DIY-Forum Posted March 1, 2015 Share Posted March 1, 2015 (edited) Hello everyone, I did try to search alot for an answer on this one, but I could not find it anywhere. I'm trying to have a simple search feature for my site, but I keep getting a blank page when doing a search containing multiplie words "like this" Tried to work it out with a str_replace but did not do the trick, have done this before, and it does work when just outputing the val as an echo instead of a query, so I'm blank now and appreciate any help! //function for replacing empty space with % function moreWords($val){$val = str_replace(" ","%", $val);return $val;} //Query$getCategoriesResults = mysql_query("SELECT * FROM `database`.`forumCategories` WHERE description LIKE '%".moreWords($_GET['search'])."%'"); Edited March 1, 2015 by DIY-Forum Link to comment Share on other sites More sharing options...
Ingolme Posted March 1, 2015 Share Posted March 1, 2015 For each word you have to add a new condition to the query. SELECT * FROM `database`.`forumCategories`WHERE description LIKE '%keyword1%' AND description LIKE '%keyword2%' AND description LIKE '%keyword3%' The mysql extension of PHP is deprecated for security reasons, the warnings in the PHP manual are clear: WarningThis extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include: [*]mysqli_query()[*]PDO::query() Link to comment Share on other sites More sharing options...
DIY-Forum Posted March 1, 2015 Author Share Posted March 1, 2015 For each word you have to add a new condition to the query. Okey! Thanks Would the easiest way to do that be putting the words in an array and do a for each? Kris Link to comment Share on other sites More sharing options...
Ingolme Posted March 1, 2015 Share Posted March 1, 2015 You could construct the query using a loop. Be very sure that you don't allow any way for people to hack your database using SQL injection. 1 Link to comment Share on other sites More sharing options...
DIY-Forum Posted March 1, 2015 Author Share Posted March 1, 2015 You could construct the query using a loop. Be very sure that you don't allow any way for people to hack your database using SQL injection. Ok, then I'll do that! Thank you very much for your quick response I only know of the escape string, and I've heard some people use strip and add slashes, but don't know if I need to do that with esacpe string? do you have any tips? Link to comment Share on other sites More sharing options...
Ingolme Posted March 1, 2015 Share Posted March 1, 2015 Since you're constructing the query dynamically you can only use mysqli_real_escape_string(), but normally you would use a prepared statement. addslashes() and stripslashes() are not safe. Link to comment Share on other sites More sharing options...
Don E Posted March 1, 2015 Share Posted March 1, 2015 Hello, Are you looking to search for when a user enters something like for instance: "Henry Ford" or "w3schools tutorials PHP"? If so, in addition to what Foxy Mod advised, you can use MATCH() AGAINST(). See these links for further info: http://dev.mysql.com/doc/refman/5.5/en/fulltext-search.html http://stackoverflow.com/questions/792875/which-sql-query-is-better-match-against-or-like 1 Link to comment Share on other sites More sharing options...
DIY-Forum Posted March 1, 2015 Author Share Posted March 1, 2015 Since you're constructing the query dynamically you can only use mysqli_real_escape_string(), but normally you would use a prepared statement. addslashes() and stripslashes() are not safe. Nice. then I got that right Thanks Link to comment Share on other sites More sharing options...
DIY-Forum Posted March 1, 2015 Author Share Posted March 1, 2015 Hello, Are you looking to search for when a user enters something like for instance: "Henry Ford" or "w3schools tutorials PHP"? If so, in addition to what Foxy Mod advised, you can use MATCH() AGAINST(). See these links for further info: http://dev.mysql.com/doc/refman/5.5/en/fulltext-search.html http://stackoverflow.com/questions/792875/which-sql-query-is-better-match-against-or-like Yes i am, very nice! Thanks Link to comment Share on other sites More sharing options...
DIY-Forum Posted March 1, 2015 Author Share Posted March 1, 2015 Hello again, I have another question; when I enter the % manually, then it works, why is that? Like, when I enter solar%panel it finds solar panel, but when i enter solarpanel it dont? why is a manually "wildcard" solar%panel readable but a function inputing solar%panel not readable? :s function moreWords($val){$val = str_replace(" ","%", $val);echo $val;}morewords("solar panel"); will output solar%panel, and should return the same value when sent as a string through the return $val i use? but it don't.. I really find it tempting to ask users to enter a % when searching with multiplie words.. though people might find that as an unpleasant user experience? Link to comment Share on other sites More sharing options...
DIY-Forum Posted March 1, 2015 Author Share Posted March 1, 2015 Hello again, I have another question; when I enter the % manually, then it works, why is that? Like, when I enter solar%panel it finds solar panel, but when i enter solarpanel it dont? why is a manually "wildcard" solar%panel readable but a function inputing solar%panel not readable? :s function moreWords($val){$val = str_replace(" ","%", $val);echo $val;}morewords("solar panel"); will output solar%panel, and should return the same value when sent as a string through the return $val i use? but it don't.. I really find it tempting to ask users to enter a % when searching with multiplie words.. though people might find that as an unpleasant user experience? maybe i'll actually just use javascript or something to automaticly replace space with % in the textfield.. Link to comment Share on other sites More sharing options...
DIY-Forum Posted March 2, 2015 Author Share Posted March 2, 2015 (edited) Solved it with javascript replace on the textfield for search, onkeyup="this.value=this.value.replace(/s/g,'%')" Edit; This presented a whole lot of new bugs.. Well, I'll do it as you guys said in the beginning, with a loop Edited March 2, 2015 by DIY-Forum Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now