November 17th, 2013, 01:06 AM
Match text in table using php
I have created a mysql table and using table values i have created
drop down menu.if we select a value in drop down list,that row in table has to be fetched and displayed in webpage.
$result= mysql_query("SELECT * FROM $table WHERE COUNTRY RLIKE '$cit' OR ADDRESS LIKE '%$cit%' or ADDRESS LIKE '%_$cit' or ADDRESS LIKE '%$cit%' or AUTHORS RLIKE '$cit' or JOURNAL LIKE '$cit' OR PDBID RLIKE '$cit'" ) OR DIE;
this is the script i have used.the results of ADDRESS is not displayed.
please help me to solve this.
thanks and regards,
November 17th, 2013, 08:08 AM
1. Please enclose your code in [ PHP ] tags. See the sticky at the top of this forum that says READ THIS BEFORE POSTING.
2. What you have posted is not a script, it is a single statement showing your query. Based on what you have posted, the reason the results of ADDRESS is not displayed is because you don't output anything. If you are questioning the validity of the query itself then you are in the wrong forum and need to post in the MySQL forum.
There are 10 kinds of people in the world. Those that understand binary and those that don't.
November 17th, 2013, 10:17 AM
A few things here:
If what I've described sounds like a bunch of gobbledygook, I think you should take this a bit more one step at a time.
- You may not be showing the entire script here, but I don't see any kind of validation. Generally speaking, information will come from only the choices in your form, but you shouldn't assume that that's the case. You should always assume the worst-case scenario (that someone is using the names in your form and then calling this script from a different form using invalid values for SQL injection or some other kind of attack.
- If it's a drop-down menu, seems a bit odd to have to do all those LIKE and RLIKE parts of the query. Really, you should be selecting only one value based on one criteria, which is what's selected in the drop-down.
- Please use MySQLi or PDO instead of MySQL statements for queries.
- For MySQL queries, it's a good idea to select individual fields to return instead of using * to return everything.
- You should consider using prepared statements instead of just querying straight on input from the user. Again, you don't know what is in the drop-down value the user is feeding you.
For example, you may want to start with just familiarizing yourself with MySQL queries before combining MySQL with PHP. Then, you may want to read some tutorials on prepared statements and mysqli.