Hi All,

the following is a script to search using LIKE. i know data exists, but its simply not playing.

any help on syntax corrections would be appreciated.



if (isset($_POST['search'])){
	echo $column = $_POST['column'];
	echo "<br>";
	echo $param1 = $_POST['param1'];
	$srch = "%".$param1."%";
	echo $SQL = "SELECT * FROM tbl_leads WHERE '$column' LIKE '$srch'";
	$result = mysql_query($SQL) or die(mysql_error());
	echo "<table>";
	echo "<tr><td>Title</td><td>First Name</td><td>Surname</td><td>Email</td></tr>";
	while ($row = mysql_fetch_assoc($result)){
		echo "<tr><td>" . $row['title'] . "</td><td>" . $row['fname'] . "</td><td>" . $row['lname'] . "</td><td>" . $row['email'] . "</td></tr><br>";

I don't think you should use single quotes around $column. It may be treated as a string. Use backticks instead.

Whether u r getting inside the if condition.
If no check out the method in the form tag it may be "GET". Use $_GET instead of $_POST if so....

Just place your form tag

Try this,

//$srch = "%".$param1."%";
$SQL=mysql_query("SELECT * FROM tbl_leads WHERE $column LIKE '%$parmal%'");

Remove the quotes '$column'. The quotes for the $parmal variable is fine since we are adding the wildcard %.

Also not sure why you were echo'ing the sql query. Just make sure you have a link established somewhere.
Like this:


function connecttodb($servername,$dbname,$dbuser,$dbpassword)
GLOBAL $link;
$link=mysql_connect ("$servername","$dbuser","$dbpassword");
if(!$link){DIE("Could not connect to MySQL");}
mysql_select_db("$dbname",$link) OR DIE ("could not open db".mysql_error());

Just to verify the SQL is working as intended. My trick or tip, is to take the statement and run it your My phpadmin by replacing the variables with actual data that maybe selected. There you can see if the statement is getting data, and if not what error you are getting.