Search on date doesn't work

Question

I am new to php and are trying to make a search function on name and date but I have a question.

When I type in the date the value is always false. Even if the date I search on does exist in the database. I searched on google and here at Stackoverflow but I couldn't find the solution to my problem.

I'm coding in PHP and I use phpmyadmin for my database. Below you can find my code:

<?php
            if(isset($_POST['submit'])){
                if(isset($_GET['go'])){
                    if(preg_match("/^[  a-zA-Z]+/", $_POST['search'])){
                        $zoek=$_POST['search'];
                        //connect  to the database
                        $db=mysql_connect  ("localhost", "****",  "***") or die ('I cannot connect to the database  because: ' . mysql_error());
                        //-select  the database to use
                        $mydb=mysql_select_db("****");
                        //-query  the database table
                        $sql="SELECT v.vacatureID, v.werkgeverID, v.functie, v.omschrijvingKort, v.datum, w.werkgeverID, w.naamBedrijf, w.plaats, w.image FROM vacature AS v JOIN werkgever AS w ON v.werkgeverID = w.werkgeverID WHERE w.naamBedrijf LIKE  '%" . $zoek .  "%' OR to_char(v.datum,'dd-mm-yyyy') LIKE '%" . $zoek ."%' ORDER BY datum DESC";
                        //-run  the query against the mysql query function
                        $result=mysql_query($sql);
                        //-count  results
                        $numrows=mysql_num_rows($result);
                        echo  "<p>" .$numrows . " results found for '" . $zoek . "'</p>";

                        //-create  while loop and loop through result set
                        while($row=mysql_fetch_array($result)){
                                $Functie=$row['functie'];
                                $OmschrijvingKort=$row['omschrijvingKort'];
                                $Datum=$row['datum'];
                                $Bedrijf=$row['naamBedrijf'];
                                $Plaats=$row['plaats'];
                                $Image=$row['image'];
                                $ID=$row['vacatureID'];

                            $Data = date("d-m-Y", strtotime($Datum)); // change $Datum from Y-m-d to d-m-Y
                            //-truncate
                            if (strlen($Functie) > 20) {
                                // truncate string
                                $stringCut = substr($Functie, 0, 20);
                                // make sure it ends in a word
                                $Functie = substr($stringCut, 0, strrpos($stringCut, ' ')).'...'; 
                            }
                            if (strlen($Bedrijf) > 25) {
                                // truncate string
                                $stringCut2 = substr($Bedrijf, 0, 14);
                                // make sure it ends in a word
                                $Bedrijf = substr($stringCut2, 0, strrpos($stringCut2, ' ')).'...'; 
                            }
                            if (strlen($Data) > 12) {
                                // truncate string
                                $stringCut2 = substr($Data, 0, 12);
                                // make sure it ends in a word
                                $Data = substr($stringCut2, 0, strrpos($stringCut2, ' ')).''; 
                            }
                            if (strlen($OmschrijvingKort) > 63) {
                                // truncate string
                                $stringCut2 = substr($OmschrijvingKort, 0, 63);
                                // make sure it ends in a word
                                $OmschrijvingKort = substr($stringCut2, 0, strrpos($stringCut2, ' ')).'...'; 
                            }
                            //-display the result of the array
                            echo 
                            "
                                <div class='vacatureinfo2'>
                                    <img class='userimg2' src='../../uploads/userimage/". $Image ."' id='imge'/>
                                    <p class='func-br-pl pull-left'>". $Functie ." - ". $Bedrijf ." - ". $Plaats ."</p><p class='dtm pull-right'>". $Data ."</p>
                                    <div class='omschrijvingkort2'>
                                        ". $OmschrijvingKort ."
                                    </div>
                                    <a href='#' class='pull-right'>Meer informatie</a>
                                </div>
                                <hr>
                            ";
                        }
                    }
                    else{
                        echo  "<p>Please enter a search query</p>";
                    }
                }
            }//end of search form script
            else{
                include('php/vacatureoverzichtphp.php'); //file with code to show all the data from the database on the page
            }

