0

I have a problem with select statement in mysql, i have a table like with two columns:

cz - varchar(64) - utf8_general_ci
pl - varchar(64) - utf8_general_ci

values:

pl - kwota sumaryczna
cz - celková částka

When in form I type částka i can't find anything, but when i type castka i will find data.

What I should change in my code to make this work for words with czech signs and for words with polish signs?

On web page I have code:

<form  method="post" action="dict.php?go"  id="searchform">
<input  type="text" name="name" pattern=".{0}|.{2,}"   required title="Conajmniej 2 litery" class="keyboardInput" size="50">
<input  type="submit" name="submit" value="Szukaj">
</form>

<br>

<?php
if(isset($_POST['submit'])){

if(isset($_GET['go'])){

if(preg_match("/^[  a-zA-Z]+/", $_POST['name'])){

$name=$_POST['name']; 

//connect  to the database 
$db=mysql_connect  ("host", "user",  "pass") or die ('I cannot connect to the database  because: ' . mysql_error()); 

//-select  the database to use 
$mydb=mysql_select_db("base");

mysql_query("SET character_set_results = 'utf8', character_set_client = 'utf8', character_set_connection = 'utf8', character_set_database = 'utf8', character_set_server = 'utf8'");

//-query  the database table 
$sql="SELECT pl, cz FROM slow WHERE pl LIKE '%" . $name .  "%' or cz LIKE '%" . $name .  "%'";

//-run  the query against the mysql query function 
$result=mysql_query($sql);`
Kamil
  • 1
  • 2
    Have you tried `mysql_set_charset("utf8");` or `mysql_query("SET NAMES 'utf8'");` as per http://stackoverflow.com/a/279279/5024519? Also: You should avoid learning or writing new code using PHP's `mysql_*` functions. They have been removed in the latest version and your code won't work in the future. Please read [Why shouldn't I use mysql_* functions in PHP?](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php) for information on why and what to replace them with. – Matt Raines Jun 14 '16 at 19:26
  • You are open to SQL injections. `^[ a-zA-Z]+` is only checking that the first character(s) are a space or alpha character, subsequent characters could be used for an injection. If you output `$sql` is it as you expect it to be? – chris85 Jun 14 '16 at 19:31
  • `částka` doesn't match `/^[ a-zA-Z]+/` anyway. Perhaps you mean `/^[ \p{L}]+$/u`? – Matt Raines Jun 14 '16 at 19:51
  • Let's check what actually was stored. `SELECT col, HEX(col) FROM ...;` For `částka`, if properly stored in utf8 encoding, should show a hex of `C48D C3A1 73 74 6B 61` (without the spaces). If it show anything else, then the `INSERT` screwed up and/or the connection was not established correctly. – Rick James Jun 19 '16 at 05:19

0 Answers0