Warning: Division by zero in & mysqli_query(): Empty query

Question

I have table of data about event management in my website and I want to add search functions to the table based on the "Name" and "Type" of events.

Here is my code by I get errors and also when the user submit the search I need the page to refresh and filter the result in table but this code open a new page with totally clean style-sheet:

I need my page to filter my table based on what user entered in search textbox you can see my table in previous question that I asked please provide easy answers , I'm new to php.

            <form action="search.php" id="searchform" method="POST" class="searchbox-container">
                <input type="text" id="searchbox" placeholder="Search" name="searchbox" class="searchbox" />
                <select name="select" id="select">
                <option value="type">Type</option>
                <option value="name">Name</option>
            </select>
                <input type="submit" name="search" class="searchbox-btn" value="Go" />
             <?php

                if(isset($_POST['searchbox']) && $_POST['searchbox'] !=""){
                    $search=preg_replace('#[^a-z 0-9?!]#i','',$_POST['searchbox']);


                  $user="admin";
                  $pass="neehahs";
                  $host="localhost";
                  $db_name="eventregisteration";

                  $con=mysqli_connect($host, $user, $pass, $db_name);
                      if(mysqli_connect_errno($con)){
                       echo "Failed to connect to MySQL: " . mysqli_connect_error();
                      }
                      if($_POST['select']=="type"){
                    $sqlcommand="SELECT * FROM eventform WHERE event_type LIKE "%$search%"";    


                    }
                    elseif($_POST['select']=="name"){
                    $sqlcommand="SELECT * FROM eventform WHERE event_name LIKE "%$search%"";    ===>> this line give Division by zero error 


                    }
                      $sqldata=mysqli_query($con,$sqlcommand) ==>> this line give  mysqli_query(): Empty query error
                      or die("Error Getting Data");
                      $count=mysqli_num_rows($sqldata);
                      if($count>1){
                          while($row=mysqli_fetch_array($sqldata)){
        echo "<table>";
                        echo "<tr align=center><td>";
                          echo $row['event_code'];

                          echo "</td><td>";
                          echo $row['event_name'];
                          echo "</td><td>";

                          echo $row['event_type'];
                          echo "</td><td>";

                          echo $row['event_level'];
                          echo "</td><td>";

                          echo $row['start_date'];
                          echo "</td><td>";

                          echo $row['end_date'];
                          echo "</td><td>";

                          echo $row['points'];
                          echo "</td><td>";

                          echo $row['pic'];
                          echo "</td><td>";

                          echo $row['video'];
                          echo "</td><td>";

                          echo $row['description'];
                          echo "</td></tr>";

                          }
              echo "</table>";


                      }else{
                          $search_output="<hr/>0 Results for<strong>$sqldata</strong><hr/>$sqlcommand";

                }
                }

                ?>

score 2 · Accepted Answer · answered Nov 21 '13 at 19:40

2

Your SQL strings have double quotes inside double quotes. This is breaking the string, and then the percent sign causes PHP to think you are doing a modulus operation.

Change this:

$sqlcommand="SELECT * FROM eventform WHERE event_type LIKE "%$search%"";

To this:

$sqlcommand="SELECT * FROM eventform WHERE event_type LIKE '%$search%'";

You'll need to do that for both strings.

answered Nov 21 '13 at 19:40

jszobody

28,495
6
61
72

thanks man division error has been solved but i get Catchable fatal error: Object of class mysqli_result could not be converted to string on line >>>> $search_output="
0 Results for$sqldata
$sqlcommand"; – Shane Nov 22 '13 at 06:33
@Shane That's because `$sqldata` is a resource not a string. What exactly are you trying to output there? – jszobody Nov 22 '13 at 12:36
i want the output to be filtered tables based on the search function that users do – Shane Nov 22 '13 at 17:09
@Shane Yeah but your error here is coming from when there are NO results found. What output do you want when there is no result? Why is `$sqldata` being outputted here at all? – jszobody Nov 22 '13 at 17:12
@Shane You already echo out "0 Results", and you echo out the `$sqlcommand` which is the query string. What else is there to spit out when nothing was found? I would just remove `$sqldata` here completely. – jszobody Nov 22 '13 at 17:13

score 2 · Answer 2 · edited May 23 '17 at 12:01

You're using the quotes incorrectly, so the % wildcard in your LIKE clause is being treated as the modulus operator.

$sqlcommand = "SELECT * FROM eventform WHERE event_name LIKE " % $search % "";
              ^----                                      ----^ ^ ^-- --^ ^ ^^

The statement would look something like this:

$sqlcommand = 'foo' % 'bar' % 'baz';

In the above statement, the strings will be first type-cast to integers. This would make all the strings equal to zero -- that would explain why you're getting Division by zero error.

Change this (and all other similar variables) to:

$sqlcommand = "SELECT * FROM eventform WHERE event_name LIKE  '%$search%'";

If $search is coming from a user input, then you have an SQL injection vulnerability. I suggest using parameterized queries to prevent this. See this question for more details.

Warning: Division by zero in & mysqli_query(): Empty query

2 Answers2