How to search and display 1 entry from a database

This is where you share YOUR scripts with others

Moderators: macek, egami, gesf

joannehicks
New php-forum User
New php-forum User
Posts: 1
Joined: Thu Mar 07, 2013 5:33 am

How to search and display 1 entry from a database

Postby joannehicks » Thu Mar 07, 2013 5:48 am

I have been working on a simple script that will allow me to connect to a database and search for a specific item (first name). I have been able to set up the data base and connect to it OK but the result is returning "Query was empty".

My search page is simple:-
<form action="connect.php" method="post">
Input Name
:
<input type="text" name="FirstName"><br>
<br>
<br>

<input type="Submit" value="Check Name">
</form>

My PHP code is:-
$con = mysql_connect ("localhost", "xxx", "xxx") or die ('I cannot connect to the database because: ' . mysql_error());
$selected = mysql_select_db ("xxx")
or die ("Could not select database");
$FirstName=$_POST['Value1'];

// PHP Search Script


mysql_query($query);

$query = "SELECT * from Members WHERE FirstName".$_POST['Value1']."'";
$result = mysql_query($sql,$con)or die (mysql_error());


if (mysql_num_rows($result)==0){
echo "No Match Found";
}else{
while ($row = mysql_fetch_array($result)){
echo "First Name: " .$row['FirstName']." ".$row["Value1"]."<br>";



echo "<br>";
echo "---------------------------------------------------------------------"."<br>";
}
}



mysql_close();

I am running round in circles and could really use someone's help!!!!!

seandisanti
php-forum Fan User
php-forum Fan User
Posts: 838
Joined: Mon Oct 01, 2012 12:32 pm

Re: How to search and display 1 entry from a database

Postby seandisanti » Fri Mar 15, 2013 9:07 am

there are a few things wrong here, the first of which is that you're not using PDO for database access, http://jream.com/learning/videos/php-oo ... o-examples is a quick video example of PDO in action. That said, your query is bad.
$query = "SELECT * from Members WHERE FirstName".$_POST['Value1']."'";
//stores this value into $query for when $_POST['Value1'] is Fred:
// SELECT * from Members WHERE FirstNameFred'

To fix it, just make sure you're creating a valid query. You also want to make sure to protect yourself from potential sql injection etc, and PDO makes that easier too. If you just want to fix this script without adding any extra protection, or improving your code with PDO (or even mysqli functions) then change that line to read:

Code: Select all


$query 
= "SELECT * from Members WHERE FirstName='" . $_POST['Value1'] . "'"; 


***edit*** apparently i can't underline in a code box, removed extra formatting tags


Return to “Your Scripts”

Who is online

Users browsing this forum: No registered users and 1 guest

cron