Hi guys,

I want to search customer details based on National ID.
The customer table is related to this.The structure of the table looks like this.

customer(customer_id, nic, full_name, name_with_initials, address, contact_number, gender)
customer_id is the primary key of the table.

When the user types the National Id (nic) of the customer i want to display the records of the customer in a table or a form.I want all the records to be displayed such as customer_id, full_name etc...

Can anyone give me the coding?


6 Years
Discussion Span
Last Post by heshanm

Save this as hielo.php and try it:

if( isset($_POST['nic']) && !empty($_POST['nic']) )
  mysql_connect("localhost","username","password") or die( mysql_error() );

  mysql_select_db("dbName") or die( mysql_error() );

  $sql = sprintf("SELECT `customer_id`, `nic`, `full_name`, `name_with_initials`, `address`, `contact_number`, `gender` FROM `customer` WHERE `nic`='%s'", mysql_real_escape_string($_POST['nic']) );

  $result=mysql_query($sql) or die( mysql_error() );

  if( 0==mysql_num_rows($result) )
    echo "<p>No records found.</p>";

    echo '<table>';
    echo '<thead><tr><th>' . implode( '</th><th>', array_keys($row) ) . '</th></tr></thead><tbody>';
      echo '<tr><td>' . implode('</td><td>',$row) . '</td></tr>';
    }while( $row=mysql_fetch_assoc($result) );

    echo '</tbody></table>';
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<div>Enter NIC number: <input type="text" name="nic" value="" /> <input type="submit" value="Submit"/></div>

Edited by hielo: typo


I tried, but not worked. This line of your coding should be changed know.

if( 0==mysql_num_rows($result) )

It should be,

if( mysql_num_rows($result)==0)

But still not worked.....


This line of your coding should be changed know.

There is NOTHING wrong with that line.

On line 2, are you sure you included the "!" symbol to the left of empty()?


oops, sorry. i forgot to include that symbol. now it works. Thanks a lot.

Can you explain following lines of your coding.

WHERE `nic`='%s'", mysql_real_escape_string($_POST['nic']
echo '<thead><tr><th>' . implode( '</th><th>', array_keys($row) ) . '</th></tr></thead><tbody>';

And what is "sprintf" in ine 8?


mysql_real_escape_string() is to avoid sql injection. It's for security purposes. IF you don't know what sql injection is, search it. Tons of results out there.

The sprintf() is not required, but I find it easier to construct strings. Look it up on the php manual and be sure to look at the examples section.

As for that last line, it just puts the name of the fields at the top of the table. Look up the implode() and array_keys() in the manual as well. All of these are well documented that it is pointless for me to try to reword what is already properly and clearly described in the manual.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.