0

my search engine php code wont work and says undefined index. even if i dont have undefined index error, it wont search in database.

<?php include 'header.php';
include 'netting/baglan.php';
if (isset($_POST['arama'])) {
    $aranan=$_POST['aranan'];
    $slidersor=$db->prepare("SELECT * FROM slider WHERE slider_ad LIKE '%aranan%' order by slider_durum DESC, slider_sira ASC limit 25");
    $slidersor->execute();
    $say=$slidersor->rowCount();
} else {
    $slidersor=$db->prepare("select * from slider order by slider_durum DESC, slider_sira ASC limit 25");
    $slidersor->execute();
}

search bar code:

<div class="col-md-12">
            <div class="title_right">
                <div class="col-md-5 col-sm-5 col-xs-12 form-group pull-right top_search">
                    <form action="" method="POST">
                    <div class="input-group">
                            <input type="text" class="form-control" name="aranan" placeholder="Aramak istediklerinizi yazın...">
                            <span class="input-group-btn">
                                <button class="btn btn-default" name="arama" type="submit">Ara!</button>
                            </span>
                        </div>
                    </form>
                </div>
            </div>
        </div>
user3783243
  • 5,368
  • 5
  • 22
  • 41
Sefa Özçelik
  • 3
  • 1
  • That is not how prepared statements should be written. Parameterize. What is the actual error message? What does `$_POST` contain? Do you ever fetch the results and use them? – user3783243 Feb 10 '19 at 22:51
  • Possible duplicate of ["Notice: Undefined variable", "Notice: Undefined index", and "Notice: Undefined offset" using PHP](https://stackoverflow.com/questions/4261133/notice-undefined-variable-notice-undefined-index-and-notice-undefined) – Sarima Feb 10 '19 at 22:53
  • `%aranan` <> `%$aranan` ...undefined index though indicates an additional issue – user3783243 Feb 10 '19 at 22:53
  • i've just found the solution i think. i added $ command to '%aranan%' and make it '%$aranan%' and search engine works but i still get undefined error message. – Sefa Özçelik Feb 10 '19 at 22:54
  • @user3783243 yea you are write for engine error, thanks – Sefa Özçelik Feb 10 '19 at 22:55
  • bu the video that i looked up to do this dont include $ command in there and it worked in 2016 – Sefa Özçelik Feb 10 '19 at 22:56
  • If using PDO use `$slidersor=$db->prepare("SELECT * FROM slider WHERE slider_ad LIKE ? order by slider_durum DESC, slider_sira ASC limit 25"); $slidersor->execute(array('%' . $aranan . '%');` – user3783243 Feb 10 '19 at 22:56
  • @SefaÖzçelik If a tutorial gave this code to you stop using it quickly. It is not secure and is advising bad practices. – user3783243 Feb 10 '19 at 22:57
  • @user3783243 do you have suggestions to learn php better? – Sefa Özçelik Feb 10 '19 at 22:58
  • I'd go with a written tutorial first. It is easy to make a typo transcribing from a video. Anything that uses variables in a SQL query shouldn't be used. Values should always be bound. – user3783243 Feb 10 '19 at 23:09

0 Answers0