Re: [PHP] Help with a Search Function
Terion wrote:
Hey Everyone, been steaming right along for a couple days but now I'm stuck
on writing a search function, could you all take a look at it and see what
it could be, I will mark the line throwing the error in red, I did try just
commenting out that line and searching for a record by OrderID that I know
is there but it does not return anything , I am trying to search several
tables in one db:
you can add some code to get more error information:
?php
session_start();
error_reporting(E_ALL);
include(inc/dbconn_open.php);
function error_mysql($query) {
die (Error b.mysql_errno().: .mysql_error()./b
brSQL query: b.$query./b);
}
// ...then you can end your last line with this:
$result = mysql_query($sql) or error_mysql($sql);
hope it helps,
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Help with a Search Function
Terion Miller wrote:
Hey Everyone, been steaming right along for a couple days but now I'm stuck
on writing a search function, could you all take a look at it and see what
it could be, I will mark the line throwing the error in red, I did try just
commenting out that line and searching for a record by OrderID that I know
is there but it does not return anything , I am trying to search several
tables in one db:
Code:
First off, and I think I have told you this before, I highly recommend that you
escape your code with mysql_real_escape_string().
I am guessing that you are probably relying on magic_quote_gpc() to do it for
you, but is going to catch up with you some day.
?php
session_start();
include(inc/dbconn_open.php);
if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] 'OK' ){
header (Location: LogOut.php);
}
if (isset($_GET['AdminID']) !empty($_GET['AdminID'])){
$AdminID = $_GET['AdminID'];
} elseif (isset($_POST['AdminID']) !empty($_POST['AdminID'])){
$AdminID = $_POST['AdminID'];
} else {
header (Location: LogOut.php);
}
$query = SELECT SearchWorkOrder FROM admin WHERE AdminID='$AdminID';
$result = mysql_query ($query);
$row = mysql_fetch_object ($result);
if ($row-SearchWorkOrder == NO) {
header (Location:
Welcome.php?AdminID='.$_SESSION[AdminLogin]'msg=Sorry, you do not have
access to that page.);
}
if (isset($_POST['WorkOrderID'])) {$WorkOrderID = $_POST['WorkOrderID'];}
else {$WorkOrderID = '';}
if (isset($_POST['WorkOrderName'])) {$WorkOrderName =
$_POST['WorkOrderName'];} else {$WorkOrderName = '';}
if (isset($_POST['CustomerName'])) {$CustomerName = $_POST['CustomerName'];}
else {$CustomerName = '';}
if (isset($_POST['CustomerEmail'])) {$CustomerEmail =
$_POST['CustomerEmail'];} else {$CustomerEmail = '';}
if (isset($_POST['SalesRep'])) {$SalesRep = $_POST['SalesRep'];} else
{$SalesRep = '';}
if (isset($_POST['SalesRepEmail'])) {$SalesRepEmail =
$_POST['SalesRepEmail'];} else {$SalesRepEmail = '';}
if (isset($_POST['SortBy'])) {$SortBy = $_POST['SortBy'];} else {$SortBy =
'WorkOrderID DESC';}
if (isset($_POST['Page'])) {$Page = $_POST['Page'];} else {$Page = 1;}
$PerPage = 30;
$StartPage = ($Page - 1) * $PerPage;
$OrderID = '';
// All Orders
$sql = SELECT WorkOrderID FROM workorders WHERE WorkOrderID '' ;
if (!empty($WorkOrderName)) {
$sql .= AND Advertiser LIKE '%. $WorkOrderName .%' ;
}
if (!empty($WorkOrderID)) {
$sql .= AND WorkOrderID LIKE '%. $WorkOrderID .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
// Work Orders
if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep)
|| !empty($SalesRepEmail)) {
$sql = SELECT WorkOrderID FROM workorderform WHERE WorkOrderID''
;
if (!empty($CustomerName)) {
$sql .= AND Advertiser LIKE '%. $CustomerName .%' ;
}
if (!empty($CustomerEmail)) {
$sql .= AND AdContactEmail LIKE '%. $CustomerEmail .%' ;
}
if (!empty($SalesRep)) {
$sql .= AND Salesperson LIKE '%. $SalesRep .%' ;
}
if (!empty($SalesRepEmail)) {
$sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
}
// Homescape Builder Profile
if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep)
|| !empty($SalesRepEmail)) {
$sql = SELECT WorkOrderID FROM hs_builder_profile WHERE
WorkOrderID'' ;
if (!empty($CustomerName)) {
$sql .= AND OrganizationName LIKE '%. $CustomerName .%' ;
}
if (!empty($CustomerEmail)) {
$sql .= AND LeadEmail LIKE '%. $CustomerEmail .%' ;
}
if (!empty($SalesRep)) {
$sql .= AND Salesperson LIKE '%. $SalesRep .%' ;
}
if (!empty($SalesRepEmail)) {
$sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
