Jump to content

Syntax Error for Search Database

C4talyst

By C4talyst
in PHP Coding Help

 Share

Recommended Posts

C4talyst Newbie

C4talyst

Posted
Posted

Hey Freaks...hoping someone can help me, I'm a php newb.  This is my page:

 

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
    "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

    <title>Membership Database</title>
    <meta http-equiv="Content-type" content="text/html; charset=iso-8859-1">
    <meta http-equiv="Content-Language" content="en-us">
    <style type="text/css">@import "style.css";</style>

</head>

<body>

<div id="mdb_top">
<div id="mdb_nav" style="padding: 2px;" align="center"><a href="index.php">MDB Home</a> | <a href="add.php">Add Nation</a> | <a href="search.php">Find Nation</a></div>
</div>

      <table border="0" cellpadding="3" cellspacing="3" width="700">
      <form method="get" action="search.php">
       <tr>
        <td width="700" colspan="3" bgcolor="#414B3F">
        <h3>Find Nation in ACDC Membership Database</h3>
        </td>
       </tr>
       <tr>
      	<td width="400" bgcolor="#768872"  valign="top" align="left">
      	 <input class="form" type="text" name="q" value="" size="30" />
      	</td>
      	<td width="200" bgcolor="#768872"  valign="top" align="left">
        <select class="form" type="text" name="metode" value="" size="1">
        <option value ="id">Nation ID</option>
        <option value ="cnnation">Nation Name</option>
        <option value ="cnruler">Nation Ruler</option>
        <option value ="acdcuser">ACDC Member</option>
        <option value ="positions">Position</option>
        </select>
      	</td>
      	<td width="100" bgcolor="#768872"  valign="top" align="left">
      	 <input class="form" type="submit" value="SUBMIT" />
      	</td>
      </tr>
      </form>
     </table>

<? 
$hostname = "localhost";
$username = "acdcalliance";
$password = "testpass22";
$usertable = "members"; 
$dbName = "acdc-alliance_com-mdb"; //  
MYSQL_CONNECT($hostname, $username, $password); 
@mysql_select_db( "$dbName") or die( "Unable to select database"); 
?> 
<? 
//error message (not found message) 
$XX = "No Record Found"; 
$query = mysql_query("SELECT * FROM $usertable WHERE $metode LIKE '%$search%' LIMIT 0, 30 ") or die("Error in select: " . mysql_error());
while ($row = mysql_fetch_array($query)) 
{  
$variable1=$row["cnnation"]; 
$variable2=$row["cnruler"]; 
$variable3=$row["acdcuser"]; 
$variable4=$row["position"]; 
print ("this is for $variable1, and this print the variable2 end so on..."); 
} 

//below this is the function for no record!! 
if (!$variable1) 
{ 
print ("$XX"); 
} 
//end 
?>

</body>

 

When I access the page it kicks out this error:

Error in select: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE '%%' LIMIT 0, 30' at line 1

 

This is the line in question:

$query = mysql_query("SELECT * FROM $usertable WHERE $metode LIKE '%$search%' LIMIT 0, 30 ") or die("Error in select: " . mysql_error());

 

Can anyone tell me what's wrong with my syntax?  I'm a newb so explaining it to me may not allow me to fix it on my own.

Link to comment
https://forums.phpfreaks.com/topic/70525-syntax-error-for-search-database/
Share on other sites
sayedsohail Advanced Member

sayedsohail

Posted
Posted

You need to capture the post values from the form, add this two lines inside your code above the $hostname etc, and there is not need to escape etc, its all stupid for the beginners - your original code is quite enough to do the job.  Although there are lots of improvement can be done for advance level users.  but this two lines should do the job for you to get the immediate results.

 

$search = $_GET['q'];

$metode = $_GET['metode'];

 

$hostname = "localhost";

$username = "acdcalliance";

$password = "testpass22";

$usertable = "members";

$dbName = "acdc-alliance_com-mdb"; // 

 

Secondly its recommended to check the post/get values against sql injection for security reasons.

 

Anyway this is keep you going.

 

best of luck.

 

C4talyst Newbie

C4talyst

Posted
  • Author
Posted

Thanks for all the input guys, even after the latest round of changes I still get this error:

 

Error in select: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE '%%' LIMIT 0, 30' at line 1

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.