            if(isset($_GET['by'])){
                $letter=$_GET['by'];
                //connect  to the database
                $db=mysql_connect  ("localhost", "****",  "***") or die ('I cannot connect to the database  because: ' . mysql_error());
                //-select  the database to use
                $mydb=mysql_select_db("****");
                //-query  the database table
                $sql="SELECT v.vacatureID, v.werkgeverID, v.functie, v.omschrijvingKort, v.datum, w.werkgeverID, w.naamBedrijf, w.plaats, w.image FROM vacature AS v JOIN werkgever AS w ON v.werkgeverID = w.werkgeverID WHERE SUBSTRING(w.naamBedrijf,1,1) LIKE  '%" . $letter .  "%' ORDER BY datum DESC";
                //-run  the query against the mysql query function
                $result=mysql_query($sql);
                //-count  results
                $numrows=mysql_num_rows($result);
                echo  "<p>" .$numrows . " results found for " . $letter . "</p>";
                //-create  while loop and loop through result set
                while($row=mysql_fetch_array($result)){
                    $Functie=$row['functie'];
                    $OmschrijvingKort=$row['omschrijvingKort'];
                    $Datum=$row['datum'];
                    $Bedrijf=$row['naamBedrijf'];
                    $Plaats=$row['plaats'];
                    $Image=$row['image'];
                    $ID=$row['vacatureID'];

                    $Data = date("d-m-Y", strtotime($Datum)); // change $Datum from Y-m-d to d-m-Y
                    //-truncate
                    if (strlen($Functie) > 20) {
                        // truncate string
                        $stringCut = substr($Functie, 0, 20);
                        // make sure it ends in a word
                        $Functie = substr($stringCut, 0, strrpos($stringCut, ' ')).'...'; 
                    }
                    if (strlen($Bedrijf) > 25) {
                        // truncate string
                        $stringCut2 = substr($Bedrijf, 0, 14);
                        // make sure it ends in a word
                        $Bedrijf = substr($stringCut2, 0, strrpos($stringCut2, ' ')).'...'; 
                    }
                    if (strlen($Data) > 12) {
                        // truncate string
                        $stringCut2 = substr($Data, 0, 12);
                        // make sure it ends in a word
                        $Data = substr($stringCut2, 0, strrpos($stringCut2, ' ')).''; 
                    }
                    if (strlen($OmschrijvingKort) > 63) {
                        // truncate string
                        $stringCut2 = substr($OmschrijvingKort, 0, 63);
                        // make sure it ends in a word
                        $OmschrijvingKort = substr($stringCut2, 0, strrpos($stringCut2, ' ')).'...'; 
                    }

                    //-display  the result of the array
                    echo 
                    "
                        <div class='vacatureinfo2'>
                            <img class='userimg2' src='../../uploads/userimage/". $Image ."' id='imge'/>
                            <p class='func-br-pl pull-left'>". $Functie ." - ". $Bedrijf ." - ". $Plaats ."</p><p class='dtm pull-right'>". $Data ."</p>
                            <div class='omschrijvingkort2'>
                                ". $OmschrijvingKort ."
                            </div>
                            <a href='#' class='pull-right'>Meer informatie</a>
                        </div>
                        <hr>
                    ";
                }
            }//end of our letter search script
            else{
                include('php/vacatureoverzichtphp.php'); //file with code to show all the data from the database on the page
            }
        ?>

Can someone please help me?!

EDIT:

Here I have the code with PDO. But when I run it now I get the warnings:

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given

And from mysql_num_rows() I get: results found for ''wo'' so for some reason he doesn't find anything! And for the var_dump($zoek); I get: string(2) "wo".

And still for the $_GET['by'] part everythings works fine and it's the same code!! Can someone PLEASE tell me what I am doing wrong?

My new code:

<?php
            ini_set('display_errors',1);
            ini_set('display_startup_errors',1);
            error_reporting(-1);

            //connect  to the database
            $db_host = "localhost";
            $db_username = "***";
            $db_password = "***";
            $db_name = "***";

            $db = new PDO('mysql:host=' .$db_host . ';dbname='. $db_name . '',$db_username,$db_password) or die ('I cannot connect to the database  because: ' . mysql_error());; 


            if(isset($_POST['submit'])){
                if(isset($_GET['go'])){
                    if(preg_match("/^[  a-zA-Z]+/", $_POST['search'])){
                        $zoek=$_POST['search'];
                        var_dump($zoek); //this will display on the screen the content of the variable 
                        $zoek=$db->quote($zoek);

