1

I am trying to filter out data from my table using a searchbox in HTML. My search box which should return value from SQL query.

But even if I search, the filtered table is not displayed.

I have checked the 'LIKE' query in phpMyAdmin with '%n' (which I meant an entry in my table ending with 'n' ) and it works, but since in mine I am searching for a specific text that is entered in the search box, I couldn't check for the query that I am using.

Would really appreciate any help and thanks in advance. 

 <?php
//error_reporting(E_ERROR | E_PARSE);
$db_host = 'localhost';
$db_user = 'zamil'; // Username
$db_pass = '1234'; // Password
$db_name = 'resi'; // Database Name
$conn = mysqli_connect($db_host, $db_user, $db_pass, $db_name);
if (!$conn) {
die ('Failed to connect to MySQL: ' . mysqli_connect_error());  
}
else{
print("connected");
}
$output = '';
$query = '';

if (isset($_GET['search'])){

$searchq = $_GET['search'];

$searchq = preg_replace("#[^0-9a-z]#i","",$searchq);
$query = mysqli_query( $conn, "SELECT * FROM 'salesflow' WHERE 'Rep Name' 
LIKE '%$searchq%'") or die("could not search!");
$count = mysqli_num_rows($query);
if($count == 0){
$output = 'There was no entries';
}else{
while ($row = mysqli_fetch_array($query)) {
    $cname = $row['Source of Content'];
    $rname = $row['Rep Name'];

    $output .= '<div>'.cname.' '.rname.'</div>';
    }
  }
}

if ($query != 0) {
die ('SQL Error: ' . mysqli_error($conn));
}

?>

<form action="Sales1.php" method="post"> 
Search: <input type="text" name="search" /> 
<input type="submit" value="Search" /><br />  
</form>

<?php print("$output"); ?> 

</body>
</html>
newbee1988
  • 35
  • 8

2 Answers2

0

Your SQL query is incorrect:

SELECT * FROM 'salesflow' WHERE 'Rep Name' LIKE '%$searchq%'

You put single quotes (') around the salesflow table name and Rep Name column name but you should use backticks (`) instead.

For more information see Using backticks around field names.

kmoser
  • 8,780
  • 3
  • 24
  • 40
  • $query = mysqli_query( $conn, "SELECT * FROM `salesflow` WHERE `Rep Name` LIKE '".$searchq."'") or die("could not search!"); This is what I did, but its showing error in my SQL. – newbee1988 Jan 10 '18 at 04:50
  • You're getting an error because that is not a valid SQL statement. You need backticks around the column name. You've also removed your wildcards, which will yield a different result. – kmoser Jan 10 '18 at 20:51
0

I think you have entered a wrong query syntax.

$query = mysqli_query( $conn, "SELECT * FROM 'salesflow' WHERE
'Rep Name' LIKE '%$searchq%'") or die("could not search!");

It should be written like this:

$query = mysqli_query( $conn, "SELECT * FROM 'salesflow' WHERE
'Rep Name' LIKE '%".$searchq."%'") or die("could not search!");

Always use ' for string in query.

Also, my additional recommendation is not to use SQL for searching in the table, instead, use DataTable based on AngularJS.

Ashraf Misran
  • 63
  • 10
  • umm, are you sure? why are you suggesting removing the wildcards? and are you aware that php can parse varibles inside double quotes. and no mention about `'salesflow'` and `'Rep Name'`. and ... – Sean Jan 10 '18 at 04:36
  • Uh sorry, forgot about the wildcards. Yes PHP can parse variable inside double quotes, but not SQL. – Ashraf Misran Jan 10 '18 at 04:38
  • but you know that the php string is parsed before sending the query string, right? So those 2 query strings will result in the same exact output. all you are doing is making it a little more visible, but it doesn't make any difference. – Sean Jan 10 '18 at 04:41