PHP Multiple input search

Question

I'm currently working on a bit of PHP and I've 3 text inputs. The values are searched in the MySQL database and should return whatever amount of results correspond with the entered criteria.

here is the search form:

<form id='SearchPersonal' method='post' action='businessUsersSearch.php' accept-charset='UTF-8'>
<fieldset >
<legend>Search</legend>

<div class='container'>
<label for='C_Name' >Business Name: </label><br/>
<input type='text' name='C_Name' id='C_Name' maxlength="50" /><br/>
<label for='C_County' >City: </label><br/>
<input type='text' name='C_County' id='C_County' maxlength="50" /><br/>
<label for='Job_Type' >Job Type: </label><br/>
<input type='text' name='Job_Type' id='Job_Type' maxlength="50" /><br/>
</div>

<div class='container'>
<input type='submit' name='Submit' value='Search' />
</div>
</fieldset>
</form>

Here is the PHP script it links too in the action:

<?php

     $mysqli_link = mysqli_connect("server", "database", "pass", "user");
    // Check connection
    if (mysqli_connect_errno()) {
      echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }

    if(isset($_POST['submit'])) {
    // define the list of fields
     $fields = array('C_Name', 'C_County', 'Job_Type');
    $conditions = array();


// loop through the defined fields
foreach($fields as $field){
    // if the field is set and not empty
    if(isset($_POST[$field]) && $_POST[$field] != '') {
        // create a new condition while escaping the value inputed by the user (SQL Injection)
        $conditions[] = "'$field' LIKE '%" . mysqli_real_escape_string($mysqli_link, $_POST[$field]) . "%'";
}
}

// builds the query
$query = "SELECT C_Name, C_StreetNumber, C_StreetName, C_Postcode, C_County, C_Tele, C_Website, Contact_Forename, Contact_Surname, Contact_Email, Jobs.Job_Type, Jobs.Job_Price FROM Company INNER JOIN Jobs ON Company.Company_ID = Jobs.Company_ID";
// if there are conditions defined
if(count($conditions) > 0) {
    // append the conditions
    $query .= " WHERE " . implode (' AND ', $conditions); // you can change to 'OR', but I suggest to apply the filters cumulative
}

$result = mysqli_query($mysqli_link, $query) or die(mysql_error());

mysqli_close($mysqli_link);


    if(isset($_POST['submit'])) {
        while($row = mysqli_fetch_assoc($result)) {
        $C_Name = $row['C_Name'];
        $C_StreetNumber = $row['C_StreetNumber'];
        $C_StreetName = $row['C_StreetName'];
        $C_Postcode = $row['C_Postcode'];
        $C_County = $row['C_County'];
        $C_Tele = $row['C_Tele'];
        $C_Website = $row['C_Website'];
        $Contact_Forename = $row['Contact_Forename'];
        $Contact_Surname = $row['Contact_Surname'];
        $Contact_Email = $row['Contact_Email'];
        $Job_Type = $row['Job_Type'];
        $Job_Price = $row['Job_Price'];

echo "<b>Name: $C_Name</b><br>Street Number: $C_StreetNumber<br>Street Name: $C_StreetName<br>Postcode: $C_Postcode<br>County: $C_County<br>Telephone: $C_Tele<br>Website: $C_Website<br>Contact Name: $Contact_Forename $Contact_Surname<br>Email: $Contact_Email<br>Job Type: $Job_Type<br>Job Price: $Job_Price<hr><br>";
        }
    }   
}

?>

For some reason it is returning that there is "

unexpected end of file

" however I've checked the code and all the codes is closed off correctly (from what I can see) when I add another '}' in at the end the script doesn't return anything at all. Anyone know why this would be happening?

Source: Search MySQL Database with Multiple Fields in a Form

Answer 1

Because you forget to close

if(isset($_POST['submit'])) {// you not close the condition

At the end of your file

Just add } at end of your file

Answer 2

Fixed:

if(isset($_POST['submit'])) {
// define the list of fields
    $fields = array('C_Name', 'C_City', 'Job_Type', 'Review_Rate');
    $conditions = array();
    }

// builds the query
$query = "SELECT Company.C_Name, Company.C_StreetNumber, C_StreetName, C_Postcode, C_City, C_County, C_Tele, C_Website, Contact_Forename, Contact_Surname, Contact_Email, Job_Type, Job_Price, Review_Rate, Review_Comment
FROM Company
INNER JOIN Jobs ON Company.Company_ID = Jobs.Company_ID
INNER JOIN Review ON Jobs.Job_ID = Review.Job_ID";


// loop through the defined fields
foreach($fields as $field){
    // if the field is set and not empty
    if(isset($_POST[$field]) && !empty($_POST[$field])) {
        // create a new condition while escaping the value inputed by the user (SQL Injection)
        $conditions[] = "$field LIKE '%" . mysqli_real_escape_string($mysqli_link, $_POST[$field]) . "%'";
        }
    }


// if there are conditions defined
if(count($conditions) > 0) {
    // append the conditions
    $query .= " WHERE " . implode (' AND ', $conditions); // you can change to 'OR', but I suggest to apply the filters cumulative
}

echo "$query";

$result = mysqli_query($mysqli_link, $query);


mysqli_close($mysqli_link);

    if(isset($_POST['submit'])) {
        while($row = mysqli_fetch_array($result)) {
        $C_Name = $row['C_Name'];
        $C_StreetNumber = $row['C_StreetNumber'];
        $C_StreetName = $row['C_StreetName'];
        $C_Postcode = $row['C_Postcode'];
    $C_City = $row['C_City'];
        $C_County = $row['C_County'];
        $C_Tele = $row['C_Tele'];
        $C_Website = $row['C_Website'];
        $Contact_Forename = $row['Contact_Forename'];
        $Contact_Surname = $row['Contact_Surname'];
        $Contact_Email = $row['Contact_Email'];
        $Job_Type = $row['Job_Type'];
        $Job_Price = $row['Job_Price'];
    $Rating = $row['Review_Rate'];
    $Comment = $row['Review_Comment'];

echo "<b>Name: $C_Name</b><br>Street Number: $C_StreetNumber<br>Street Name: $C_StreetName<br>City: $C_City<br>Postcode: $C_Postcode<br>County:     $C_County<br>Telephone: $C_Tele<br>Website: $C_Website<br>Contact Name: $Contact_Forename $Contact_Surname<br>Email:    $Contact_Email<br>Job Type: $Job_Type<br>Job Price: $Job_Price<br>Rating: $Rating<br>Comment: $Comment<hr><br>";
        }
    }   



?>