This script worked last year. Not worked on a site for a while. Not sure why its not working. Cans someone help please.
<?php
mysql_connect ("localhost", "user","pw") or die (mysql_error());
mysql_select_db ("db");
if(isset($_POST['submit']) && !empty($_POST['submit'])){
$result = ""; //USED LATER
/*$term = $_POST['term']; THIS WORKS BUT FOR SECURITY ISSUES USE:*/
$term = mysql_real_escape_string($_POST['term']);//AVOID MYSQL INJECTION
$sql = mysql_query("SELECT * FROM `Find Your Gid` where Name like '%$term%'");
if (mysql_num_rows($sql) <= 0) {
// no results
//echo 'No results found.'; BETTER ECHO LATER
$error = "No result found";
} else if ($term ="") {
$error = "No name entered!";
} else {
$result .= "<table border='1'>";
$result .="<tr><td>Name</td><td>Gid</td><td>Giftable</td></tr>";
while ($row = mysql_fetch_array($sql)){
$result .= '<tr>';
$result .= '<td>'.$row['Name'].'</td>';
$result .= '<td>'.$row['Gid'].'</td>';
$result .= '<td>'.$row['Giftable'].'</td>';
$result .= '</tr>';
}
$result .= "</table>";
}
mysql_close();
}
?>
<html>
<form action="food.php" method="post">
Search: <input type="text" name="term" /><br />
<input type="submit" name="submit" value="Submit" />
</form>
<div name="Results">
<?php
if(isset($error)){echo $error;}
if(isset($result)){echo $result;}
?>
</div>
</body>
</html>
<script type="text/javascript">
var arrRequiredFields = [ "term" ];
window.onload = function() {
document.forms[0].onsubmit = function() {
for (var i = 0; i < arrRequiredFields.length; i++) {
var field = document.forms[0].elements[arrRequiredFields[i]];
if (field && field.value.length == 0) {
alert("Missing Name of Food");
field.focus();
return false;
}
}
return true;
};
};
</script>
