3

The task is pretty straight forward. Using an html form, a last name is posted into a php code which connects to myAdmin database and returns the first and last name associated with the form posted last name from the html search. I've double checked my database, as well as the connection php I am using. The information is in the db and my connection.php file has worked fine for other files accessing and manipulating this same db. Anyway here is my html code:

<html>
<body>
<form action="where.php" method="post">
Lastname: <input type="text" name="lastname" />
<input type="submit" name="search" />
</form>
</body>
</html>

and my post php code:

<?php
include('connection.php');

$sql = "SECLECT * FROM PERSONS WHERE LastName ='$_POST[lastname]'";
$result = mysql_query($sql);
?>

<table border='1'>
<tr>
    <td>Firstname</td>
    <td>Lastname</td>
</tr>

<?php
while($row = mysql_fetch_array($result))
{
?>
  <tr>
  <td><?php echo $row['FirstName'] ?></td>
  <td><?php echo $row['LastName'] ?></td>
  </tr>

<?php
}
?>
</table>

<?php
mysql_close($con);
?>

Anyone see why when I search for a valid last name I get back a table that only has the headings but no values?

James Wilkerson
  • 31
  • 1
  • 3
  • 1
    You should stop using `mysql_*` functions. They're being deprecated. Instead use [PDO](http://php.net/manual/en/book.pdo.php) (supported as of PHP 5.1) or [mysqli](http://php.net/manual/en/book.mysqli.php) (supported as of PHP 4.1). If you're not sure which one to use, [read this SO article](http://stackoverflow.com/questions/13569/mysqli-or-pdo-what-are-the-pros-and-cons). – Matt Aug 03 '12 at 18:37
  • What errors are you getting? Try echoing your input as well. – j08691 Aug 03 '12 at 18:37
  • I don't get an error I just get a table with headings Firstname and Lastname and no actual values inside. I have to use mysql functions b/c this is for a class and it's what my professor is teaching us :/ – James Wilkerson Aug 03 '12 at 18:41
  • so idk what PDO or mysqli is since the whole time we've been using mysql – James Wilkerson Aug 03 '12 at 18:42
  • try echo before your $sql and copy the query and get it execute in your myadmin daatabase: echo $sql = "SECLECT * FROM PERSONS WHERE LastName ='$_POST[lastname]'"; – metalfight - user868766 Aug 03 '12 at 18:45
  • when i put the echo in it returns: formSELECT * FROM PERSONS WHERE LastName ='Wilkerson' Firstname Lastname (Firstname and Lastname are the headings for the empty table it returns) – James Wilkerson Aug 03 '12 at 18:49
  • i think what they meant was to take the results of the echo up to 'Wilkerson' and put that query into your myadmin and run the query to see what it returns. – Jim Aug 03 '12 at 18:53
  • can you please do print_r($row); in while loop and paste the output. I think your connection.php is the reason. Can you do mysql_query($sql) or die (mysql_error()); – metalfight - user868766 Aug 03 '12 at 18:56
  • Ok everything is working now after implementing all of the suggestions! I'm really sorry for such a stupid question, but I'm not a programmer, just taking this as part of grad school. I find my problems are typically stupid little things like using " when I need ' or being dyslexic -__- Anyway, I'm good to go now thanks to you guys! Really appreciate it! – James Wilkerson Aug 03 '12 at 18:57
  • @JamesWilkerson If you could post what the correct way was, that may help out someone else in the future. Glad you got it figured out. – Jim Aug 03 '12 at 19:09
  • Not only should you not use `mysql_*` functions, what you're doing is leaving yourself open for SQL injection attacks. If someone enters a last name of `';DROP TABLE PERSONS;--`, then you'll be deleting your entire PERSONS table. Please see http://bobby-tables.com/php.html for details on how to use bind parameters. – Andy Lester Aug 03 '12 at 21:48

4 Answers4

1

You put "SECLECT" on the query. It's SELECT.

Daniel
  • 23,129
  • 12
  • 109
  • 154
Pablo Anaya
  • 181
  • 1
  • 1
  • 8
  • yeah I get dyslexic on my scripts sometimes lol, but I fixed that and it's still returning a blank table – James Wilkerson Aug 03 '12 at 18:47
  • $_POST[lastname] -> $_POST["lastname"] maybe? – Pablo Anaya Aug 03 '12 at 18:50
  • tried that, but it just gives me a server error instead of returning anything at all – James Wilkerson Aug 03 '12 at 18:52
  • A better way would be, in my oppinion, something like this: $sql = "SELECT * FROM PERSONS WHERE LastName ='".$_POST['lastname']."'; – Pablo Anaya Aug 03 '12 at 18:55
  • That's really weird. When I put it in " like you suggested, I got a server error. I took the quotes out and now my script is working perfectly and returning a filled out table! It was probably a combination of a bunch of little things. Thanks for the help! – James Wilkerson Aug 03 '12 at 18:55
  • is there any way to give you guys props for helping me out? It won't let me vote up b/c this is my first post on the site, but is there a way to give you guys individual props for the help? – James Wilkerson Aug 03 '12 at 19:01
  • You can accept one answer, which gives rep to the person who wrote it. – Mark Vrabel May 15 '13 at 16:41
1

Try changing your query to - 

$sql = "SELECT * FROM PERSONS WHERE LastName like '%$_POST[lastname]%'";

If it shows some results then you may have problem in exact match scenario

kewlashu
  • 1,099
  • 10
  • 18
0
 <td><?php echo $row['FirstName'] ?></td>
  <td><?php echo $row['LastName'] ?></td>

both need ;'s (semi-colons) for example:

<td><?php echo $row['FirstName']; ?></td>
<td><?php echo $row['LastName']; ?></td>
Jim
  • 1,315
  • 4
  • 17
  • 45
0

Try This:

$sql = ("SELECT * FROM PERSONS WHERE LastName ='".$_POST['lastname']."'");

Also take a look at this. I know it is an android/json tutorial but if you use the print function, do a little more tweaking and change your query to something without a variable.

$sql = ("SELECT * FROM PERSONS WHERE LastName ='Doe'");

You can then test by navigating to this "test" page. The results will be on the screen. This may help to pinpoint your problem

sealz
  • 5,348
  • 5
  • 40
  • 70
  • turns out my main problem was being dyslexic and somehow constantly overlooking SECLECT instead of SELECT for the last hour :( I feel so stupid – James Wilkerson Aug 03 '12 at 19:02