How to apply multy word search in mysql

Question

I need some points on how to make my php script to look not only 1 word or multiple like ( John Doe ). Currently my script only will find the 1st word "John" from the pointed table. Here is my script:

$query = $_GET['query'];   
$min_length = 1;

if (strlen($query) >= $min_length) { 
    $query = htmlspecialchars($query); 
    $query = mysql_real_escape_string($query);

    $raw_results = mysql_query(
        "SELECT * FROM filmi WHERE  (`title` LIKE '%".$query."%') 
         OR (`description` LIKE '%".$query."%') OR (`nomer` LIKE '%".$query."%')"
    ) or die(mysql_error());

    if (mysql_num_rows($raw_results) > 0) { 
        while ($results = mysql_fetch_array($raw_results)) {
            echo "


            print results       

            ";
        }
    } else { 
        echo "No results";
    }
} else { 
    echo "Minimum length is " . $min_length;
}

Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). — Jay Blanchard, Feb 05 '16 at 13:47
[Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) — Jay Blanchard, Feb 05 '16 at 13:47
i need to work with the old php because my host provider is not yet upgraded to php 7. ty for comment — user2052643, Feb 05 '16 at 13:48
brackets are for subqueries; remove them. and all you're doing is `print results`?? what ARE those exactly? — Funk Forty Niner, Feb 05 '16 at 13:49
i removed the content of "echo" for reasons... its simple $results[title] and $results[description] tags — user2052643, Feb 05 '16 at 13:51
unless `John` is present inside all your columns, it will always return one result. — Funk Forty Niner, Feb 05 '16 at 13:54

score 1 · Accepted Answer · edited Feb 05 '16 at 18:30

Use this code, I have added new line.

This basically added wild cards % in place of space so that it will modify existing query and adds wildcard to it. This way it can find all records containing all words in the given search query.

<?php
$query = $_GET['query']; 

$min_length = 1;

if(strlen($query) >= $min_length){
    $query = htmlspecialchars($query); 
    $query = mysql_real_escape_string($query);
    //added new line ################
    $query = str_replace(' ', '%', $query);
    $raw_results = mysql_query("SELECT * FROM filmi
        WHERE  (`title` LIKE '%".$query."%') OR (`description` LIKE '%".$query."%') OR (`nomer` LIKE '%".$query."%')") or die(mysql_error());

    if(mysql_num_rows($raw_results) > 0){ 
        while($results = mysql_fetch_array($raw_results)){
            echo "
            print results       
            ";
        }
    }
    else{ 
        echo "No results";
    }
}
else{ 
    echo "Minimum length is ".$min_length;
} ?>

Please check above, I added explanation. – Alpesh Panchal Feb 05 '16 at 14:07 — Alpesh Panchal, Feb 05 '16 at 14:07
Thank you sir that is what i needed exactly!! – user2052643 Feb 05 '16 at 15:40 — user2052643, Feb 05 '16 at 15:40

How to apply multy word search in mysql

1 Answers1