API tools faq
paste
Guest User

Untitled

a guest
Feb 11th, 2019
190
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.71 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $servername = "localhost";
  3. $username = "strips_sl";
  4. $password = "m-EROc6F";
  5. $dbname = "strips_sl";
  6.  
  7. // Create connection
  8. $conn = mysqli_connect($servername, $username, $password, $dbname);
  9. if (!$conn) {
  10. die("Connection failed: " . mysqli_connect_error());
  11. }
  12. else {
  13. echo "Connection Successful";
  14. }
  15. mysqli_close($conn);
  16. ?>
  17.  
  18. <?php include "db.php" ?>
  19. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  20. <html xmlns="http://www.w3.org/1999/xhtml">
  21. <head>
  22. <title>Search results</title>
  23. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  24. <link rel="stylesheet" type="text/css" href="style.css"/>
  25. </head>
  26. <body>
  27. <?php
  28. $query = $_GET['query'];
  29. // gets value sent over search form
  30.  
  31. $min_length = 3;
  32. // you can set minimum length of the query if you want
  33.  
  34. if(strlen($query) >= $min_length){ // if query length is more or equal minimum length then
  35.  
  36. $query = htmlspecialchars($query);
  37. // changes characters used in html to their equivalents, for example: < to >
  38.  
  39. $query = mysql_real_escape_string($query);
  40. // makes sure nobody uses SQL injection
  41.  
  42. //$raw_results = mysql_query("SELECT * FROM articles
  43. //WHERE (`title` LIKE '%".$query."%') OR (`text` LIKE '%".$query."%')") or die(mysql_error());
  44.  
  45. $result = mysqli_query(
  46. $con,
  47. "SELECT * FROM articles
  48. WHERE (`ID` LIKE '%".$query."%') OR (`NAME` LIKE '%".$query."%')") or die(mysql_error());
  49.  
  50. // * means that it selects all fields, you can also write: `id`, `title`, `text`
  51. // articles is the name of our table
  52.  
  53. // '%$query%' is what we're looking for, % means anything, for example if $query is Hello
  54. // it will match "hello", "Hello man", "gogohello", if you want exact match use `title`='$query'
  55. // or if you want to match just full word so "gogohello" is out use '% $query %' ...OR ... '$query %' ... OR ... '% $query'
  56.  
  57. if(mysql_num_rows($raw_results) > 0){ // if one or more rows are returned do following
  58.  
  59. while($results = mysql_fetch_array($raw_results)){
  60. // $results = mysql_fetch_array($raw_results) puts data from database into array, while it's valid it does the loop
  61.  
  62. echo "<p><h3>".$results['ID']."</h3>".$results['NAME']."</p>";
  63. // posts results gotten from database(title and text) you can also show id ($results['id'])
  64. }
  65.  
  66. }
  67. else{ // if there is no matching rows do following
  68. echo "No results";
  69. }
  70.  
  71. }
  72. else{ // if query length is less than minimum
  73. echo "Minimum length is ".$min_length;
  74. }
  75. ?>
  76. </body>
  77. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!