0

Gooday everyone! Today I am making a very simple search engine with the help from a few notes that I have read. Now, my problem is that I get 3 errors whenever I try to run it. I am starting to learn oop so please bear with me since I am very new at this.

1st would be why doesn't it recognize $title from the user-search1.php?

2nd would be Undefined property: PDOStatement::$num_rows from my oop code(codex.php). What part did I done wrong?

3rd error is Invalid argument supplied for foreach(). I have a same loop function in my other file. I follow its format and how it is used but it still give me this errror. Why?

Here are my codes.

codex.php

  public function search($table, $title){

            $q = "SELECT * FROM $table WHERE title like '%:title%'";

                    $stmt = $this->con->query($q);
                    $num_result = $stmt->num_rows;    
                    if($num_result > 0){
                        while($rows =$stmt->fetchAll(PDO::FETCH_ASSOC)){               
                            $this->data[]=$rows;
                        header ("Location: user-search1.php");
                        }           
                        return $this->data;
                }
}

user-search1.php

    <?php
    include_once "dbconnection.php";
    include_once "../styles/header-menu-out-user.php";
    function __autoload($class){
    include_once("../main/".$class.".php");}

    $code = new codex(); 
    $res = $code->search("book_info", $title);


 if(isset($_POST['submit'])){


            echo "<table id=\"tablecolor\" class=\"echoname\" >";
            echo "<th><b>ID</b></th>";
            echo "<th><b>Title</b></th>";
            echo "<th><b>Author</b></th>";
            echo "<th><b>ISBN</b></th>";
            echo "<th><b>Publisher</b></th>";
            echo "<th><b>Language</b></th>";
            echo "<th><b>Genre</b></th>";
            echo "<th><b>Quantity</b></th>";
            echo "<pre>";  
            foreach($res as $result)
              {
                    echo "<tr>";
                    extract($result);
                    echo "<td>".$id."</td>";
                    echo "<td>".$title."</td>";
                    echo "<td>".$author."</td>";
                    echo "<td>".$isbn."</td>";
                    echo "<td>".$publisher."</td>";
                    echo "<td>".$language."</td>";
                    echo "<td>".$genre."</td>";
                    echo "<td><center>".$quantity."</center></td>";
                    echo "</tr>";   
              } 

            echo "</pre>";
            echo "</table>";


     }
?>

Thanks in advance for those who would hopefully help me. Godspeed!

Your Common Sense
  • 156,878
  • 40
  • 214
  • 345

1 Answers1

0

First off, your query needs some tweaking:

Change

$q = "SELECT * FROM $table WHERE title like '%:title%'";

To

$q = "SELECT * FROM $table WHERE title like :title";

You don't want to put quotes in a prepared statement - PDO will do that for you.

Next, you prepare() the query and pass the title param into your statement. Replace

$stmt = $this->con->query($q);

With this:

$stmt = $this->con->prepare($q);
$stmt->bindValue(':title', '%' . $title . '%'); // Add your wildcards here.
$stmt->execute();

To get the row count, change

$num_result = $stmt->num_rows;

To this:

$num_result = $stmt->rowCount();

The last error should resolve itself when you get valid query data back. I would, however, recommend you put a safegaurd in there to ensure the foreach is only ran when a valid result is passed to it or you can make the search return an empty result set.

One last thing, remove the call to the header() function in your search method. It looks like your user-search1.php is calling it anyway so you don't need to redirect to it. Not to mention, it is not good practice to have methods inject very specific functionality like that, you might want to use your search method again in a different situation. ;)

SamT
  • 10,374
  • 2
  • 31
  • 39
  • I didn't know about that quote thingy. Now I know, thanks for the tip sir. If you don't mind, would it still be okay not to use bindValue if for example im having more than 1 value but instead i'll be $hey->execute(array($balhablah))? Yey, the PDO error is gone now. 2 more to go! Appreciate the help sir. –  Mar 10 '14 at 17:03
  • Yes, that is totally okay too. – SamT Mar 10 '14 at 17:06
  • He don't need no row count at all. – Your Common Sense Mar 10 '14 at 17:13
  • @SamT 2nd error is gone. Thanks. Yes indeed, when I tried to run it, the browser would give me a notice "This webpage has a redirect loop" Sorry for my ignorance but what do you mean by safeguard? Is it like when there is no result, you'll be like giving notice or alerts that there is no results found? –  Mar 10 '14 at 17:29
  • @YourCommonSense Can you tell why? Quite confused here. –  Mar 10 '14 at 17:29
  • @user3345570 just because following if statement that is using this value is totally useless. – Your Common Sense Mar 10 '14 at 17:38
  • @YourCommonSense oh okay. I place an else statement for it to have an alert if it doesn't return any value. –  Mar 10 '14 at 17:52
  • now the function does not return any value. Why is that? –  Mar 10 '14 at 17:53
  • @user3345570 you don't need that number for this either. As you obviously have (or have not) your data for such an alert – Your Common Sense Mar 10 '14 at 17:53
  • @YourCommonSense I see. So would it be right to place a counter on the user-search1.php part but not on the oop part? –  Mar 10 '14 at 17:57
  • @user3345570 Frankly, in your place I would get rid of OOP part at all. Trying to grasp all the things at once - SQL, PDO, OOP - you are making your task a lot harder. First make it work and then start for making it look stylish, add alerts and such – Your Common Sense Mar 10 '14 at 18:00
  • @user3345570 by the way, while statement is useless too. $stmt->fetchAll already returns data you need. so, you are looping over it just for nothing – Your Common Sense Mar 10 '14 at 18:06