Search code examples
phpsqlsearchsearch-engine

Simple php/sql search engine

I am trying to make a simple php, sql search engine that will select everything from my database that is "LIKE" the keyword (query) and display it. However it will not work. It only displays the text "problem"(see line 32) and after hours of troubleshooting I still can not figure this out. 

<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title>Search Engine Test</title>
</head>
<body>
<script language="php">
// Create a database connection
$connection = mysql_connect("*****","*****","*****");   
if (!connection) {
    die ("Please reload page. Database connection failed: " . mysql_error());
}

// Select a databse to use
$db_select = mysql_select_db("*****",$connection);
if (!$db_select) {
    die("Please reload page. Database selection failed: " . mysql_error());
}

// Search Engine
// Only execute when button is pressed
if (isset($_POST['search'])) {
// Filter
//$keyword = trim ($keyword);
echo $keyword;
// Select statement
$search = mysql_query("SELECT * FROM tbl_name WHERE cause_name LIKE '%keyword%'");
// Display
$result = @mysql_query($search);
if (!$result){
echo "problem";
exit();
}


while($result = mysql_fetch_array( $search )) 
 { 
 echo $result['cause_name']; 
 echo " ";
 echo "<br>"; 
 echo "<br>"; 
 }
 $anymatches=mysql_num_rows($search); 
 if ($anymatches == 0) 
 { 
 echo "Nothing was found that matched your query.<br><br>"; 
 }
}
</script>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<input type="text" name="keyword">
<input type="submit" name="search" value="Search">

</body>
</html>
Solution

  • Try and change:

    if (isset($_POST['search'])) { //$_POST['search'] just tells that there are a submit-button when submitting (and the name of it)
// Filter
//$keyword = trim ($keyword);
echo $keyword; //You're echoing out value of $keyword which hasn't been set/assigned
// Select statement

//You're always searching for the word keyword with leading and/or trailing characters
//You're not searching for a dynamically assigned value which I think is what you want
$search = mysql_query("SELECT * FROM tbl_name WHERE cause_name LIKE '%keyword%'");

//You're executing an already defined query (assigned in $search)
$result = @mysql_query($search); //You're suppressing errors, it's bad practice.
if (!$result){
echo "problem";
exit();
}

    to:

    if (isset($_POST['keyword'])) {
// Filter
$keyword = trim ($_POST['keyword']);

// Select statement
$search = "SELECT * FROM tbl_name WHERE cause_name LIKE '%$keyword%'";
// Display
$result = mysql_query($search) or die('query did not work');

    IMPORTANT! <script language="php"> isn't valid. You should type <?php at the beginning of php-code and ?> to end php-code.

    UPDATE: You will also have to change this code:

    while($result = mysql_fetch_array( $search )) 
    { 
    echo $result['cause_name']; 
    echo " ";
    echo "<br>"; 
    echo "<br>"; 
 }
 $anymatches=mysql_num_rows($search); 
 if ($anymatches == 0) 
 { 
     echo "Nothing was found that matched your query.<br><br>"; 
 }
}

    TO:

    while($result_arr = mysql_fetch_array( $result )) 
{ 
echo $result_arr['cause_name']; 
echo " ";
echo "<br>"; 
echo "<br>"; 
}
$anymatches=mysql_num_rows($result); 
if ($anymatches == 0) 
{ 
   echo "Nothing was found that matched your query.<br><br>"; 
}
}

    When making new code, you really should NOT use mysql_ functions*, because they're deprecated. Look into PDO or mysqli instead.