jbwebdesign Posted November 23, 2009 Report Posted November 23, 2009 Hello, I am trying to write a script that uses $_GET, to be able to connect to my database and pull the records WHERE the Student_name Field is LIKE the variable i have but i am not sure what I am doing wrong..... I want to know how i would be able to address it by the URL, for instance: student.php?field=Student_name&s=john here is my code: <?php $field = 'Student_name'; $s = $_GET['s']; mysql_connect('localhost','bcheight_mbdc','frog123'); mysql_select_db('bcheight_mbdc'); $result = mysql_query("SELECT * FROM after_school_services WHERE '$field' = '$s'"); $my_rows; while($row = mysql_fetch_array($result,MYSQL_ASSOC)){ $my_rows = $my_rows . ' ' . $row['Student_name'] . ' Student Id: ' . $row['ff_id'] . 'Student Name: ' . $row['Student_name'] . ' D.O.B.: ' . $row['dob'] . ' Sex: ' . $row['Sex'] . ' Grade: ' . $row['grade'] . ' Class Room: ' . $row['class_room'] . ' Teacher: ' . $row['teacher'] . ' Parent\'s Name: ' . $row['Parent_name'] . ' Language: ' . $row['language'] . ' Home Number: ' . $row['home_num'] . ' Work Number: ' . $row['work_num'] . ' Cell number: ' . $row['cell_num'] . ' Email: ' . $row['email'] . ' Address: ' . $row['address'] . ' Apt: ' . $row['apt'] . ' City: ' . $row['city'] . ' Zip: ' . $row['zip'] . ' Emergency Name: ' . $row['emergency_name'] . ' Emergency Number: ' . $row['emergency_contact_number'] . ' '; } echo $my_rows; ?> Quote
BeeDev Posted November 24, 2009 Report Posted November 24, 2009 $field should not have quotes around it as it's a fieldname $result = mysql_query("SELECT * FROM after_school_services WHERE $field = '$s';"); if you want to bring out results that have the specified name anywhere in the string you need the LIKE clause with '%' wildcard symbol: $result = mysql_query("SELECT * FROM after_school_services WHERE $field LIKE '%$s%';"); If you input s=john then the above will bring out result that contain john anywhere in the string, for example: Longjohn, John Doe, Steve Johnson etc If you wish the specified name to be always the start of the string then you need to put the wildcard at the end of $s: $result = mysql_query("SELECT * FROM after_school_services WHERE $field LIKE '$s%';"); Quote
jbwebdesign Posted November 24, 2009 Author Report Posted November 24, 2009 thanks soo much for the info. it worked perfectly Quote
cornetofreak Posted November 25, 2009 Report Posted November 25, 2009 The least i could do was secure it and neaten it up for you.. hate to see code like this... <?php mysql_connect('localhost','bcheight_mbdc','frog123'); mysql_select_db('bcheight_mbdc'); $s = mysql_real_escape_string($_GET['s']); $result = mysql_query(sprintf("SELECT * FROM after_school_services WHERE Student_name = '%%%s%%'",$s)); $Data = ""; while($row = mysql_fetch_assoc($result)){ $Data .= sprintf( '%s Student Id: %s Student Name: %s D.O.B.: %s Sex: %s Grade: %s Class Room: %s Teacher: %s Parent\'s Name: %s Language: %s Home Number: %s Work Number: %s Cell number: %s Email: %s Address: %s Apt: %s City: %s Zip: %s Emergency Name: %s Emergency Number: %s ', $row['Student_name'],$row['ff_id'],$row['ff_id'],$row['Student_name'],$row['dob'],$row['Sex'], $row['grade'],$row['class_room'],$row['teacher'],$row['Parent_name'],$row['language'], $row['home_num'],$row['work_num'],$row['cell_num'],$row['email'],$row['address'],$row['apt'], $row['city'],$row['zip'],$row['emergency_name'],$row['emergency_contact_number'] ); } echo $Data; ?> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.