Author
Posted

I already have but I will again:

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sto21/sites/www.stowmarketcaravans.co.uk/Search.php on line 70

 

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/sto21/sites/www.stowmarketcaravans.co.uk/Search.php on line 88

Sorry, but we can not find an entry to match your query

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Search for spares</title>
<style type="text/css">
<!--
.style1 {font-family: Arial, Helvetica, sans-serif}
-->
</style>
</head>

<body>
<h2 class="style1">Search</h2> 
<form action="<?=$PHP_SELF?>" method="post" name="search" class="style1">
Seach for: <input type="text" name="find" /> in 
<Select NAME="field">
<Option VALUE="ID">Stock ID</option>
<Option VALUE="StockNumber">Stock number</option>
<Option VALUE="StockDescription">Stock description</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>
<p class="style1">
 <? 
//This is only displayed if they have submitted the form 
if ($searching =="yes") 
{ 
echo "<h2>Results</h2><hr>"; 

//If they did not enter a search term we give them an error 
if ($find == "") 
{ 
echo "<p>You forgot to enter a search term"; 
exit; 
} 

// Otherwise we connect to our Database 
mysql_connect("localhost", "sser1", "ixser8") or die(mysql_error()); 
mysql_select_db("ersser") or die(mysql_error()); 

// We preform a bit of filtering 
$find = strtoupper($find); 
$find = strip_tags($find); 
$find = trim ($find); 

//Now we search for our search term, in the field the user specified 
$find_array = explode(" ", $find);
$find_sql = "";     // init
foreach ($find_array as $temp)
  $find_sql .= "LIKE '%$temp%' OR ";
$find_sql = substr($find_sql, 0, -3);  // throw away last OR statement

$data = mysql_query("SELECT * FROM stock WHERE upper($field) $find_sql");
 $sql = "SELECT * FROM stock";
 if ($result = mysql_query($sql)) {
   if (mysql_num_rows($result)) {
     // It is now safe to use $result.
   } else {
     // No results found.
   }
 } else {
   // Query failed. Good place to debug, eg;
   echo "Query failed<br />" . $sql . "<br />" . mysql_error();
 }


//And we display the results 
while($result = mysql_fetch_array( $data )) 
{ 
echo "<b>Stock ID:   </b>";
echo $result['ID']; 
echo "<br>"; 
echo "<b>Stock number:   </b>";
echo $result['StockNumber']; 
echo "<br>"; 
echo "<b>Stock description:   </b>";
echo $result['StockDescription']; 
echo "<br>"; 
echo "<b>Price:   </b>";
echo $result['ItemPrice']; 
echo "<br>"; 
echo "<hr>";
} 

//This counts the number or results - and if there wasn't any it gives them a little message explaining that 
$anymatches=mysql_num_rows($data); 
if ($anymatches == 0) 
{ 
echo "Sorry, but we can not find an entry to match your query<br><br>"; 
} 

//And we remind them what they searched for 
echo "<b>Searched For:</b> " .$find; 
} 
?>
</p>
</body>
</html>

per1os Member

per1os

Posted
Posted 

<?php
//etc above...
$find_sql = substr($find_sql, 0, -3);  // throw away last OR statement
$sql = "SELECT * FROM stock WHERE upper($field) $find_sql";
echo "SQL Was: " . $sql . "<br />";
$data = mysql_query($sql) OR DIE("SQL Was: " . $sql . "<br />ERROR: " . mysql_error());

//And we display the results

 

Post the results when that is implemented. We need to see the actual SQL Query, you know the thing that goes to the database and grabs the data?  Note the SQL Was: and the ERROR: part, paste everything that was outputted from that.

 

For easy copy and paste here is the above implemented into your code.

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Search for spares</title>
<style type="text/css">
<!--
.style1 {font-family: Arial, Helvetica, sans-serif}
-->
</style>
</head>

<body>
<h2 class="style1">Search</h2> 
<form action="<?=$PHP_SELF?>" method="post" name="search" class="style1">
Seach for: <input type="text" name="find" /> in 
<Select NAME="field">
<Option VALUE="ID">Stock ID</option>
<Option VALUE="StockNumber">Stock number</option>
<Option VALUE="StockDescription">Stock description</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>
<p class="style1">
  <? 
//This is only displayed if they have submitted the form 
if ($searching =="yes") 
{ 
echo "<h2>Results</h2><hr>"; 

//If they did not enter a search term we give them an error 
if ($find == "") 
{ 
echo "<p>You forgot to enter a search term"; 
exit; 
} 

// Otherwise we connect to our Database 
mysql_connect("localhost", "sser1", "ixser8") or die(mysql_error()); 
mysql_select_db("ersser") or die(mysql_error()); 

// We preform a bit of filtering 
$find = strtoupper($find); 
$find = strip_tags($find); 
$find = trim ($find); 

//Now we search for our search term, in the field the user specified 
$find_array = explode(" ", $find);
$find_sql = "";     // init
foreach ($find_array as $temp)
   $find_sql .= "LIKE '%$temp%' OR ";
$find_sql = substr($find_sql, 0, -3);  // throw away last OR statement
$find_sql = substr($find_sql, 0, -3);  // throw away last OR statement

