0

Hi i was trying to connect MySQL database to a simple html code given below.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org
/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <title>Untitled Document</title>
</head>

<body>
  <form action="result.php" method="POST">
    S.No :
    <input type="text" name="key">
    <input type="submit" value="Search"> 
  </form>
</body>
</html>

This html code passes the form input "key" to another php file whose code is given below.

<?php

    $serial=$POST['key'];

    if(!$serial){
        echo 'Please go back and enter the correct value';
        exit;
    }

    $db = new mysqli('localhost', 'root', '', 'demo_db', 'tbldem');
    if(mysqli_connect_errno()) {
        echo 'Connection lost.. please try again later !!';
        exit;
    }

    $query = "select * from tbldem where".$serial."like'%".$serial."%'" ;
    $result = $db->query($query);

    $num = $result->num_rows;

    for($i = 0; $i < $num; $i++) {
        $row = $result->fetch_assoc();
        echo"<p>Serial : </p>";
        echo $row['Index'];
        echo"<p>Name : </p>";
        echo $row['Name'];
        echo "<p>Course : </p>";
        echo $row['Course'];
    }

    $result->free();
    $db->close();   

    ?>

Now when I try to pass a value in the form input in the my browser I get a php code as a result instead of the information in the database which was supposed to to be returned while passing the value in form input, which is also given below(the problem). I am trying to make a project which use this feature as a primary tool so please help as soon as possible.

query($query); $num = $result->num_rows;

for($i = 0; $i < $num; $i++) {
$row = result->fetch_assoc(); echo"

Serial : 
"; echo $row['Index']; echo"

Name :
"; echo $row['Name']; echo "

Course : 
"; echo $row['Course']; } $result->free(); $db->close(); ?>
Improve this question
2
  • sounds like your server is not processing php - is php installed, did you check the xampp instructions? Commented Aug 30, 2014 at 3:11
  • There are major issues with your query -> "select * from tbldem where".$serial."like'%".$serial."%'". 1. Open to SQL injection. 2. You are using the same posted value for both the column name and value. 3. There are no spaces between where, $serial, and like so they will all become 1 word -> wherecolumnlike'%column%'. Commented Aug 30, 2014 at 3:38

2 Answers 2

Reset to default
1

I commented some wrong line in the code and i changed them, just follow it.

  <?php

  $serial=$_POST['key']; // change to $_POST['key'];

  if(!$serial){
    echo 'Please go back and enter the correct value';
    exit;
  }

  $db = mysqli_connect('localhost','user_name','pass','demo_db'); // dont select your table in this line 

  mysqli_select_db($con,"tbldem"); // select your table here

  if(mysqli_connect_errno()){
    echo 'Connection lost.. please try again later !!';
    exit;
  }


  $query = "select * from tbldem where serial LIKE '%$serial%';" ; // change $serial to serial like this line
  $result = $db->query($query);

  $num = $result->num_rows;

  for($i=0;$i<$num;$i++){
    $row = $result->fetch_assoc();
    echo"<p>Serial : </p>";
    echo $row['Index'];
    echo"<p>Name : </p>";
    echo $row['Name'];
    echo "<p>Course : </p>";
    echo $row['Course'];
  }

  $result->free();
  $db->close();   

  ?>
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Nice catch on the incorrect mysqli connection. I'm not to used to seeing OO (object oriented) code. I would give the answer to this but don't forget to look at the links in my answer.
0

The only issue I see right off the top of my head is you wrote $POST['key']; when it should be $_POST['key']; don't forget the underscore. Visit the PHP manual to learn more, it also helps with debugging code.

On another note, for those hopefully learning from this question, it is good to point out that the code you are using to connect to the database is taking advantage of a work around that doesn't technically use the official Object Oriented method. This allows your PHP code to work in PHP versions prior to 5.2.9/5.3.0 when it was fixed. See the PHP manual for some great explanations on that.

Hope this helps.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.