Wikus Moller wrote: > Hi. > > I am having problems with a script I wrote which searches keywords > from a field in a mysql db table. > > It is a very simple, one-page script. My site is a toplist, very > basic, still in it's infancy. When I go to the page, key in the > keywords and press submit, the head, body etc. part of the result > script is shown, but no results. > , although there are rows in my database containing the `keyword` field > data. > > Below is the script, please see if you find any errors, it could be > that I just made a stupid mistake.
imho your first stupid mistake was writing a script that bloody unmanagable. 1. check you input 2. do some processing 3. ouput your page (including any error msgs from step 1 and 2) this is in contrast to the tactic your using, namely: dump some output, do something, dump more output, perform a query, dump some output, do stuff, dump some output in a loop, do stuff, dump some output, etc. PPPPP. read on ... > > <?php > > echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"; > echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD XHTML Mobile 1.0//EN\" > \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\";>"; > echo "<html xmlns=\"http://www.w3.org/1999/xhtml\";>"; > > error_reporting(E_ALL ^ E_NOTICE); > > $pwd = $_GET["pwd"]; > $uid = $_GET["uid"]; > $action = $_GET["action"]; > $cid = $_GET["cid"]; > $sid = $_GET["sid"]; > $var = $_GET["q"]; echo 'is this your expected input? : <pre>'; var_dump($_GET) echo '</pre>'; > > include ("function.php"); > include ("config.php"); > connect($dbserver,$dbname,$dbuser,$dbpass); > > > > /////////////////////////////////////////////Search main page > if(!isset($var)){ > echo "<head>"; > echo "<title>Search Engine</title>"; > echo "<style type=\"text/css\"> > .m3 {background-color: #291C6F;} > .n1 {background-color: #A0A0A0;} > .n2 {background-color: #888888;} > .c2 {color: #000000;} > .m2 {color: #91D0FF;} > body {font-family: Arial, sans-serif; > font-size: 12px; > color: #ffffff; > background-color: #000033; > margin-left: 0px; > margin-right: 0px; > margin-top: 0px;} > .ct1 {font-family: Arial, sans-serif; > font-size: 12px; > color: #800080;} > .cre {background-color: #1300A4; > padding: 2px 2px 2px 2px; > margin: 3px 0 0; > font-size: 12px; > color:#000000; > text-align: center; > border-width:1px 0; > border-style:solid; > border-color:#000000;} use a css file and save a bit of band width (and scrolling in my case). > </style>"; > echo "</head>"; > echo "<body>"; > echo "<table>"; > echo "<div class=\"cre\">"; > echo "<b>Search Engine</b></div>"; > echo "<form method=\"GET\" > action=\"search.php?uid=$uid&pwd=$pwd\">"; ///the uid and pwd is > nessecary cause my member features are very basic and the urls is used > to keep the user 'logged in' basic is the wrong word if your are thinking in terms of security - non-existent is closer to the truth. http://phpsec.org is a good place to and learn about security on all [php] fronts > echo "Keywords: <input type=\"text\" name=\"q\" /><br/>"; > echo "<input type=\"submit\" name=\"Submit\"/>"; > echo "</form>"; > echo "</table>"; > echo "<div class=\"cre\"><img src=\"images/home.gif\" alt=\"*\"/><a > href=\"index.php?uid=$uid&pwd=$pwd\">Home</a></div>"; > echo "</body>"; > echo "</html>"; > } > > ///////////////////////////////////////////////////Display Results > > if(isset($var)){ the following line is pointless given the line about and the fact that you have already set $var in exactly the same way at the top of your script. > $var = $_GET["q"]; > $trimmed = trim($var); //trim whitespace from the stored variable > echo "<head>"; > echo "<title>Search Results</title>"; > echo "<style type=\"text/css\"> > .m3 {background-color: #291C6F;} > .n1 {background-color: #A0A0A0;} > .n2 {background-color: #888888;} > .c2 {color: #000000;} > .m2 {color: #91D0FF;} > body {font-family: Arial, sans-serif; > font-size: 12px; > color: #ffffff; > background-color: #000033; > margin-left: 0px; > margin-right: 0px; > margin-top: 0px;} > .ct1 {font-family: Arial, sans-serif; > font-size: 12px; > color: #800080;} > .cre {background-color: #1300A4; > padding: 2px 2px 2px 2px; > margin: 3px 0 0; > font-size: 12px; > color:#000000; > text-align: center; > border-width:1px 0; > border-style:solid; > border-color:#000000;} > </style>"; > echo "</head>"; > echo "<body>"; > echo "<div class=\"cre\">"; > echo "<b>Search Results</b></div>"; > echo "<table>"; > // Get the search variable from URL > > > > // check for an empty string and display a message. > if ($trimmed == "") > { > echo "Please enter a search..."; > exit; > } > > > > if($pg==0)$pg=1; > $pg--; > $lmt = $pg*20; > $pg++; > $cou =$lmt+1; is your table called 'table'? that is the WORST name in the world for a table - and it will break your queries unless you stick them in backticks, e.g.: $res = mysql_query("SELECT COUNT(*) FROM `table`"); > $scount = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM table you are not checking the return value of mysql_query(). you need to learn to do error checking at every stage of your script ... it's a pain at first but eventually it *should* become second nature. at the very very least do something like this: $res = mysql_query("SELECT COUNT(*) FROM `table`") or die('query failure'); personally I consider this moronic error checking but it's better than nothing. > WHERE keywords like \"%$trimmed%\" AND banned='0' AND hitsin >= > '2'")); > $pgs = ceil($scount[0]/20); > // Build SQL Query > $sql = "SELECT * FROM table WHERE keywords like \"%$trimmed%\" AND > banned='0' and hits_in >='2' ORDER by hin DESC LIMIT ".$lmt.", 20;"; dump out $sql (and the 'count' query above it) and check they are what you think they are, then run them through phpmyadmin (directly in the mysql command line tool) to check they do what you think they do. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
