Search Bar For My Website Using Php/Mysql That Would Search All Items In My Site

Question

jazz.viper 0 Newbie Poster

14 Years Ago

Hello ,
I am a new user of this site and also new to web development.Recently while developing my site on tourism by php/mysql i thought of placing a search bar at the top of my website where users can search topics and results would be provided according to the keywords entered by them.
Is there any way to search all the tables of my database and provide the results to users.
Any idea regarding this would be of great help.

I have created a search bar as under
<div id="search" >
<form method="get" action="">
<div>
<input type="text" name="search" id="search-text" value="" />
<input type="submit" id="search-submit" value="GO" />
</div>
</form>
</div>

mysql php

5 Contributors
7 Replies
11K Views
3 Years Discussion Span
Latest Post 11 Years Ago Latest Post by hag++

salman.k.srabon commented: daffodil vrsity +0

hag++ 24 Junior Poster

11 Years Ago

Ok well a couple things here. One, don't do this ever:
$sql="SELECT branch_name,branch_address,branch_contact,branch_nostaffs,branch_furniture FROM branch_details WHERE branch_id = '" . $name ."'";
That's wide open to SQL injection.

As far as why your search isn't working I'll need more info.
If you run the query directly against the database does it return data? Either run the query via the command line or in mysql workbench.

If it does not return data then you need to investigate why. If it does return data then we need to look more into your script.

Kyle Wiering commented: Awesome security catch! +0

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

untitledking -2 Light Poster · Answer 1 · 2010-05-01T00:50:05+00:00

Hey there,

That code will not work at all! That will just create a little text box with a submit button and will not do anything when trying to search.

I would suggest you go to this site right here:

http://expressionengine.com/docs/modules/search/simple.html

This site tells you how to make a simple search engine for your site.

Have fun.

jazz.viper 0 Newbie Poster · Answer 2 · 2010-05-02T17:55:20+00:00

Hello
untitledking,

I visited the link you provided.But can't figure out how to make it work in my site.Firstly i couldn't understand the following highlighted lines
-----------------------------------------------------------------------------------------
{exp:search:simple_form weblog="news"}
<p><label for="keywords">Search:</label><br />
<input type="text" name="keywords" id="keywords" value="" size="18" maxlength="100" /></p>

<p><a href="{path='search/index'}">Advanced Search</a></p>

{/exp:search:simple_form}
-----------------------------------------------------------------------------------------
Again on which page will the results be displayed???
If u can please explain me in detail it would be of great help.

furqan219 -9 Junior Poster in Training · Answer 3 · 2010-05-04T19:49:21+00:00

Use REG EXP for search
Search.html page below

<form action="show.php" method="post">

<input type="text" value="Enter Site ID" name="a" class="textfield_effect" maxlength="30" onfocus="this.value=''">
</td>
</tr>
<tr>
            <td align="center" style="font-family:Calibri">
<input type="submit"  value=""/>
</form>

and show.php below

<?php
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

$a= $_POST["a"]; [B]//get value from search.html[/B]
mysql_select_db("onm", $con);

$result = mysql_query("SELECT * FROM info
WHERE SiteId REGEXP '$a'");

while($row = mysql_fetch_array($result))
  {
  echo "<table  align=center class=lims>";
  echo "<tr>";
  echo "<th bgcolor=#5D9BCC >SiteID</th>";
  echo "<td bgcolor=#FEE9A9>" . $row['SiteId'] . "</td>";
  
  
  echo "<tr>";
			
			
			
  echo "<th bgcolor=#5D9BCC>Alias</th>";
  echo "<td bgcolor=#FEE9A9>" . $row['Alias'] . "</td>";
  
    echo "</tr>";
	
	echo "<tr>";
  echo "<th bgcolor=#5D9BCC>Code</th>";
  echo "<td bgcolor=#FEE9A9>" . $row['Code'] . "</td>";
    echo "</tr>";
	
	
	 echo "<tr>";
  echo "<th bgcolor=#5D9BCC>Region</th>";
  echo "<td bgcolor=#FEE9A9>" . $row['Region'] . "</td>";
    echo "</tr>";
	
