1

I have a database created with five fields

ValueA
ValueB
ValueC
ValueD
ValueE

and I am trying to make a search form that can search by each of these individual fields, e.g if the value in ValueB was "Blue", select ValueB from the dropdown then type in "Blue" to print out all the values in the row that Blue was a part of. So far, I've created an html file called "findme.html":

<html>

<head>
<title>Search</title>
</head>

<body bgcolor=#ffffff>

<h2>Search</h2>

<form name="search" method="post" action="findme2.php">  
Search for: <input type="text" name="find" /> in  
<Select NAME="field"> 
<Option VALUE="ValueA">Value A</option> 
<Option VALUE="ValueB">Value B</option> 
<Option VALUE="ValueC">Value C</option>
<Option VALUE="ValueD">Value D</option>
<Option VALUE="ValueE">Value E</option> 
</Select> 

<input type="submit" name="search" value="Search" /> 
</form>

</body>

</html>

and also created a php file called "findme2.php":

<html>

<head>
<title>Searching through Database Table mytablename</title>
</head>

<body bgcolor=#ffffff>


<?php

include "config.php";

echo "<h2>Search Results:</h2><p>";

if(isset($_POST['search']))            
{
$find =$_POST['find'];
}
//If they did not enter a search term we give them an error
if ($find == "")
{
echo "<p>You forgot to enter a search term!!!";
exit;
}

// Otherwise we connect to our Database
$username="xxxxxxxx";
$password="xxxxxxxx";
$database="xxxxxx_xxxxxxx";

mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");



// We perform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);

//Now we search for our search term, in the field the user specified
$iname = mysql_query("SELECT * FROM mytablename WHERE upper($field) LIKE '%$find%'")
or die(mysql_error());

//And we display the results
while($result = mysql_fetch_array( $iname ))
{
echo "id :" .$result['ValueA'];
echo "<br> ";
echo "name :".$result['ValueB'];
echo "<br>";
echo "name :".$result['ValueC'];
echo "<br>";
echo "name :".$result['ValueD'];
echo "<br>";
echo "name :".$result['ValueE'];
echo "<br>";
echo "<br>";
}

$anymatches = mysql_num_rows($iname);
if ($anymatches == 0)
{
echo "Sorry, but we can not find an entry to match your query...<br><br>";
}

//And we remind them what they searched for
echo "<b>Searched For:</b> " .$find;



?> 

</body>
</html>

I believe my problem is with the query command, but I am not sure how to adjust the syntax. Can anyone help me?

Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
mgunawan
  • 17
  • 5
  • Start by removing `name="search"` from your form tags, that shouldn't be in there. Plus, forms don't have names. – Funk Forty Niner Nov 25 '14 at 19:49
  • What query command do you speak of? – thatidiotguy Nov 25 '14 at 19:50
  • 3
    I am almost tired of posting this...Please, [don't use `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php), They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared statements](http://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://us1.php.net/pdo) or [MySQLi](http://us1.php.net/mysqli). You will also want to [Prevent SQL Injection!](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Jay Blanchard Nov 25 '14 at 19:54
  • 1
    @JayBlanchard I've given up myself. – Funk Forty Niner Nov 25 '14 at 19:54
  • The backlash comes when everybody's code stops working and *they don't know why*. – Jay Blanchard Nov 25 '14 at 19:55
  • @JayBlanchard Backlash, tonguelash; they're all the same to me. It always makes me "wag". – Funk Forty Niner Nov 25 '14 at 19:56
  • 1
    @JayBlanchard I'm just waiting for PHP 7 where mysql_* functions will be removed, and then half the internet will be broken and stackoverflow "overflown" (did you get it?) with "why is mysql_query not defined?"... soon my friend, soon. – ILikeTacos Nov 25 '14 at 20:03

1 Answers1

0

You forgot to set your $field variable.

In your if statement, you should change it to

if(isset($_POST['search']))            
{
$find =$_POST['find'];
$field =$_POST['field'];
}

It should work then.

irreama
  • 16
  • 1