[php] Simple search MySQL database using php

I currently have a small php script that searches a database based on user input. There is an html file that has one field that is used for entry of search strings into the database. Essentially, you can search for employees.

It is supposed to retrieve the employee result, if found, and a 'no employee found' message, if not.

For some reason, however, no matter the search, the query returns every employee in the database.

I've been working on this for over an hour, and I am honestly stumped. It may be a simple error but I could do with some help.

<?php
    $con= new mysqli("localhost","root","","Employee");
    $name = $_post['search'];
    //$query = "SELECT * FROM employees
   // WHERE first_name LIKE '%{$name}%' OR last_name LIKE '%{$name}%'";

    // Check connection
    if (mysqli_connect_errno())
      {
      echo "Failed to connect to MySQL: " . mysqli_connect_error();
      }

$result = mysqli_query($con, "SELECT * FROM employees
    WHERE first_name LIKE '%{$name}%' OR last_name LIKE '%{$name}%'");

while ($row = mysqli_fetch_array($result))
{
        echo $row['first_name'] . " " . $row['last_name'];
        echo "<br>";
}
    mysqli_close($con);
    ?>

Any help appreciated.

Thanks.

This question is related to php

The answer is


First add HTML code:

<form action="" method="post">
<input type="text" name="search">
<input type="submit" name="submit" value="Search">
</form>

Now added PHP code:

<?php
$search_value=$_POST["search"];
$con=new mysqli($servername,$username,$password,$dbname);
if($con->connect_error){
    echo 'Connection Faild: '.$con->connect_error;
    }else{
        $sql="select * from information where First_Name like '%$search_value%'";

        $res=$con->query($sql);

        while($row=$res->fetch_assoc()){
            echo 'First_name:  '.$row["First_Name"];


            }       

        }
?>

This is a better code that will help you through.
With your database, but rather, I have used mysql not mysqli
Enjoy it.

<body>

<form action="" method="post">

  <input name="search" type="search" autofocus><input type="submit" name="button">

</form>

<table>
  <tr><td><b>First Name</td><td></td><td><b>Last Name</td></tr>

<?php

$con=mysql_connect('localhost', 'root', '');
$db=mysql_select_db('employee');


if(isset($_POST['button'])){    //trigger button click

  $search=$_POST['search'];

  $query=mysql_query("select * from employees where first_name like '%{$search}%' || last_name like '%{$search}%' ");

if (mysql_num_rows($query) > 0) {
  while ($row = mysql_fetch_array($query)) {
    echo "<tr><td>".$row['first_name']."</td><td></td><td>".$row['last_name']."</td></tr>";
  }
}else{
    echo "No employee Found<br><br>";
  }

}else{                          //while not in use of search  returns all the values
  $query=mysql_query("select * from employees");

  while ($row = mysql_fetch_array($query)) {
    echo "<tr><td>".$row['first_name']."</td><td></td><td>".$row['last_name']."</td></tr>";
  }
}

mysql_close();
?>

If you do mysqli_fetch_array(), you must put integer in $row index ex.($row[3]).If you read $row['id'] or $row['example'], you must use mysqli_fetch_assoc.


I think its works for everyone

<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Search</title>
</head>

<body>
    <form action="" method="post">
        <input type="text" placeholder="Search" name="search">
        <button type="submit" name="submit">Search</button>
    </form>
</body>

</html>
<?php


if (isset($_POST['submit'])) {
    $searchValue = $_POST['search'];
    $con = new mysqli("localhost", "root", "", "testing");
    if ($con->connect_error) {
        echo "connection Failed: " . $con->connect_error;
    } else {
        $sql = "SELECT * FROM customer_info WHERE name OR email LIKE '%$searchValue%'";

        $result = $con->query($sql);
        while ($row = $result->fetch_assoc()) {
            echo $row['name'] . "<br>";
            echo $row['email'] . "<br>";
        }

      
    }   
}



?>

Just with the above answer I hope it was the problem.

$_POST['search'] instead of $_post['search']

And again use LIKE '%$name%' instead of LIKE '%{$name}%'


You need to use $_POST not $_post.


`

require_once('functions.php');

$errors = FALSE;
$errorMessage = "";

if(mysqli_connect_error()){
  $errors = TRUE;
  $errorMessage .= "There was a connection error <br/>";
  errorDisplay($errorMessage);
  die($errors);
} else if($errors != "TRUE"){
  $errors .= FALSE;
}

if(isset(mysqli_real_escape_string($_POST['search']))){
  $search = mysqli_real_escape_string($_POST['search']);
  search(search);
}



?>
<?php
//This is functions.php
function search($searchQuery){
  echo "<div class="col-md-10 col-md-offset-1">";
  $searchTerm
  $query = query("SELECT * FROM `index` WHERE `keywords` LIKE '".$searchTerm."' ");
  while($row = mysqli_fetch_array($query)){
    $results = <<< DELIMITER
      <div class="result col-md-12">
        <a href="index.php?search={$row['id']}"> {$row['Title']} </a>
        <p class="searchDesc">{$row['description']}</p>
      </div>
DELIMITER;
    echo $results;
  }
  echo "</div>";
}

function errorDisplay($msg){
  if(!isset($_SESSION['errors'])){
    $_SESSION['errors'] = $msg;
    showError($msg);
  } else if() {
    $_SESSION['errors'] .= $msg . "<br>";
    showError($msg);
  }
}
function showError($msg) {
  return $msg;
  unset($_SESSION['errors']);
}


?>`
Perhaps That Helps?