Search Form Suddenly Not displaying results

Question

I have a search form that searches property listings from a database. Before it was working fine where I was able to display the search result and then all of a sudden it just did not show up. Is there any thing that I did wrong.

here is the code

    <?php
require 'core/init.php';
////////////using mysqli to connect with database

$mysqli = new mysqli("localhost","root","", "test");
        if ($mysqli->connect_errno) {
            echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
        }
///////////set search variables
$property = $_POST['property'];
$bedroom = $_POST['BedroomNumber'];
$bathroom = $_POST['BathroomNumber'];
$priceMin = $_POST['PriceMin'];
$priceMax = $_POST['PriceMax'];
$termlease = $_POST['TermLease'];
//////////search
if(isset($_POST['utilities']) && is_array($_POST['utilities'])) {
    foreach($_POST['utilities'] as $check) {
             //echoes the value set in the HTML form for each checked checkbox.
                         //so, if I were to check 1, 3, and 5 it would echo value 1, value 3, value 5.
                         //in your case, it would echo whatever $row['Report ID'] is equivalent to.
    }
}


$sql = $mysqli->query("select * from propertyinfo where Property like '%$property%' and NumBed like '%$bedroom%' and NumBath like '%$bathroom%' and Price >= '$priceMin' and Price <= '$priceMax' and utilities like '%$check%' and TermLease like '%$termlease%'");


if($sql === FALSE) {
    die(mysql_error()); // TODO: better error handling

}

?>

The part that display the results

<?php
if($sql->num_rows){
    while ($row = $sql->fetch_array(MYSQLI_ASSOC)){
        echo '<div id="listing">
                    <div id="propertyImage"> 
                        <img src="uploadimages/'.$row['imageName1'].'" width="200" height="150" alt=""/> 
                    </div>

                    <div id="basicInfo">
                    <h2>$'.$row['Price'].'</h2>
                    <p style="font-size: 18px;"># '.$row['StreetAddress'].', '.$row['City'].', BC</p>
                    <p>'.$row['NumBed'].' Bedrooms | '.$row['NumBath'].' Bathrooms | '.$row['Property'].'</p>
                    <br>
                    <p><a href="outputtest2.php?record_id='.$row['ID'].'" class="link2" target="_blank">View Full Details</a> | <a href="" class="link2">Get Directions</a>

                    </div>
                </div>';

    }
}
else
{
echo '<h2>0 Search Results</h2>';
}
?>

Thanks

What do you mean "all of a sudden"? What did you change last? — Shomz, Jun 17 '13 at 04:34
I noticed all of your `$_POST`s start with an uppercase letter, all except `property`. May not be the problem, but one never knows. May as well be consistent. — Funk Forty Niner, Jun 17 '13 at 04:42
What if you tried `$sql = mysqli_query("select * from propertyinfo...` instead? — Funk Forty Niner, Jun 17 '13 at 04:52
Please do not abuse mysqli i mean using mysqli isnt mean your code is safe from sql injection you need to still escape all request ... in my suggestion use prepared query and pdo http://stackoverflow.com/q/12859942/1723893 — NullPoiиteя, Jun 17 '13 at 04:57

score 0 · Answer 1 · answered Jun 17 '13 at 04:40

So, to be clear, you see "0 Search Results"? Are there any errors in the logs or output? Have you tried echo()'ing your SQL statement:

echo "select * from propertyinfo where Property like '%$property%' and NumBed like '%$bedroom%' and NumBath like '%$bathroom%' and Price >= '$priceMin' and Price <= '$priceMax' and utilities like '%$check%' and TermLease like '%$termlease%'"

... and then paste that SQL statement directly into the CLI.

Other than your SQL being subject to SQL injection attack, you might find that you have some stray characters in the input causing problems with your SQL statement.

Search Form Suddenly Not displaying results

1 Answers1