Wild Card search not working...

Reply

Join Date: Jan 2009
Posts: 151
Reputation: Phil++ is an unknown quantity at this point 
Solved Threads: 3
Phil++ Phil++ is offline Offline
Junior Poster

Wild Card search not working...

 
0
  #1
Oct 26th, 2009
Hey, I need to create a search engine that searchs through a database but the wild card doesn't work for me:

PHP Syntax (Toggle Plain Text) 
  1. <?php
  2.    include ('header.php');
  3.    $s = $_POST['search_term'];
  4.    $by = $_POST['by'];
  5.  
  6.    if(!$s && $by) // Check that the details are entered correctly
  7.    { 
  8.       echo '<p>You have not entered the required fields</p>';
  9.       exit();
  10.    }
  11.     //  LIKE '%$searchterm%' 
  12.               $query = "SELECT * FROM products WHERE artist LIKE '% $s %'";
  13.               $result = mysql_query($query) or trigger_error("Query: $query \n<br />Mysql error: 		 " . mysql_error());
  14.  
  15.               if(mysql_affected_rows() >= 1)
  16.               {
  17.                  while($row = mysql_fetch_array($result))
  18.                  {
  19.                      echo '<p>Your search result for ' .$search_term. '';
  20.                      echo '<blockquote>';
  21.                      echo '<img src="' .$row['pic']. '">';
  22.                      echo '<p>' .$row['desc']. '<br />';
  23.                      echo 'Price: ' .$row['price']. '<br />';
  24.                      echo '</blockquote>';
  25.                   }
  26.                 }else{
  27.                   echo '<p>No artist found, did you spell it right?</p>';
  28.                 }
  29.  
  30. ?>

Any help would be great. Thanks.
If you ask me questions through Private messaging I won't reply.
Reply With Quote Quick reply to this message  
Join Date: May 2008
Posts: 525
Reputation: Will Gresham is on a distinguished road 
Solved Threads: 86
Sponsor
Will Gresham's Avatar
Will Gresham Will Gresham is offline Offline
Posting Pro
 
1
  #2
Oct 26th, 2009
Remove the spaces between the %s and the value.

If the user entered 'Google' then the search query would look like:
PHP Syntax (Toggle Plain Text) 
  1. $query = "SELECT * FROM products WHERE artist LIKE '% Google %'";
This would return values where the products column had an entry of 'something Google something'
AJAX is not a programming language, scripting language or any other sort of language.
It is acheived by using JavaScript http functions.
So, AJAX = JavaScript.
Reply With Quote Quick reply to this message  
Join Date: May 2007
Posts: 455
Reputation: Atli is on a distinguished road 
Solved Threads: 56
Atli's Avatar
Atli Atli is online now Online
Posting Pro in Training
 
1
  #3
Oct 27th, 2009
Hey.

Also, on line #15 you use the mysql_affected_rows function, where you should be using the mysql_num_rows function.

The mysql_affected_rows function only returns the number or rows affected by INSERT, UPDATE, REPLACE or DELETE queries. SELECT queries have no affect on any rows, and as such, the function doesn't return a valid result for them.
Please do not ask for help in a PM. Use the forums.
And use [code] tags!
Reply With Quote Quick reply to this message  
Join Date: Sep 2009
Posts: 557
Reputation: network18 is an unknown quantity at this point 
Solved Threads: 64
network18 network18 is offline Offline
Posting Pro
 
0
  #4
Oct 27th, 2009
if your query is failing try to echo the query and execute it directly in the mysql and post if any error you getting there. or else post the error you echoing in your php
"The discipline of writing something down is the first step towards making it happen."

follow me on twitter
Reply With Quote Quick reply to this message  
Join Date: Oct 2009
Posts: 29
Reputation: liamfriel is an unknown quantity at this point 
Solved Threads: 1
liamfriel's Avatar
liamfriel liamfriel is offline Offline
Light Poster
 
0
  #5
Oct 27th, 2009
Also addslashes(); to your search term somtimes users entering quotes can cause sql to fail.
They throw us away like yesterdays jam - Maurice Mossley

Please - rep if someone helps you, it can't be traded for stuff, but it's nice.
Reply With Quote Quick reply to this message  
Join Date: May 2007
Posts: 455
Reputation: Atli is on a distinguished road 
Solved Threads: 56
Atli's Avatar
Atli Atli is online now Online
Posting Pro in Training
 
1
  #6
Oct 27th, 2009
Originally Posted by liamfriel View Post
Also addslashes(); to your search term somtimes users entering quotes can cause sql to fail.
The mysql_real_escape_string function would be better. It does more than just add slashes, it escapes any char that would mess up the query.

It should be used on any data that is to be inserted into a MySQL query, especially user-supplied data. (See SQL Injection)
Last edited by Atli; Oct 27th, 2009 at 1:18 pm.
Please do not ask for help in a PM. Use the forums.
And use [code] tags!
Reply With Quote Quick reply to this message  
Join Date: Oct 2009
Posts: 29
Reputation: liamfriel is an unknown quantity at this point 
Solved Threads: 1
liamfriel's Avatar
liamfriel liamfriel is offline Offline
Light Poster
 
0
  #7
Oct 28th, 2009
Originally Posted by Atli View Post
The mysql_real_escape_string function would be better. It does more than just add slashes, it escapes any char that would mess up the query.

It should be used on any data that is to be inserted into a MySQL query, especially user-supplied data. (See SQL Injection)
Thanks - I have spent so long using a custom function(that uses mysql_real_escape_string()) to validate my data I forgot about it.

If anyone is interested:

PHP Syntax (Toggle Plain Text) 
  1. function make_safe($string) {
  2.     $string = preg_replace('#<!\[CDATA\[.*?\]\]>#s', '', $string);
  3.     $string = strip_tags($string);
  4.     $string = htmlentities($string, ENT_NOQUOTES, 'UTF-8', false);
  5.     $string = stripslashes($string);
  6.     $string = mysql_real_escape_string($string);
  7.     return $string;
  8. }
They throw us away like yesterdays jam - Maurice Mossley

Please - rep if someone helps you, it can't be traded for stuff, but it's nice.
Reply With Quote Quick reply to this message  
Join Date: Oct 2009
Posts: 29
Reputation: liamfriel is an unknown quantity at this point 
Solved Threads: 1
liamfriel's Avatar
liamfriel liamfriel is offline Offline
Light Poster
 
0
  #8
Oct 28th, 2009
Double post please delete
Last edited by liamfriel; Oct 28th, 2009 at 10:51 am. Reason: double post - please delete
They throw us away like yesterdays jam - Maurice Mossley

Please - rep if someone helps you, it can't be traded for stuff, but it's nice.
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
Message:



Similar Threads
Other Threads in the PHP Forum
Thread Tools Search this Thread



Tag cloud for PHP
.htaccess access ajax apache api array beginner binary body broken cakephp checkbox class cms code cron curl database date date/time directory display download dynamic echo email error file files folder form forms function functions google href htaccess html image include insert integration ip java javascript joomla limit link list login loop mail menu mlm mod_rewrite msqli_multi_query multiple mycodeisbad mysql oop parse paypal pdf php problem query radio random recursion regex remote script search send seo server sessions sms soap source space sql static structure syntax system table tutorial update upload url validation validator variable video web webdesign wordpress xml youtube
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC