PHP /MYSQL Search Form Displaying Empty Results

Question

Please Guys what must be wrong with this my code, I have tried to fetch the search data from my Database as follows

Students DATA As follow

Reg Number: Full Name: Faculty: Program: Level: Group.

on the HTML Search Page

<html> 
<h2> Enter your matric number to connect to others studying your course </h2>
<form action="demo.php" method="post">
<b> ReG </b><input type="text" Name="find">
<input type="submit"  value="Submit" />

</form>
</html>

PHP SIDE

<table border="1">
<tr>
<th>Student Full Name</th>
<th> Faculty</th>
<th> Program</th>
<th> Entry Year</th>
<th> Study Group</th>
<th> Group Members Contact</th>
<th> Group Leader Contacts</th>
</tr>



<?php 

$conn=mysqli_connect("localhost", "root", "", "student");
// Check connection
if($conn=== false){
    die("ERROR: Could not connect. " . mysqli_connect_error());
}

 $q = $_POST['find'];


if ($q == "")
{
echo "<p>You forgot to enter a search term!!!";
exit;
}
$sql = "SELECT * FROM study_circle WHERE matric LIKE $q ";
$result = mysqli_query($conn, $sql);

if ($result)
 {
  while($row = mysql_fetch_array($result))
 {





        echo "<tr>";
        echo  "<td>";

    echo  $row['full_name'];
    echo  "</td>";
    echo  "<td>";
    echo  $row['faculty'];
    echo "</td>";
    echo  "<td>";
    echo  $row['program'];
    echo  "</td>";
    echo  "<td>";
    echo  $row['entry_year'];
    echo "</td>";
    echo  "<td>";
    echo  $row['study_group'];
    echo  "</td>";
    echo  "<td>";
    echo  $row['group_members'];
    echo  "</td>";
    echo "<td>";
    echo  $row['group_leader'];
    echo  "</td>";
    echo  "</tr>";
    echo  "<br/>";




    }
} else {
    echo "0 results";
}

mysqli_close($conn);
?>

Each time I try it it's bringing Empty results even though I have populated the database

Right now it's on my Localhost system, please anyone good person to help, am just new to Programming. I will be happy to fix this

`var_dump($row)` and see what it displays. if it displays `null` or `[]` (empty array), there's something wrong with your SQL query. — Zac, Feb 25 '19 at 15:24

score 2 · Answer 1 · answered Feb 25 '19 at 15:08

Your code is misinterpreting what a false value means here:

if ($result)
{
    //...
} else {
    echo "0 results";
}

A false value in $result doesn't mean the search didn't find anything, it means the query failed with an error. To get the error, use mysqli_error:

if ($result)
{
    //...
} else {
    echo "There was an error: " . mysqli_error($conn);
}

In this case the error is probably a syntax error in your SQL code because you're directly concatenating user input to SQL code. This is also called a SQL injection vulnerability. There is some good information to get you started on correcting that here, including specifically how to use query parameters with the LIKE operator here. At its simplest you will want to use a prepared statement with a query parameter instead of using string interpolation like you do now.

score 0 · Answer 2 · edited Feb 25 '19 at 15:08

0

Try adding wildcard characters to the start and end of the search string:

$sql = "SELECT * FROM study_circle WHERE matric LIKE '%$q%'";

edited Feb 25 '19 at 15:08

Strawberry

33,750
13
40
57

answered Feb 25 '19 at 15:08

Fabian

691
1
6
13

score 0 · Answer 3 · answered Feb 25 '19 at 15:30

You willl need to get the rowcount of the search data. That will gurantee if the record is there or not Eg.

$rowcount = mysqli_num_rows($result);

and then perform if statement with it.

see code below.

<?php 

$conn=mysqli_connect("localhost", "root", "", "student");
// Check connection
if($conn=== false){
    die("ERROR: Could not connect. " . mysqli_connect_error());
}

 $q = $_POST['find'];


if ($q == "")
{
echo "<p>You forgot to enter a search term!!!";
exit;
}
$sql = "SELECT * FROM study_circle WHERE matric LIKE $q ";
$result = mysqli_query($conn, $sql);
$rowcount = mysqli_num_rows($result);

if( $rowcount ){

$row = mysql_fetch_array($result);





        echo "<tr>";
        echo  "<td>";

    echo  $row['full_name'];
    echo  "</td>";
    echo  "<td>";
    echo  $row['faculty'];
    echo "</td>";
    echo  "<td>";
    echo  $row['program'];
    echo  "</td>";
    echo  "<td>";
    echo  $row['entry_year'];
    echo "</td>";
    echo  "<td>";
    echo  $row['study_group'];
    echo  "</td>";
    echo  "<td>";
    echo  $row['group_members'];
    echo  "</td>";
    echo "<td>";
    echo  $row['group_leader'];
    echo  "</td>";
    echo  "</tr>";
    echo  "<br/>";


    exit;
}else{
 echo "0 results";

}
}


mysqli_close($conn);
?>

PHP /MYSQL Search Form Displaying Empty Results

3 Answers3