1

Heres my code:

<?php
$db = new mysqli('localhost', 'USER', 'PASS', 'DB') or die(mysql_error());

$output = '';

//collect
if(isset($_POST['search'])) {
  $searchq = $_POST['search'];
  $searchq = preg_replace("#[^0-9a-z]#i","",$searchq);

  $query = <<<SQL
    SELECT *
    FROM `users`
    WHERE `title`
    LIKE '%$searchq%'
    OR `last`
    LIKE '%$searchq%'
  SQL;

  $count = $db->query($query);
  if($count == 0) {
    $output = 'There was no search results!';
  }else{
    while($row = mysqli_fetch_array($count)) {
      $fname = $row('title');
      $lname = $row('last');
      $id = $row('id');

      $output .= '<div>'.$fname.' '.$lname.'</div>';
    }
  }

}

?>
<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="utf-8">
    <meta name="dcterms.created" content="Sat, 11 Mar 2017 00:48:58 GMT">
    <meta name="description" content="">
    <meta name="keywords" content="">
    <title>Search</title>

  </head>
  <body>



  <form action="index.php" method="post">
    <input type="text" name="search" placeholder="Search for Documents..." />
    <input type="submit" value=">>"></input>
  </form>

<?php 
print("$output"); 
?>
</body>
</html>

I have no clue what's going wrong. My file is saved as a .php file. I tried multiple things but couldn't fix it or find errors. This script is being used as a basic search script and I cannot test it because i keep receiving errors of unexpected end of file.

Ahm23
  • 338
  • 3
  • 16

3 Answers3

1

There are a couple of issues with your code.

  1. If you're going to use Heredoc the closing identifier must be by itself (including whitespace). So you'll need to bring it all the way to the edge e.g.

Incorrect:

 SQL;

Correct:

SQL;

http://php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc

I would also just suggest using a normal string for this.

  1. When accessing values in an array you need to use square braces not parenthesis e.g.:

    $fname = $row['title'];

Lastly, I would recommend looking in to binding your params for your queries. http://php.net/manual/en/pdostatement.bindparam.php

Hope this helps!

Qirel
  • 25,449
  • 7
  • 45
  • 62
Rwd
  • 34,180
  • 6
  • 64
  • 78
  • I appreciate your answer but in PHP 7 you can use brackets and not square brackets. The square brackets don't work in PHP 7 anymore. – Ahm23 Mar 13 '17 at 00:08
  • 1
    I guess @RossWilson, we both have it wrong then. lol. – Xorifelse Mar 13 '17 at 00:12
  • @Ahm23 What?!? Where have you heard that? I have multiple projects that use php7 and `[]` works fine. Also, if you use `()` it will try and treat it like function in which case should result in `Function name must be a string` error being thrown. – Rwd Mar 13 '17 at 00:13
  • sorry my bad. you are correct. – Ahm23 Mar 13 '17 at 01:20
0

think the $query should be inside of ' " ', how ever i think you work fine like you are doing, so i've made the .php and the issue is near $query = <<< SQL , this should be ' << ' or ' < ', try it. Good luck

UPDATE 1 I've readed the docs and the Heredoc require that the key should not be indented so use SQL; unindentend instead of (indent)SQL;

Frank Leal
  • 212
  • 4
  • 18
0

Replace this:

$query = <<<SQL
  SELECT *
  FROM `users`
  WHERE `title`
  LIKE '%$searchq%'
  OR `last`
  LIKE '%$searchq%'
SQL;

With this:

$query = "SELECT *
          FROM `users`
          WHERE `title` LIKE '%{$searchq}%' OR `last` LIKE '%{$searchq}%'";
Anis Alibegić
  • 2,941
  • 3
  • 13
  • 28