i am developing a website using php and mysql,in this website

Question

i want to fetch data from my database which is linked to the website,i have created a search box,whenever i enter a particular value in search box,it should display all the related content from the database.i have done the following code,it is not fetching the data from the database,it just shows a blank screen.

<?php
define('db_name','njgh');
define('db_user','root');
define('db_password','');
define('db_host','localhost');
session_start();

$link=mysql_connect(db_host,db_user,db_password);

if(!$link)
{
    die('couldnot connetc:'.mysql_error());
}

$db_selected=mysql_select_db(db_name,$link);
if(!$db_selected)
{
    die('cant connect to db');
}


function clean($str) {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
}

$value = clean($_POST['searchtext']);
$qry = "SELECT * FROM database WHERE Site_ID = '$value'";
$result = mysql_query($qry);
print_r($result);

Answer 1

mysql_query function return resource ID not your data , use mysql_fetch_array, mysql_fetch_object to get data

$value = ($_POST['searchtext']);
$result = mysql_query("SELECT * FROM database WHERE Site_ID = '$value'");

while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
    printf("ID: %s  Name: %s", $row[0], $row[1]);  
}

Answer 2

mysql_* has been removed entirely as of PHP 7.0. Prevent SQL injection and use the mysqli statement class.

<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "njgh";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
$value = $_POST['searchtext'];
/* create a prepared statement */
if($stmt = $conn->prepare("SELECT * FROM database WHERE Site_ID =?")) {
    /* bind parameters for markers */
    $stmt->bind_param("s", $value);

    /* execute query */
    $stmt->execute();

    $result = $stmt->get_result();

    if($result->num_rows > 0) { 
        while ($row = $result->fetch_assoc()) {
            echo $row['db_table_field_name'];
        }
        //or 
        $row = $result->fetch_assoc();
        print_r($row);
    } else {

    }
    /* close statement */
    $stmt->close();
} 
/* close connection */
$con->close();
?>

Answer 3

The original MySQL extension is now deprecated, and will generate E_DEPRECATED errors when connecting to a database. Instead, use the MySQLi or PDO_MySQL extensions. Hope this will work for you......

<?php
define('db_name','sports');
define('db_user','root');
define('db_password','');
define('db_host','localhost');
$link=mysqli_connect(db_host,db_user,db_password,db_name);
if(!$link)
{
    die('couldnot connect:'.mysql_error());
}

function clean($str) {
        $link=mysqli_connect(db_host,db_user,db_password,db_name);
        $str = @trim($str);
        if(get_magic_quotes_gpc())
            $str = stripslashes($str);

        return mysqli_real_escape_string($link, $str);
}
if(isset($_POST['searchtext'])){
$value = clean($_POST['searchtext']);
$qry = "SELECT * FROM cricket WHERE id = '$value'";
$qrydb = mysqli_query($link, $qry);

while($row=mysqli_fetch_array($qrydb)){
    $name = $row['name'];
}
echo $name ;
}
?>
<body>
    <form method="post">
      <input type="text" name="searchtext">
      <input type="submit" name="submit">
    </form>
</body>