Member Avatar for stutco

I need a simple script to do the following...
a form that a zipcode is entered into and when subbmitted returns the results matching the field zipid. Here is what I have but I can not get it to work...

FORM

<form method="post" action="http://alwaysaegis.com/cms2/content/results.php" target="_blank">
<div align="center">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td bordercolor="#000000">
<p align="center">
<select name="metode" size="1">
<option value="zipid">zipid</option>
</select> <input type="text" name="search" size="25"> &nbsp;<br>
Search database: <input type="submit" value="Go!!" name="Go"></p>
</td>
</tr>
</table>
</div>
</form>

script
<center>
<table border="1" cellpadding="5" cellspacing="0" bordercolor="#000000">
<tr>
<td width="60"><b>zipid</b></td>
<td width="100"><b>cname</b></td>
<td width="70"><b>phone</b></td>
<td width="150"><b>zip</b></td>
</tr>
<tr>
<td>
<? $hostname = "localhost"; // The Thinkhost DB server.
$username = "**********"; // The username you created for this database.
$password = "*******"; // The password you created for the username.
$usertable = "*********"; // The name of the table you made.
$dbName = "*********"; // This is the name of the database you made.

MYSQL_CONNECT($hostname, $username, $password) OR DIE("DB connection unavailable");
@mysql_select_db( "$dbName") or die( "Unable to select database");
?>
<?
//error message (not found message)begins
$XX = "No Record Found, to search again please close this window";
//query details table begins
$query = mysql_query("SELECT * FROM $usertable WHERE $metode LIKE '%'search'%' LIMIT 0, 50");
while ($row = @mysql_fetch_array($query))
{
$variable1=$row["zipid"];
$variable2=$row["cname"];
$variable3=$row["phone"];
$variable4=$row["zip"];
//table layout for results

print ("<tr>");
print ("<td>$variable1</td>");
print ("<td>$variable2</td>");
print ("<td>$variable3</td>");
print ("<td>$variable4</td>");
print ("</tr>");
}
//below this is the function for no record!!
if (!$variable1)
{
print ("$XX");
}
//end
?>
</table>
</center>

  • 3 Contributors
  • 2 Replies
  • 123 Views
  • 3 Days Discussion Span
  • Latest Post Latest Post by trudge

Recommended Answers

All 2 Replies

Member Avatar for ndeniche

you should try using [code=php] [/code] tags... that way people could understand better...

dunno where's the problem tho...

Member Avatar for trudge

A couple of things I note, while not being a PHP programmer.

You should try to use placeholders when doing any SELECT based on user input to avoid SQL Injection attacks. If you don't know what that is look it up.

I assume that you are using the real user and password to log in?

And what do you mean by '..can not get it to work'?

Does that mean your script doesn't run at all?

Does it run but return something unexpected?

Does it return anything? If so what?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.