Syntax error, unexpected '?' in pagination search

Question

I'm trying to get a search function working on my site, I have pagination which works when I browse via the (Prev/Next). I've copied the source for the pagination and edited the queries to work with the search function. But I'm getting an error:

Parse error: syntax error, unexpected '?' in C:\xampp\htdocs**SNIP**\MySQL_DB\search.php on line 16

I have tried replacing the ? with variable '%?%' got from $term = $_POST['search']; But i get a

Warning: Division by zero in C:\xampp\htdocs\freedeals\MySQL_DB\search.php on line 16

Source Code For Search Pagination

<?php include 'connect_auth.php';?>
<?php $dbh=Connection() ?>
<?php
try {
$term = $_POST['search'];

//$term = "seg";
    // Find out how many items are in the table
    $total = $dbh->query('
        SELECT
            COUNT(*)
        FROM
            buy_car
        WHERE 
            description like '%?%'
        OR
            make like '%?%'

    ')->fetchColumn();



    // How many items to list per page
    $limit = 1;

    // How many pages will there be
    $pages = ceil($total / $limit);

    // What page are we currently on?
    $page = min($pages, filter_input(INPUT_GET, 'page', FILTER_VALIDATE_INT, array(
        'options' => array(
            'default'   => 1,
            'min_range' => 1,
        ),
    )));

    // Calculate the offset for the query
    $offset = ($page - 1)  * $limit;

    // Some information to display to the user
    $start = $offset + 1;
    $end = min(($offset + $limit), $total);

    // The "back" link
    $prevlink = ($page > 1) ? '<a href="?page=1" title="First page">&laquo;</a> <a href="?page=' . ($page - 1) . '" title="Previous page">&lsaquo;</a>' : '<span class="disabled">&laquo;</span> <span class="disabled">&lsaquo;</span>';

    // The "forward" link
    $nextlink = ($page < $pages) ? '<a href="?page=' . ($page + 1) . '" title="Next page">&rsaquo;</a> <a href="?page=' . $pages . '" title="Last page">&raquo;</a>' : '<span class="disabled">&rsaquo;</span> <span class="disabled">&raquo;</span>';

    // Display the paging information
    echo '<div id="paging"><p>', $prevlink, ' Page ', $page, ' of ', $pages, ' pages, displaying ', $start, '-', $end, ' of ', $total, ' results ', $nextlink, ' </p></div>';

    // Prepare the paged query
    $stmt = $dbh->prepare('
        SELECT
            *
        FROM
            buy_car
        WHERE 
            description like '%?%'
        OR
            make = '%?%'
        ORDER BY
            ID
            DESC
        LIMIT
            :limit
        OFFSET
            :offset
    ');

    // Bind the query params
    $stmt->bindParam(':limit', $limit, PDO:: PARAM_INT);
    $stmt->bindParam(':offset', $offset, PDO:: PARAM_INT);
    $stmt->execute();

    // Add comment
    $incr = 160;
    $style = true;

    // Do we have any results?
    if ($stmt->rowCount() > 0) {
        // Define how we want to fetch the results
        $stmt->setFetchMode(PDO::FETCH_ASSOC);
        $iterator = new IteratorIterator($stmt);

        // Display the results
        foreach ($iterator as $row) {
          if($style==true){
                echo "<p style='background-color:#FFFD5C;border-width:1px;border-color:#000000;border-style:solid;
                border-width:1px;top:350px;width:800px;height:".$incr."px;'>";

                echo '<a href="freedeals/cars/'.$row{'ID'}.'">'.$row{'description'}.'</a>';
                echo "<p1 style='position:absolute ;left:700px;'>Price: &euro;".$row{'price'}."</p1>";
                echo '<br><a href="freedeals/cars/'.$row{'ID'}.'"><img src="images/uploads/'.preg_replace('~[\da-f]{32}-~', '', $row{'ID'}).'.jpeg" style="max-height: 100px; max-width: 100px;" ></a>'; 
                echo "<br>Make:".$row{'make'}."<br>Model:".$row{'model'}."<br>Year:".$row{'year'};
                echo "</p>";
                $style=false;

            }
        else if($style==false){
                echo "<p style='background-color:#D6D30D;border-width:1px;border-color:#000000;border-style:solid;
                border-width:1px;top:350px;width:800px;height:".$incr."px;'>";

                echo '<a href="freedeals/cars/'.$row{'ID'}.'">'.$row{'description'}.'</a>';
                echo "<p1 style='position:absolute ;left:700px;'>Price: &euro;".$row{'price'}."</p1>";
                echo '<br><a href="freedeals/cars/'.$row{'ID'}.'"><img src="images/uploads/'.preg_replace('~[\da-f]{32}-~', '', $row{'ID'}).'.jpeg" style="max-height: 100px; max-width: 100px;" ></a>'; 
                echo "<br>Make:".$row{'make'}."<br>Model:".$row{'model'}."<br>Year:".$row{'year'};
                echo "</p>";
                $style=true;

            }
        }

    } else {
        echo '<p>No results could be displayed.</p>';
    }

} catch (Exception $e) {
    echo '<p>', $e->getMessage(), '</p>';
}
ini_set('error_reporting', E_ALL);
?>

Why all the open and closing of PHP tags at the beginning...you only need to open it once. — crush, May 30 '13 at 12:51
Coping and pasting from other files just forget to edit them! — MickCue, May 30 '13 at 12:53
[How can I use prepared statements with LIKE operator?](http://stackoverflow.com/questions/15990857/reference-frequently-asked-questions-about-pdo#15990965) — Your Common Sense, May 30 '13 at 12:56

score 0 · Answer 1 · answered May 30 '13 at 12:53

? is not a valid PHP expression, neither is %?%.

If you start and end a string, the next sign is interpreted as PHP code, not as part of the string.

' SELECT … '%?%' '

Please use an editor with syntax highlighting and you will mention those errors before even running the code in the future.

But your best bet would be not to use quotes inside the string at all at that position, as PDO already wraps strings in quotes in the ready SQL statement. Just pre-/append the % to the value that is inserted.

score -1 · Accepted Answer · answered May 30 '13 at 12:51

You are breaking out of your string in your query by using singles quotes to define the string as well as in it

$total = $dbh->query('
    SELECT
        COUNT(*)
    FROM
        buy_car
    WHERE 
        description like '%?%'
    OR
        make like '%?%'

')->fetchColumn();

You need to either define the query with double quotes or escape the single ones in the string

$total = $dbh->query("
    SELECT
        COUNT(*)
    FROM
        buy_car
    WHERE 
        description like '%?%'
    OR
        make like '%?%'

")->fetchColumn();

OR

$total = $dbh->query('
    SELECT
        COUNT(*)
    FROM
        buy_car
    WHERE 
        description like \'%?%\'
    OR
        make like \'%?%\'

')->fetchColumn();

@MickCue glad I could help. At the downvoter, care to say why? — fullybaked, May 30 '13 at 13:21

Syntax error, unexpected '?' in pagination search

2 Answers2