1

The following is code that I have put together with some help from SO. I am trying to be able to implement the $select statement, as well as the $search statement on the same page. The $select statement works fine, but I do not know how to call the $search statement to execute when the user searches using the form within the code. Does anyone know how to do this, or can you redirect me to a good tutorial with how forms interact with php? 

<?php
require 'db/connect.php';

$select = $db->query("SELECT * FROM customers ORDER BY id DESC");

$search = $db->query("SELECT * FROM customers WHERE FName LIKE '%$_REQUEST[q]%' OR LName LIKE '%$_REQUEST[q]%' ORDER BY id DESC");
?>

<!DOCTYPE html>
<html lang="en">
    <head>
        <link rel="stylesheet" href="styles.css">
    </head>
    <body>
        <div id="wrapper">
            <h1>Customers</h1>
            <p><a class="btn create" href="createcustomer.php">CREATE</a></p>
            <?php
            if (!$select->num_rows) {
                echo '<p>', 'No records', '</p>';
            }else{
            ?>
                <table border="1" width="100%">
                <thead>
                    <tr>
                        <th>First Name</th>
                        <th>Last Name</th>
                        <th>Phone</th>
                        <th>Alt Phone</th>
                        <th>Job Address</th>
                        <th>Billing Address</th>
                        <th>Email</th>
                        <th>Alt Email</th>
                    </tr>
                </thead>
                <tbody>
                <?php
                    while ($row = $select->fetch_object()) {
                ?>
                    <tr>
                        <td><?php echo $row->FName;?></td>
                        <td><?php echo $row->LName;?></td>
                        <td><?php echo $row->Phone;?></td>
                        <td><?php echo $row->AltPhone;?></td>
                        <td><?php echo $row->JobAddress;?></td>
                        <td><?php echo $row->BillingAddress;?></td>
                        <td><?php echo $row->Email;?></td>
                        <td><?php echo $row->AltEmail;?></td>

                        <td><a class="btn read" href="viewcustomer.php?id=<?php echo $row->id; ?>">READ</a>&nbsp;<a class="btn update" href="editcustomer.php?id=<?php echo $row->id; ?>">UPDATE</a>&nbsp;<a class="btn delete" href="deletecustomer.php?id=<?php echo $row->id; ?>">DELETE</a></td>
                    </tr>
                </tbody>
                <tbody>
            <?php
            }
            ?>
            </table>
            <?php
            }
            ?>
            # Search form that needs tied to $search
            <input type="text" name="q" /> <input type="submit" name="search" />

        </div>
    </body>
</html>
Improve this question
1
  • 1
    You've no form tags. Commented Apr 4, 2015 at 3:41

2 Answers 2

Reset to default
1

You need verify if the form is sent in your php code:

<?php

require 'db/connect.php';

if(isset($_POST['q'])) {

$q = $_POST['q'];

$select = $db->query("SELECT * FROM customers WHERE FName LIKE '%$q%' OR LName LIKE '%$q%' ORDER BY id DESC");

} else {

$select = $db->query("SELECT * FROM customers ORDER BY id DESC");

}

?>

And you need change your code to add a form

<form method="post">
<input type="text" name="q" /> <input type="submit" name="search" />
</form>
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

I tried what you suggested, and I get an error '"Notice: Undefined variable: select in C:\wamp\www\customers.php on line 28"' In addition, at the top of the screen, it looks like there is a formatting error, because it shows the following end of code line text : 'query("SELECT * FROM customers WHERE FName LIKE '%$q%' OR LName LIKE '%$q%' ORDER BY id DESC"); } else { $select = $db->query("SELECT * FROM customers ORDER BY id DESC"); } ?>' P.S. : Line 28 is as follows : 'if (!$select->num_rows) {'
@Steven I edit my answer, try now, and let my know if the problem is solve
This works beautifully. Thank you very much!!!! If you let me know your paypal email, I would love to buy you a drink :D
1

I guess '%$_REQUEST[q]%' would give you a problem, because you want to access $_REQUEST['q'] instead of $_REQUEST[q].

Replacing it with '%" . $_REQUEST['q'] . "%' should be a good start. But you usually don't want to leave it like that, because this code is vulnerable to sql injections.

Therefore you should use the quote function:

$search = $db->query("SELECT * FROM customers WHERE FName LIKE " . $db->quote("%" . $_REQUEST['q'] . "%") . " OR LName LIKE " . $db->quote("%" . $_REQUEST['q'] . "%") . " ORDER BY id DESC");

Next thing you want to do is checking whether the form input is set and to use the result of your search instead of the select statement without search parameters:

if (isset($_REQUEST['q'])) {
    $q = "%" . $_REQUEST['q'] . "%";
    $select = $db->query("SELECT * FROM customers WHERE FName LIKE " . $db->quote($q) . " OR LName LIKE " . $db->quote($q) . " ORDER BY id DESC");
} else {
    $select = $db->query("SELECT * FROM customers ORDER BY id DESC");
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.