                        //-query  the database table
                        $sql="SELECT v.vacatureID, v.werkgeverID, v.functie, v.omschrijvingKort, v.datum, w.werkgeverID, w.naamBedrijf, w.plaats, w.image FROM vacature AS v JOIN werkgever AS w ON v.werkgeverID = w.werkgeverID WHERE w.naamBedrijf LIKE  '%" . $zoek .  "%' OR v.datum LIKE '%" . $zoek ."%' ORDER BY datum DESC";
                        //-run  the query against the mysql query function
                        $result=$db->query($sql);
                        //-count  results
                        $numrows=mysql_num_rows($result);
                        echo  "<p>" .$numrows . " results found for '" . $zoek . "'</p>"; 

                        //-create  while loop and loop through result set
                        while($row=mysql_fetch_array($result)){
                                $Functie=$row['functie'];
                                $OmschrijvingKort=$row['omschrijvingKort'];
                                $Datum=$row['datum'];
                                $Bedrijf=$row['naamBedrijf'];
                                $Plaats=$row['plaats'];
                                $Image=$row['image'];
                                $ID=$row['vacatureID'];

                            $Data = date("d-m-Y", strtotime($Datum)); // change $Datum from Y-m-d to d-m-Y
                            //-truncate
                            if (strlen($Functie) > 20) {
                                // truncate string
                                $stringCut = substr($Functie, 0, 20);
                                // make sure it ends in a word
                                $Functie = substr($stringCut, 0, strrpos($stringCut, ' ')).'...'; 
                            }
                            if (strlen($Bedrijf) > 25) {
                                // truncate string
                                $stringCut2 = substr($Bedrijf, 0, 14);
                                // make sure it ends in a word
                                $Bedrijf = substr($stringCut2, 0, strrpos($stringCut2, ' ')).'...'; 
                            }
                            if (strlen($Data) > 12) {
                                // truncate string
                                $stringCut2 = substr($Data, 0, 12);
                                // make sure it ends in a word
                                $Data = substr($stringCut2, 0, strrpos($stringCut2, ' ')).''; 
                            }
                            if (strlen($OmschrijvingKort) > 63) {
                                // truncate string
                                $stringCut2 = substr($OmschrijvingKort, 0, 63);
                                // make sure it ends in a word
                                $OmschrijvingKort = substr($stringCut2, 0, strrpos($stringCut2, ' ')).'...'; 
                            }
                            //-display the result of the array
                            echo 
                            "
                                <div class='vacatureinfo2'>
                                    <img class='userimg2' src='../../uploads/userimage/". $Image ."' id='imge'/>
                                    <p class='func-br-pl pull-left'>". $Functie ." - ". $Bedrijf ." - ". $Plaats ."</p><p class='dtm pull-right'>". $Data ."</p>
                                    <div class='omschrijvingkort2'>
                                        ". $OmschrijvingKort ."
                                    </div>
                                    <a href='#' class='pull-right'>Meer informatie</a>
                                </div>
                                <hr>
                            ";
                        }
                    }
                    else{
                        echo  "<p>Please enter a search query</p>";
                    }
                }
            }//end of search form script

            // THIS PART BELOW WORKS FINE!

            if(isset($_GET['by'])){
                $letter=$_GET['by'];
                $letter=$db->quote($letter);
                $sql="SELECT v.vacatureID, v.werkgeverID, v.functie, v.omschrijvingKort, v.datum, w.werkgeverID, w.naamBedrijf, w.plaats, w.image FROM vacature AS v JOIN werkgever AS w ON v.werkgeverID = w.werkgeverID WHERE SUBSTRING(w.naamBedrijf,1,1) LIKE  '%" . $letter .  "%' ORDER BY datum DESC";
                //-run  the query against the mysql query function
                $result=$db->query($sql);
                //-count  results
                $numrows=mysql_num_rows($result);
                echo  "<p>" .$numrows . " results found for " . $letter . "</p>";
                //-create  while loop and loop through result set
                while($row=mysql_fetch_array($result)){
                    $Functie=$row['functie'];
                    $OmschrijvingKort=$row['omschrijvingKort'];
                    $Datum=$row['datum'];
                    $Bedrijf=$row['naamBedrijf'];
                    $Plaats=$row['plaats'];
                    $Image=$row['image'];
                    $ID=$row['vacatureID'];

