aleyva77 Posted July 16, 2015 Share Posted July 16, 2015 I am trying to make a result page so I can get some information from the database by using php coding. I need it to be able to find a patient name and date of service. Which will be if I type in (Search:) Joe Doe and add (from:) 02/02/2015 (to:) 02/14/2015. It will find the patient name and all date of service. Here is my code ... I know mysql is not good but it will work for now. <?phpmysql_connect('localhost', 'root', 'no_password');mysql_select_db('timeclock');$results = array();if(isset($_GET['search'])) { $search = $_GET['search_box']; $from = $_GET['from']; // or $from = $_get['from']; $to = $_GET['to']; // or $to = $_get['to']; $sql = mysql_query("SELECT * FROM info WHERE patient_name = '".$search."' AND (date_of_service BETWEEN '".$from."' AND '".$to."')"); while($row = mysql_fetch_assoc($sql)) { $results[] = $row; }}?><!-- form --><form name="search_form" method="GET" action="">Search: <input type="text" name="search_box" value="" />Dates From : <input type="text" name="from" value=""/> To : <input type="text" name="to" value=""/><input type="submit" name="search" value="Look up Patient ..."></form><!-- end --><table width="70%" cellpadding="5" cellspace="5"><tr> <td><strong>Care Provider</strong></td> <td><strong>Patient Name</strong></td> <td><strong>Date of Time</strong></td> <td><strong>Time In</strong></td> <td><strong>Time Out</strong></td> <td><strong>Remarks</strong></td></tr><?php if(!empty($results)): ?><?php foreach($results as $row){ ?><tr> <td><?php echo $row['care_provider']; ?></td> <td><?php echo $row['patient_name']; ?></td> <td><?php echo $row['date_of_service']; ?></td> <td><?php echo $row['time_in']; ?></td> <td><?php echo $row['time_out']; ?></td> <td><?php echo $row['remarks']; ?></td></tr><?php } ?><?php endif; ?></table> 1 Link to comment Share on other sites More sharing options...
Ingolme Posted July 16, 2015 Share Posted July 16, 2015 For MySQL to work, the date needs to be in the format YYYY-MM-DD Your query is open to MySQL injection, you should check the W3Schools.com tutorials to learn about prepared statements: http://www.w3schools.com/php/php_mysql_prepared_statements.asp Link to comment Share on other sites More sharing options...
aleyva77 Posted July 17, 2015 Author Share Posted July 17, 2015 For MySQL to work, the date needs to be in the format YYYY-MM-DD Your query is open to MySQL injection, you should check the W3Schools.com tutorials to learn about prepared statements: http://www.w3schools.com/php/php_mysql_prepared_statements.asp That's so much for the help. I had this working but its been awhile I used this code again. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now