}
// Homescape Builder Spec Home
if (!empty($CustomerName) || !empty($SalesRep) ||
!empty($SalesRepEmail)) {
$sql = SELECT WorkOrderID FROM hs_spec_home WHERE WorkOrderID''
;
if (!empty($CustomerName)) {
$sql .= AND CommunityName LIKE '%. $CustomerName .%' ;
}
if (!empty($SalesRep)) {
$sql .= AND Salesperson LIKE '%. $SalesRep .%' ;
}
if (!empty($SalesRepEmail)) {
$sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ;
}
[PHP] Help with a Search Function
Hey Everyone, been steaming right along for a couple days but now I'm stuck
on writing a search function, could you all take a look at it and see what
it could be, I will mark the line throwing the error in red, I did try just
commenting out that line and searching for a record by OrderID that I know
is there but it does not return anything , I am trying to search several
tables in one db:
Code:
?php
session_start();
include(inc/dbconn_open.php);
if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] 'OK' ){
header (Location: LogOut.php);
}
if (isset($_GET['AdminID']) !empty($_GET['AdminID'])){
$AdminID = $_GET['AdminID'];
} elseif (isset($_POST['AdminID']) !empty($_POST['AdminID'])){
$AdminID = $_POST['AdminID'];
} else {
header (Location: LogOut.php);
}
$query = SELECT SearchWorkOrder FROM admin WHERE AdminID='$AdminID';
$result = mysql_query ($query);
$row = mysql_fetch_object ($result);
if ($row-SearchWorkOrder == NO) {
header (Location:
Welcome.php?AdminID='.$_SESSION[AdminLogin]'msg=Sorry, you do not have
access to that page.);
}
if (isset($_POST['WorkOrderID'])) {$WorkOrderID = $_POST['WorkOrderID'];}
else {$WorkOrderID = '';}
if (isset($_POST['WorkOrderName'])) {$WorkOrderName =
$_POST['WorkOrderName'];} else {$WorkOrderName = '';}
if (isset($_POST['CustomerName'])) {$CustomerName = $_POST['CustomerName'];}
else {$CustomerName = '';}
if (isset($_POST['CustomerEmail'])) {$CustomerEmail =
$_POST['CustomerEmail'];} else {$CustomerEmail = '';}
if (isset($_POST['SalesRep'])) {$SalesRep = $_POST['SalesRep'];} else
{$SalesRep = '';}
if (isset($_POST['SalesRepEmail'])) {$SalesRepEmail =
$_POST['SalesRepEmail'];} else {$SalesRepEmail = '';}
if (isset($_POST['SortBy'])) {$SortBy = $_POST['SortBy'];} else {$SortBy =
'WorkOrderID DESC';}
if (isset($_POST['Page'])) {$Page = $_POST['Page'];} else {$Page = 1;}
$PerPage = 30;
$StartPage = ($Page - 1) * $PerPage;
$OrderID = '';
// All Orders
$sql = SELECT WorkOrderID FROM workorders WHERE WorkOrderID '' ;
if (!empty($WorkOrderName)) {
$sql .= AND Advertiser LIKE '%. $WorkOrderName .%' ;
}
if (!empty($WorkOrderID)) {
$sql .= AND WorkOrderID LIKE '%. $WorkOrderID .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
// Work Orders
if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep)
|| !empty($SalesRepEmail)) {
$sql = SELECT WorkOrderID FROM workorderform WHERE WorkOrderID''
;
if (!empty($CustomerName)) {
$sql .= AND Advertiser LIKE '%. $CustomerName .%' ;
}
if (!empty($CustomerEmail)) {
$sql .= AND AdContactEmail LIKE '%. $CustomerEmail .%' ;
}
if (!empty($SalesRep)) {
$sql .= AND Salesperson LIKE '%. $SalesRep .%' ;
}
if (!empty($SalesRepEmail)) {
$sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
}
// Homescape Builder Profile
if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep)
|| !empty($SalesRepEmail)) {
$sql = SELECT WorkOrderID FROM hs_builder_profile WHERE
WorkOrderID'' ;
if (!empty($CustomerName)) {
$sql .= AND OrganizationName LIKE '%. $CustomerName .%' ;
}
if (!empty($CustomerEmail)) {
$sql .= AND LeadEmail LIKE '%. $CustomerEmail .%' ;
}
if (!empty($SalesRep)) {
$sql .= AND Salesperson LIKE '%. $SalesRep .%' ;
}
if (!empty($SalesRepEmail)) {
$sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
}
// Homescape Builder Spec Home
if (!empty($CustomerName) || !empty($SalesRep) ||
!empty($SalesRepEmail)) {
$sql = SELECT WorkOrderID FROM hs_spec_home WHERE WorkOrderID''
;
if (!empty($CustomerName)) {
$sql .= AND CommunityName LIKE '%. $CustomerName .%' ;
}
if (!empty($SalesRep)) {
$sql .= AND Salesperson LIKE '%. $SalesRep .%' ;
}
if (!empty($SalesRepEmail)) {
$sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
}
// Planet Discover Coupon
if (!empty($CustomerName) || !empty($SalesRep) ||
!empty($SalesRepEmail)) {
$sql = SELECT WorkOrderID FROM pd_coupon WHERE WorkOrderID'' ;
if (!empty($CustomerName)) {
$sql .= AND BusinessName LIKE '%.