	echo "<tr>";
  echo "<th bgcolor=#5D9BCC>City</th>";
  echo "<td bgcolor=#FEE9A9>" . $row['City'] . "</td>";
    echo "</tr>";
	

	echo "<tr>";
  echo "<th bgcolor=#5D9BCC>GF-RT Status</th>";
  echo "<td bgcolor=#FEE9A9>" . $row['GreenFieldRoofTop'] . "</td>";
    echo "</tr>";
	
	echo "<tr>";
  echo "<th bgcolor=#5D9BCC>Indoor OutdoorStatus</th>";
  echo "<td bgcolor=#FEE9A9>" . $row['IndoorOutdoor'] . "</td>";
    echo "</tr>";
	
	echo "<tr>";
  echo "<th bgcolor=#5D9BCC>HODate</th>";
  echo "<td bgcolor=#FEE9A9>" . $row['HODate'] . "</td>";
    echo "</tr>";
	
	echo "<tr>";
  echo "<th bgcolor=#5D9BCC>Host</th>";
  echo "<td bgcolor=#FEE9A9>" . $row['Host'] . "</td>";
    echo "</tr>";
	
	echo "<tr>";
  echo "<th bgcolor=#5D9BCC>Guest</th>";
  echo "<td bgcolor=#FEE9A9>" . $row['Guest'] . "</td>";
    echo "</tr>";
	
	

	 
	  $b =$row['SiteId']; 
  }
echo "</table>";


mysql_close($con);

?>

jazz.viper 0 Newbie Poster · Answer 4 · 2010-05-05T20:37:40+00:00

Can you please explain me line 11 & 12 of search.php

mamonsudeshna 0 Newbie Poster · Answer 5 · 2013-10-02T12:56:36+00:00

mamonsudeshna 0 Newbie Poster

11 Years Ago

ITS NOT GIVING ANY OUTPUT

mamonsudeshna 0 Newbie Poster · Answer 6 · 2013-10-02T12:58:48+00:00

PHP Code

<?php 
      if(isset($_POST['submit'])){ 
      if(isset($_GET['go'])){ 
      if(preg_match("/^[  a-zA-Z]+/", $_POST['name'])){ 
      $name=$_POST['name']; 
      //connect  to the database 
      $db=mysql_connect  ("localhost", "root",  "") or die ('I cannot connect to the database  because: ' . mysql_error()); 
      //-select  the database to use 
      $mydb=mysql_select_db("maa_durga"); 
      //-query  the database table 
      $sql="SELECT branch_name,branch_address,branch_contact,branch_nostaffs,branch_furniture FROM branch_details WHERE branch_id = '" . $name ."'"; 
      //-run  the query against the mysql query function 
      $result=mysql_query($sql); 
      //-create  while loop and loop through result set 
      while($row=mysql_fetch_array($result)){ 
              //$BranchCode=$row['branch_id'];
              $BranchName  =$row['branch_name']; 
              $BranchAdd=$row['branch_address']; 
              $BranchContact=$row['branch_contact']; 
              $BranchNoStaffs  =$row['branch_nostaffs'];
              $BranchFurni  =$row['branch_furniture'];
      //-display the result of the array 
      echo "<ul>\n"; 
      echo "<li>" . "<a  href=\"search.php?id=$ID\">"   .$BranchCode . " " . $BranchName .  " ". $BranchAdd ." ". $BranchAdd ." ". $BranchContact ." ". $BranchNoStaffs ." ". $BranchFurni ."</a></li>\n"; 
      echo "</ul>"; 
      } 

          } 
      else{ 
      echo  "<p>Please enter a search query</p>"; 
      } 
      } 
      }

and Here is my HTML form

<!DOCTYPE  HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"  "http://www.w3.org/TR/html4/loose.dtd"> 
<html> 
  <head> 
        <meta  http-equiv="Content-Type" content="text/html;  charset=iso-8859-1"> 
    <title>Search  Contacts</title> 
  </head> 
  <p><body> 
    <h3>Search  Contacts Details</h3> 
    <p>You  may search either by first or last name</p> 
<form  method="post" action="searchbranch.php?go"  id="searchform"> 
      <input  type="text" name="name"> 
      <input  type="submit" name="submit" value="Search"> 
    </form> 
  </body> 
</html> 
</p>