PDA

Click to See Complete Forum and Search --> : What's wrong with this code.....

luke2125
04-17-2007, 01:34 PM
Hi there,

Could someone please tell me what's wrong with this code, it's a search engine that I would like to search for a specific zip code and display the results. I would appreciate any help regarding this matter:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
<title></title>
</head>

<body>
<h2>Search</h2>
<form name="search" method="post" action="<?=$PHP_SELF?>">
Seach for: <input type="text" name="find" /> in
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>
<?php
//This is only displayed if they have submitted the form
if ($searching =="yes")
{
echo "<h2>Results</h2><p>";

//If they did not enter a search term we give them an error
if ($find == "")
{
echo "<p>You forgot to enter a search term";
exit;
}

// Otherwise we connect to our Database
mysql_connect("", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());

// We preform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);

//Now we search for our search term, in the field the user specified
$data = mysql_query("SELECT * FROM clinics WHERE Zip LIKE LIKE '%$find%' ");

//And we display the results
while($result = mysql_fetch_array( $data ))
{
echo $result['Name'];
echo " ";
echo $result['Address'];
echo "<br>";
echo $result['Zip'];
echo "<br>";
echo "<br>";
}

//This counts the number or results - and if there wasn't any it gives them a little message explaining that
$anymatches=mysql_num_rows($data);
if ($anymatches == 0)
{
echo "Sorry, but we can not find an entry to match your query<br><br>";
}

//And we remind them what they searched for
echo "<b>Searched For:</b> " .$find;
}
?>

I think the problem likes in the SELECT statement, nothing comes out, just the form, I put in a number(zip code) and nothing comes out.......Thanks and God Bless.....
The Little Guy
04-17-2007, 01:49 PM
Try chainging this:
$data = mysql_query("SELECT * FROM clinics WHERE Zip LIKE LIKE '%$find%' ");

To this:
$data = mysql_query("SELECT * FROM clinics WHERE Zip RLIKE '%$find%' ");
luke2125
04-17-2007, 02:21 PM
Hi Little Guy,

Thanks for the response and help, but I tried the code and nothing, I mean, I place a regular zip code, or one that I have in mysql table under the field name zip, and nothing comes out......Very strange......Could it be something with my field under the database, I have the zip field set as varchar........

Thanks and God Bless....
The Little Guy
04-17-2007, 02:44 PM
Add this to see if you get an error message:

$data = mysql_query("SELECT * FROM clinics WHERE Zip RLIKE '%$find%' ") or die(mysql_error());


Did you define $find? I don't see it in the code

$find = $_POST['find']
luke2125
04-17-2007, 04:13 PM
Hi there,

Nothing, I tried the code for the error, but it doesn't even give me an error. I then tried the code for defining $find, and I get a blank screen.....Any further thoughts.........Thanks for the help...God Bless.....
The Little Guy
04-17-2007, 05:15 PM
did you try them together?

<?php
$find = $_POST['find'];
$data = mysql_query("SELECT * FROM clinics WHERE Zip RLIKE '%$find%' ") or die(mysql_error());
?>


Is error reporting turned off on your server do you know?

If it is, place this code that the very top of you document:

<?php
ini_set("error_reporting", E_YOUR_ERROR_LEVEL);
echo ini_get("error_reporting");
?>

It could be an error on your page other than the SQL
luke2125
04-17-2007, 06:35 PM
Hi there,

Here's all the code, maybe you can find something, thanks for the help......

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title></title>
</head>
<body>
<h2>Search</h2>
<form name="search" method="post" action="<?=$PHP_SELF?>">
Seach for: <input type="text" name="find" /> in
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>
<?
ini_set("error_reporting", E_YOUR_ERROR_LEVEL);
echo ini_get("error_reporting");
//This is only displayed if they have submitted the form
if ($searching =="yes")
{
echo "<h2>Results</h2><p>";

//If they did not enter a search term we give them an error
if ($find == "")
{
echo "<p>You forgot to enter a search term";
exit;
}
// Otherwise we connect to our Database
mysql_connect("", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());

// We preform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);
//Now we search for our search term, in the field the user specified
$find = $_POST['find'];
//And we display the results
while($result = mysql_fetch_array( $data ))
{
echo $result['Name'];
echo " ";
echo $result['Address'];
echo "<br>";
echo $result['Zip'];
echo "<br>";
echo "<br>";
}
//This counts the number or results - and if there wasn't any it gives them a little message explaining that
$anymatches=mysql_num_rows($data);
if ($anymatches == 0)
{
echo "Sorry, but we can not find an entry to match your query<br><br>";
}

//And we remind them what they searched for
echo "<b>Searched For:</b> " .$find;
}
?>
</body>
</html>


Yes I tried both together and I don't get anything, I also placed the error code on top like you suggested, could it be that the action is calling php self?
Thanks littleguy for the help....God Bless....
MrCoder
04-18-2007, 05:34 AM
$find should be $_POST['find'] (This goes for the other post values too)

$_POST['find'] should be passed via the mysql_real_escape_string($_POST['find']) function while creating the SQL query.

Why use strtoupper()?

There is no need for $anymatches to be assigned, use if(mysql_num_rows() == 0)

<?=$PHP_SELF?> should be <?php echo $_SERVER['PHP_SELF']; ?>

There is no need for '<input type="hidden" name="searching" value="yes" />', use isset($_POST['find'])

Why are you doing this?

// We preform a bit of filtering
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);
//Now we search for our search term, in the field the user specified
$find = $_POST['find'];


p.s. God has nothing to do with it.
bokeh
04-18-2007, 06:07 AM
$find should be $_POST['find'] (This goes for the other post values too)

$_POST['find'] should be passed via the mysql_real_escape_string($_POST['find']) function while creating the SQL query.No need with a zip code.$find = (int)$_POST['find'];
MrCoder
04-18-2007, 06:13 AM
No need with a zip code.$find = (int)$_POST['find'];

I'm from the UK, use to post codes that are alphanumeric.
Typecast where possible, otherwise mysql_real_escape_string();
bokeh
04-18-2007, 07:36 AM
I'm from the UK, use to post codes that are alphanumeric.
Typecast where possible, otherwise mysql_real_escape_string();He said a ZIP code. The UK doesn't have ZIP codes. It doesn't even have a standardised system that can be tested with a regex.
luke2125
04-18-2007, 10:32 AM
Hi MrCoder,

Thank you for the help, I will try what you wrote, also, I'm relative new to PHP, remember no one is born knowing......God Bless you......



P.S. JOHN 3:16
luke2125
04-18-2007, 10:33 AM
Hi Bokeh,

Thanks for the help and suggestion...God Bless....
MrCoder
04-18-2007, 10:38 AM
He said a ZIP code. The UK doesn't have ZIP codes. It doesn't even have a standardised system that can be tested with a regex.

Well since I have never used a ZIP code in my life I don't know how they are formatted.
Ignorance is bliss :)