Error in PHP Search

Question

This is my PHP code of the "Search Box" I am going to include in my website. I am getting the following error when I try to search my database by entering keywords.

Notice: Undefined index: searchterm in C:\xampp\htdocs\abell12\search.php on line 14

...And this is the full php code

index.php

    <!doctype html>
    <html>
    <head>
    <meta charset="utf-8">
    <title>Search (with keywords) Tutorial</title>
    </head>

    <body>
    <form action="search.php" method="POST">
        <input type="text" name="searchterm" placeholder="Search..."><br />
        <input type="submit" value="Search">
    </form>
    </body>
    </html>

search.php

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Search (with keywords) Tutorial</title>
</head>

<body>
<?php

mysql_connect("127.0.0.1","root","root");
mysql_select_db("dummy_info");

$search = mysql_real_escape_string($_POST['searchterm']);

$find_books = mysql_query("SELECT * FROM `listings` WHERE `title` LIKE'%$search%'");
while($row = mysql_fetch_assoc($find_books))
{
    $title = $row['title'];


    echo "$title<br />";

}

?>
</body>
</html>

"PLEASE HELP" tells us nothing, but neither does "error in". Try describing the error. — John Dvorak, May 27 '14 at 06:30
@janDvorak This is the error... Notice: Undefined index: searchterm in C:\xampp\htdocs\abell12\search.php on line 14 — Darren, May 27 '14 at 06:32
[Why shouldn't I use mysql_* functions in PHP?](http://stackoverflow.com/q/12859942/1771402) — krishna, May 27 '14 at 06:40

Kanishk Dudeja · Accepted Answer · 2014-05-27T06:52:15.663

0

You should check if $_POST['searchterm'] is set first. It will only be set when the form is submitted.

Also don't use Mysql_ functions. They are deprecated. Would advice you to use MySQLI since they have protection against SQL Injection attacks etc.

if(isset($_POST['searchterm']))
{
    $search = mysql_real_escape_string($_POST['searchterm']);

    $find_books = mysql_query("SELECT * FROM `listings` WHERE `title` LIKE '%$search%'");

    if(mysql_num_rows($find_books) > 0)
    {
        while($row = mysql_fetch_assoc($find_books))
        {
            $title = $row['title']; 
            echo "$title<br />";
        }
    }
    else
    {
        echo "No Record found";
    }
}

edited May 27 '14 at 06:52

answered May 27 '14 at 06:31

Kanishk Dudeja

1,201
3
17
33

1

`mysql_` is deprecated. You should suggest change to `mysqli_` or PDO. – John Dvorak May 27 '14 at 06:35
yes PDO is the modern & secure way ! – Cody May 27 '14 at 06:39
@KanishkDudeja Thanks, it worked, could you tell me how to display an error message (like-NO Results Found) if a user enter a key word that does not exist in the DB. – Darren May 27 '14 at 06:44
@Darren: Have made the changes to echo "No record found". Please check the updated answer. – Kanishk Dudeja May 27 '14 at 06:47
Thanks. But MySQL is deprecated. Would advise you to use mysqli. :) – Kanishk Dudeja May 27 '14 at 06:50

Error in PHP Search

1 Answers1