Re: [PHP] Help with a Search Function
On Tue, 2008-12-23 at 16:14 -0600, Terion Miller wrote:
Hey Everyone, been steaming right along for a couple days but now I'm stuck
on writing a search function, could you all take a look at it and see what
it could be, I will mark the line throwing the error in red, I did try just
commenting out that line and searching for a record by OrderID that I know
is there but it does not return anything , I am trying to search several
tables in one db:
Code:
?php
session_start();
include(inc/dbconn_open.php);
if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] 'OK' ){
header (Location: LogOut.php);
}
if (isset($_GET['AdminID']) !empty($_GET['AdminID'])){
$AdminID = $_GET['AdminID'];
} elseif (isset($_POST['AdminID']) !empty($_POST['AdminID'])){
$AdminID = $_POST['AdminID'];
} else {
header (Location: LogOut.php);
}
$query = SELECT SearchWorkOrder FROM admin WHERE AdminID='$AdminID';
$result = mysql_query ($query);
$row = mysql_fetch_object ($result);
if ($row-SearchWorkOrder == NO) {
header (Location:
Welcome.php?AdminID='.$_SESSION[AdminLogin]'msg=Sorry, you do not have
access to that page.);
}
if (isset($_POST['WorkOrderID'])) {$WorkOrderID = $_POST['WorkOrderID'];}
else {$WorkOrderID = '';}
if (isset($_POST['WorkOrderName'])) {$WorkOrderName =
$_POST['WorkOrderName'];} else {$WorkOrderName = '';}
if (isset($_POST['CustomerName'])) {$CustomerName = $_POST['CustomerName'];}
else {$CustomerName = '';}
if (isset($_POST['CustomerEmail'])) {$CustomerEmail =
$_POST['CustomerEmail'];} else {$CustomerEmail = '';}
if (isset($_POST['SalesRep'])) {$SalesRep = $_POST['SalesRep'];} else
{$SalesRep = '';}
if (isset($_POST['SalesRepEmail'])) {$SalesRepEmail =
$_POST['SalesRepEmail'];} else {$SalesRepEmail = '';}
if (isset($_POST['SortBy'])) {$SortBy = $_POST['SortBy'];} else {$SortBy =
'WorkOrderID DESC';}
if (isset($_POST['Page'])) {$Page = $_POST['Page'];} else {$Page = 1;}
$PerPage = 30;
$StartPage = ($Page - 1) * $PerPage;
$OrderID = '';
// All Orders
$sql = SELECT WorkOrderID FROM workorders WHERE WorkOrderID '' ;
if (!empty($WorkOrderName)) {
$sql .= AND Advertiser LIKE '%. $WorkOrderName .%' ;
}
if (!empty($WorkOrderID)) {
$sql .= AND WorkOrderID LIKE '%. $WorkOrderID .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
// Work Orders
if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep)
|| !empty($SalesRepEmail)) {
$sql = SELECT WorkOrderID FROM workorderform WHERE WorkOrderID''
;
if (!empty($CustomerName)) {
$sql .= AND Advertiser LIKE '%. $CustomerName .%' ;
}
if (!empty($CustomerEmail)) {
$sql .= AND AdContactEmail LIKE '%. $CustomerEmail .%' ;
}
if (!empty($SalesRep)) {
$sql .= AND Salesperson LIKE '%. $SalesRep .%' ;
}
if (!empty($SalesRepEmail)) {
$sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
}
// Homescape Builder Profile
if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep)
|| !empty($SalesRepEmail)) {
$sql = SELECT WorkOrderID FROM hs_builder_profile WHERE
WorkOrderID'' ;
if (!empty($CustomerName)) {
$sql .= AND OrganizationName LIKE '%. $CustomerName .%' ;
}
if (!empty($CustomerEmail)) {
$sql .= AND LeadEmail LIKE '%. $CustomerEmail .%' ;
}
if (!empty($SalesRep)) {
$sql .= AND Salesperson LIKE '%. $SalesRep .%' ;
}
if (!empty($SalesRepEmail)) {
$sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
}
// Homescape Builder Spec Home
if (!empty($CustomerName) || !empty($SalesRep) ||
!empty($SalesRepEmail)) {
$sql = SELECT WorkOrderID FROM hs_spec_home WHERE WorkOrderID''
;
if (!empty($CustomerName)) {
$sql .= AND CommunityName LIKE '%. $CustomerName .%' ;
}
if (!empty($SalesRep)) {
$sql .= AND Salesperson LIKE '%. $SalesRep .%' ;
}
if (!empty($SalesRepEmail)) {
$sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ;
}
$result = mysql_query ($sql);
while ($row = mysql_fetch_object ($result)) {
$OrderID = $OrderID ., . $row-WorkOrderID;
}
}
// Planet Discover Coupon
if (!empty($CustomerName) ||