                    $Data = date("d-m-Y", strtotime($Datum)); // $Datum omdraaien van Y-m-d naar d-m-Y
                    //-truncate
                    if (strlen($Functie) > 20) {
                        // truncate string
                        $stringCut = substr($Functie, 0, 20);
                        // make sure it ends in a word
                        $Functie = substr($stringCut, 0, strrpos($stringCut, ' ')).'...'; 
                    }
                    if (strlen($Bedrijf) > 25) {
                        // truncate string
                        $stringCut2 = substr($Bedrijf, 0, 14);
                        // make sure it ends in a word
                        $Bedrijf = substr($stringCut2, 0, strrpos($stringCut2, ' ')).'...'; 
                    }
                    if (strlen($Data) > 12) {
                        // truncate string
                        $stringCut2 = substr($Data, 0, 12);
                        // make sure it ends in a word
                        $Data = substr($stringCut2, 0, strrpos($stringCut2, ' ')).''; 
                    }
                    if (strlen($OmschrijvingKort) > 63) {
                        // truncate string
                        $stringCut2 = substr($OmschrijvingKort, 0, 63);
                        // make sure it ends in a word
                        $OmschrijvingKort = substr($stringCut2, 0, strrpos($stringCut2, ' ')).'...'; 
                    }

                    //-display  the result of the array
                    echo 
                    "
                        <div class='vacatureinfo2'>
                            <img class='userimg2' src='../../uploads/userimage/". $Image ."' id='imge'/>
                            <p class='func-br-pl pull-left'>". $Functie ." - ". $Bedrijf ." - ". $Plaats ."</p><p class='dtm pull-right'>". $Data ."</p>
                            <div class='omschrijvingkort2'>
                                ". $OmschrijvingKort ."
                            </div>
                            <a href='#' class='pull-right'>Meer informatie</a>
                        </div>
                        <hr>
                    ";
                }
            }//end of our letter search script
            else{
                include('php/vacatureoverzichtphp.php');
            }
        ?>

`var_dump($zoek)` and then try manually run the query and let us know what you get.also post what `$zoek` contains — Gal Sisso, Oct 01 '15 at 09:44
@Gal oke thanks and where do I have to put `var_dump($zoek)`? — Marjolein, Oct 01 '15 at 09:49
Just below `$zoek=$_POST['search'];`, it will display on your screen the content of the variable (http://php.net/manual/en/function.var-dump.php) — Slyvain, Oct 01 '15 at 09:52
@Slyvian thanks! If I run this I will get `string(5) "World"` `6 results found for 'World'` and $zoek contained World and it still does show all the other data from the database from include as well below the search results — Marjolein, Oct 01 '15 at 09:59
PLEASE dont put this code in production you are suffering multiple mysql-injections holes. https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet — gries, Oct 01 '15 at 10:00
@gries how can I fix that? Because this is the only way I know how to create a search engine. I saw in the link you sent that I have to use PDO but how do I use that with this code?? I know how to prefent it in ASP.NET but not in PHP — Marjolein, Oct 01 '15 at 10:10
You cant use both `PDO` and `mysql` driver functions together ,if you're connected through `PDO` you need to use [PDO functions](http://php.net/manual/en/book.pdo.php). btw you still haven't mention what you get when you run the query manually — Gal Sisso, Oct 01 '15 at 12:06
@Gal oke thanks but what are the PDO functions for the mysql driver functions? And for the $_GET I also use PDO and there it works fine! If I run the following query: `SELECT v.vacatureID, v.werkgeverID, v.functie, v.omschrijvingKort, v.datum, w.werkgeverID, w.naamBedrijf, w.plaats, w.image FROM vacature AS v JOIN werkgever AS w ON v.werkgeverID = w.werkgeverID WHERE w.naamBedrijf LIKE '%world%' OR v.datum LIKE '%world%' ORDER BY datum DESC` it works fine! And also with the value `'%2015-09-29%'` — Marjolein, Oct 01 '15 at 12:15
[Are there good Tutorials on how to use PDO?](http://stackoverflow.com/questions/1943069/are-there-good-tutorials-on-how-to-use-pdo). `When I type in the date the value is always false` what exactly is false then? — Gal Sisso, Oct 01 '15 at 13:54
this problem is fixed now! I gust had to use PDO for everything. But I have a new problem where I have created a new question for. You can find it here: http://stackoverflow.com/questions/32889878/php-data-from-database-is-not-shown-after-search — Marjolein, Oct 01 '15 at 14:20

Search on date doesn't work

0 Answers0