Jump to content

Searching for multiplie words in sql


DIY-Forum

Recommended Posts

Hello everyone, I did try to search alot for an answer on this one, but I could not find it anywhere.

 

I'm trying to have a simple search feature for my site, but I keep getting a blank page when doing a search containing multiplie words "like this"

 

Tried to work it out with a str_replace but did not do the trick, have done this before, and it does work when just outputing the val as an echo instead of a query, so I'm blank now and appreciate any help! :)

 

//function for replacing empty space with % function moreWords($val){$val = str_replace(" ","%", $val);return $val;}
//Query$getCategoriesResults = mysql_query("SELECT * FROM `database`.`forumCategories` WHERE description LIKE '%".moreWords($_GET['search'])."%'");
Edited by DIY-Forum
Link to comment
Share on other sites

For each word you have to add a new condition to the query.

SELECT * FROM `database`.`forumCategories`WHERE description LIKE '%keyword1%'  AND description LIKE '%keyword2%'  AND description LIKE '%keyword3%'

The mysql extension of PHP is deprecated for security reasons, the warnings in the PHP manual are clear:

 

Warning

This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:

Link to comment
Share on other sites

For each word you have to add a new condition to the query.

Okey! Thanks :)

 

Would the easiest way to do that be putting the words in an array and do a for each?

 

Kris

Link to comment
Share on other sites

You could construct the query using a loop. Be very sure that you don't allow any way for people to hack your database using SQL injection.

  • Like 1
Link to comment
Share on other sites

You could construct the query using a loop. Be very sure that you don't allow any way for people to hack your database using SQL injection.

 

Ok, then I'll do that! Thank you very much for your quick response :)

 

I only know of the escape string, and I've heard some people use strip and add slashes, but don't know if I need to do that with esacpe string? do you have any tips?

Link to comment
Share on other sites

Hello,

 

Are you looking to search for when a user enters something like for instance: "Henry Ford" or "w3schools tutorials PHP"? If so, in addition to what Foxy Mod advised, you can use MATCH() AGAINST(). See these links for further info: http://dev.mysql.com/doc/refman/5.5/en/fulltext-search.html http://stackoverflow.com/questions/792875/which-sql-query-is-better-match-against-or-like

  • Like 1
Link to comment
Share on other sites

Since you're constructing the query dynamically you can only use mysqli_real_escape_string(), but normally you would use a prepared statement.

 

addslashes() and stripslashes() are not safe.

 

Nice. then I got that right :) Thanks

Link to comment
Share on other sites

Hello,

 

Are you looking to search for when a user enters something like for instance: "Henry Ford" or "w3schools tutorials PHP"? If so, in addition to what Foxy Mod advised, you can use MATCH() AGAINST(). See these links for further info: http://dev.mysql.com/doc/refman/5.5/en/fulltext-search.html http://stackoverflow.com/questions/792875/which-sql-query-is-better-match-against-or-like

 

Yes i am, very nice! :) Thanks :)

Link to comment
Share on other sites

Hello again,

 

I have another question; when I enter the % manually, then it works, why is that?

 

Like, when I enter solar%panel it finds solar panel, but when i enter solarpanel it dont? why is a manually "wildcard" solar%panel readable but a function inputing solar%panel not readable? :s

 function moreWords($val){$val = str_replace(" ","%", $val);echo $val;}morewords("solar panel");

will output solar%panel, and should return the same value when sent as a string through the return $val i use?

but it don't.. I really find it tempting to ask users to enter a % when searching with multiplie words.. though people might find that as an unpleasant user experience?

Link to comment
Share on other sites

Hello again,

 

I have another question; when I enter the % manually, then it works, why is that?

 

Like, when I enter solar%panel it finds solar panel, but when i enter solarpanel it dont? why is a manually "wildcard" solar%panel readable but a function inputing solar%panel not readable? :s

 function moreWords($val){$val = str_replace(" ","%", $val);echo $val;}morewords("solar panel");

will output solar%panel, and should return the same value when sent as a string through the return $val i use?

but it don't.. I really find it tempting to ask users to enter a % when searching with multiplie words.. though people might find that as an unpleasant user experience?

 

maybe i'll actually just use javascript or something to automaticly replace space with % in the textfield..

Link to comment
Share on other sites

Solved it with javascript replace on the textfield for search,

onkeyup="this.value=this.value.replace(/s/g,'%')"

Edit;

 

This presented a whole lot of new bugs.. Well, I'll do it as you guys said in the beginning, with a loop :)

Edited by DIY-Forum
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...