1

I'm currently working on a bit of PHP and I've 3 text inputs. The values are searched in the MySQL database and should return whatever amount of results correspond with the entered criteria.

here is the search form:

<form id='SearchPersonal' method='post' action='businessUsersSearch.php' accept-charset='UTF-8'>
<fieldset >
<legend>Search</legend>

<div class='container'>
<label for='C_Name' >Business Name: </label><br/>
<input type='text' name='C_Name' id='C_Name' maxlength="50" /><br/>
<label for='C_County' >City: </label><br/>
<input type='text' name='C_County' id='C_County' maxlength="50" /><br/>
<label for='Job_Type' >Job Type: </label><br/>
<input type='text' name='Job_Type' id='Job_Type' maxlength="50" /><br/>
</div>

<div class='container'>
<input type='submit' name='Submit' value='Search' />
</div>
</fieldset>
</form>

Here is the PHP script it links too in the action:

<?php

     $mysqli_link = mysqli_connect("server", "database", "pass", "user");
    // Check connection
    if (mysqli_connect_errno()) {
      echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }

    if(isset($_POST['submit'])) {
    // define the list of fields
     $fields = array('C_Name', 'C_County', 'Job_Type');
    $conditions = array();


// loop through the defined fields
foreach($fields as $field){
    // if the field is set and not empty
    if(isset($_POST[$field]) && $_POST[$field] != '') {
        // create a new condition while escaping the value inputed by the user (SQL Injection)
        $conditions[] = "'$field' LIKE '%" . mysqli_real_escape_string($mysqli_link, $_POST[$field]) . "%'";
}
}

// builds the query
$query = "SELECT C_Name, C_StreetNumber, C_StreetName, C_Postcode, C_County, C_Tele, C_Website, Contact_Forename, Contact_Surname, Contact_Email, Jobs.Job_Type, Jobs.Job_Price FROM Company INNER JOIN Jobs ON Company.Company_ID = Jobs.Company_ID";
// if there are conditions defined
if(count($conditions) > 0) {
    // append the conditions
    $query .= " WHERE " . implode (' AND ', $conditions); // you can change to 'OR', but I suggest to apply the filters cumulative
}

$result = mysqli_query($mysqli_link, $query) or die(mysql_error());

mysqli_close($mysqli_link);


    if(isset($_POST['submit'])) {
        while($row = mysqli_fetch_assoc($result)) {
        $C_Name = $row['C_Name'];
        $C_StreetNumber = $row['C_StreetNumber'];
        $C_StreetName = $row['C_StreetName'];
        $C_Postcode = $row['C_Postcode'];
        $C_County = $row['C_County'];
        $C_Tele = $row['C_Tele'];
        $C_Website = $row['C_Website'];
        $Contact_Forename = $row['Contact_Forename'];
        $Contact_Surname = $row['Contact_Surname'];
        $Contact_Email = $row['Contact_Email'];
        $Job_Type = $row['Job_Type'];
        $Job_Price = $row['Job_Price'];

echo "<b>Name: $C_Name</b><br>Street Number: $C_StreetNumber<br>Street Name: $C_StreetName<br>Postcode: $C_Postcode<br>County: $C_County<br>Telephone: $C_Tele<br>Website: $C_Website<br>Contact Name: $Contact_Forename $Contact_Surname<br>Email: $Contact_Email<br>Job Type: $Job_Type<br>Job Price: $Job_Price<hr><br>";
        }
    }   
}

?>

For some reason it is returning that there is "

unexpected end of file

" however I've checked the code and all the codes is closed off correctly (from what I can see) when I add another '}' in at the end the script doesn't return anything at all. Anyone know why this would be happening?

Source: Search MySQL Database with Multiple Fields in a Form

Improve this question

2 Answers 2

Reset to default
1

Because you forget to close 

if(isset($_POST['submit'])) {// you not close the condition

At the end of your file

Just add } at end of your file

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

didnt spot that, dont know why. however now when it runs it produces all the results which would be listed in the query, rather than the specific ones i would like it to show.. any ideas?
0

Fixed:

if(isset($_POST['submit'])) {
// define the list of fields
    $fields = array('C_Name', 'C_City', 'Job_Type', 'Review_Rate');
    $conditions = array();
    }

// builds the query
$query = "SELECT Company.C_Name, Company.C_StreetNumber, C_StreetName, C_Postcode, C_City, C_County, C_Tele, C_Website, Contact_Forename, Contact_Surname, Contact_Email, Job_Type, Job_Price, Review_Rate, Review_Comment
FROM Company
INNER JOIN Jobs ON Company.Company_ID = Jobs.Company_ID
INNER JOIN Review ON Jobs.Job_ID = Review.Job_ID";


// loop through the defined fields
foreach($fields as $field){
    // if the field is set and not empty
    if(isset($_POST[$field]) && !empty($_POST[$field])) {
        // create a new condition while escaping the value inputed by the user (SQL Injection)
        $conditions[] = "$field LIKE '%" . mysqli_real_escape_string($mysqli_link, $_POST[$field]) . "%'";
        }
    }


// if there are conditions defined
if(count($conditions) > 0) {
    // append the conditions
    $query .= " WHERE " . implode (' AND ', $conditions); // you can change to 'OR', but I suggest to apply the filters cumulative
}

echo "$query";

$result = mysqli_query($mysqli_link, $query);


mysqli_close($mysqli_link);

    if(isset($_POST['submit'])) {
        while($row = mysqli_fetch_array($result)) {
        $C_Name = $row['C_Name'];
        $C_StreetNumber = $row['C_StreetNumber'];
        $C_StreetName = $row['C_StreetName'];
        $C_Postcode = $row['C_Postcode'];
    $C_City = $row['C_City'];
        $C_County = $row['C_County'];
        $C_Tele = $row['C_Tele'];
        $C_Website = $row['C_Website'];
        $Contact_Forename = $row['Contact_Forename'];
        $Contact_Surname = $row['Contact_Surname'];
        $Contact_Email = $row['Contact_Email'];
        $Job_Type = $row['Job_Type'];
        $Job_Price = $row['Job_Price'];
    $Rating = $row['Review_Rate'];
    $Comment = $row['Review_Comment'];

echo "<b>Name: $C_Name</b><br>Street Number: $C_StreetNumber<br>Street Name: $C_StreetName<br>City: $C_City<br>Postcode: $C_Postcode<br>County:     $C_County<br>Telephone: $C_Tele<br>Website: $C_Website<br>Contact Name: $Contact_Forename $Contact_Surname<br>Email:    $Contact_Email<br>Job Type: $Job_Type<br>Job Price: $Job_Price<br>Rating: $Rating<br>Comment: $Comment<hr><br>";
        }
    }   



?>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.