$sql = "SELECT * FROM stock WHERE upper($field) $find_sql";
echo "SQL Was: " . $sql . "<br />";
$data = mysql_query($sql) OR DIE("SQL Was: " . $sql . "<br />ERROR: " . mysql_error());

  $sql = "SELECT * FROM stock";
  if ($result = mysql_query($sql)) {
    if (mysql_num_rows($result)) {
      // It is now safe to use $result.
    } else {
      // No results found.
    }
  } else {
    // Query failed. Good place to debug, eg;
    echo "Query failed<br />" . $sql . "<br />" . mysql_error();
  }


//And we display the results 
while($result = mysql_fetch_array( $data )) 
{ 
echo "<b>Stock ID:   </b>";
echo $result['ID']; 
echo "<br>"; 
echo "<b>Stock number:   </b>";
echo $result['StockNumber']; 
echo "<br>"; 
echo "<b>Stock description:   </b>";
echo $result['StockDescription']; 
echo "<br>"; 
echo "<b>Price:   </b>";
echo $result['ItemPrice']; 
echo "<br>"; 
echo "<hr>";
} 

//This counts the number or results - and if there wasn't any it gives them a little message explaining that 
$anymatches=mysql_num_rows($data); 
if ($anymatches == 0) 
{ 
echo "Sorry, but we can not find an entry to match your query<br><br>"; 
} 

//And we remind them what they searched for 
echo "<b>Searched For:</b> " .$find; 
} 
?>
</p>
</body>
</html>

 

Run that and paste what is outputted to the screen.

joshgarrod Regular Member

joshgarrod

Posted
  • Author
Posted

error:

 

SQL Was: SELECT * FROM stock WHERE upper(StockDescription) LIKE '%BUNK%' OR LIKE '%BOARD

SQL Was: SELECT * FROM stock WHERE upper(StockDescription) LIKE '%BUNK%' OR LIKE '%BOARD

ERROR: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE '%BOARD' at line 1

per1os Member

per1os

Posted
Posted

Wow that was easy huh?

 

Alright now it is time to fix that sql statement:

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Search for spares</title>
<style type="text/css">
<!--
.style1 {font-family: Arial, Helvetica, sans-serif}
-->
</style>
</head>

<body>
<h2 class="style1">Search</h2> 
<form action="<?=$PHP_SELF?>" method="post" name="search" class="style1">
Seach for: <input type="text" name="find" /> in 
<Select NAME="field">
<Option VALUE="ID">Stock ID</option>
<Option VALUE="StockNumber">Stock number</option>
<Option VALUE="StockDescription">Stock description</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>
<p class="style1">
  <?php
//This is only displayed if they have submitted the form 
if ($searching =="yes") 
{ 
echo "<h2>Results</h2><hr>"; 

//If they did not enter a search term we give them an error 
if ($find == "") 
{ 
echo "<p>You forgot to enter a search term"; 
exit; 
} 

// Otherwise we connect to our Database 
mysql_connect("localhost", "sser1", "ixser8") or die(mysql_error()); 
mysql_select_db("ersser") or die(mysql_error()); 

// We preform a bit of filtering 
$find = strtoupper($find); 
$find = strip_tags($find); 
$find = trim ($find); 

//Now we search for our search term, in the field the user specified 
$find_array = explode(" ", $find);
$find_sql = "";     // init
foreach ($find_array as $temp)
   $find_sql .= "upper($field) LIKE '%$temp%' OR ";
// note only need to do the substr once, the second time was removing the other %'
$find_sql = substr($find_sql, 0, -3);  // throw away last OR statement 

$sql = "SELECT * FROM stock WHERE $find_sql";
echo "SQL Was: " . $sql . "<br />";
$data = mysql_query($sql) OR DIE("SQL Was: " . $sql . "<br />ERROR: " . mysql_error());

  $sql = "SELECT * FROM stock";
  if ($result = mysql_query($sql)) {
    if (mysql_num_rows($result)) {
      // It is now safe to use $result.
    } else {
      // No results found.
    }
  } else {
    // Query failed. Good place to debug, eg;
    echo "Query failed<br />" . $sql . "<br />" . mysql_error();
  }


//And we display the results 
while($result = mysql_fetch_array( $data )) 
{ 
echo "<b>Stock ID:   </b>";
echo $result['ID']; 
echo "<br>"; 
echo "<b>Stock number:   </b>";
echo $result['StockNumber']; 
echo "<br>"; 
echo "<b>Stock description:   </b>";
echo $result['StockDescription']; 
echo "<br>"; 
echo "<b>Price:   </b>";
echo $result['ItemPrice']; 
echo "<br>"; 
echo "<hr>";
} 

//This counts the number or results - and if there wasn't any it gives them a little message explaining that 
$anymatches=mysql_num_rows($data); 
if ($anymatches == 0) 
{ 
echo "Sorry, but we can not find an entry to match your query<br><br>"; 
} 

//And we remind them what they searched for 
echo "<b>Searched For:</b> " .$find; 
} 
?>
</p>
</body>
</html>

 

Try that and see what happens. If all works remove the echo "SQL Was:" portion and you are good.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.