Re: [PHP] Help with a Search Function
Terion wrote: Hey Everyone, been steaming right along for a couple days but now I'm stuck on writing a search function, could you all take a look at it and see what it could be, I will mark the line throwing the error in red, I did try just commenting out that line and searching for a record by OrderID that I know is there but it does not return anything , I am trying to search several tables in one db: you can add some code to get more error information: ?php session_start(); error_reporting(E_ALL); include(inc/dbconn_open.php); function error_mysql($query) { die (Error b.mysql_errno().: .mysql_error()./b brSQL query: b.$query./b); } // ...then you can end your last line with this: $result = mysql_query($sql) or error_mysql($sql); hope it helps, -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Help with a Search Function
Terion Miller wrote: Hey Everyone, been steaming right along for a couple days but now I'm stuck on writing a search function, could you all take a look at it and see what it could be, I will mark the line throwing the error in red, I did try just commenting out that line and searching for a record by OrderID that I know is there but it does not return anything , I am trying to search several tables in one db: Code: First off, and I think I have told you this before, I highly recommend that you escape your code with mysql_real_escape_string(). I am guessing that you are probably relying on magic_quote_gpc() to do it for you, but is going to catch up with you some day. ?php session_start(); include(inc/dbconn_open.php); if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] 'OK' ){ header (Location: LogOut.php); } if (isset($_GET['AdminID']) !empty($_GET['AdminID'])){ $AdminID = $_GET['AdminID']; } elseif (isset($_POST['AdminID']) !empty($_POST['AdminID'])){ $AdminID = $_POST['AdminID']; } else { header (Location: LogOut.php); } $query = SELECT SearchWorkOrder FROM admin WHERE AdminID='$AdminID'; $result = mysql_query ($query); $row = mysql_fetch_object ($result); if ($row-SearchWorkOrder == NO) { header (Location: Welcome.php?AdminID='.$_SESSION[AdminLogin]'msg=Sorry, you do not have access to that page.); } if (isset($_POST['WorkOrderID'])) {$WorkOrderID = $_POST['WorkOrderID'];} else {$WorkOrderID = '';} if (isset($_POST['WorkOrderName'])) {$WorkOrderName = $_POST['WorkOrderName'];} else {$WorkOrderName = '';} if (isset($_POST['CustomerName'])) {$CustomerName = $_POST['CustomerName'];} else {$CustomerName = '';} if (isset($_POST['CustomerEmail'])) {$CustomerEmail = $_POST['CustomerEmail'];} else {$CustomerEmail = '';} if (isset($_POST['SalesRep'])) {$SalesRep = $_POST['SalesRep'];} else {$SalesRep = '';} if (isset($_POST['SalesRepEmail'])) {$SalesRepEmail = $_POST['SalesRepEmail'];} else {$SalesRepEmail = '';} if (isset($_POST['SortBy'])) {$SortBy = $_POST['SortBy'];} else {$SortBy = 'WorkOrderID DESC';} if (isset($_POST['Page'])) {$Page = $_POST['Page'];} else {$Page = 1;} $PerPage = 30; $StartPage = ($Page - 1) * $PerPage; $OrderID = ''; // All Orders $sql = SELECT WorkOrderID FROM workorders WHERE WorkOrderID '' ; if (!empty($WorkOrderName)) { $sql .= AND Advertiser LIKE '%. $WorkOrderName .%' ; } if (!empty($WorkOrderID)) { $sql .= AND WorkOrderID LIKE '%. $WorkOrderID .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } // Work Orders if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep) || !empty($SalesRepEmail)) { $sql = SELECT WorkOrderID FROM workorderform WHERE WorkOrderID'' ; if (!empty($CustomerName)) { $sql .= AND Advertiser LIKE '%. $CustomerName .%' ; } if (!empty($CustomerEmail)) { $sql .= AND AdContactEmail LIKE '%. $CustomerEmail .%' ; } if (!empty($SalesRep)) { $sql .= AND Salesperson LIKE '%. $SalesRep .%' ; } if (!empty($SalesRepEmail)) { $sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } } // Homescape Builder Profile if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep) || !empty($SalesRepEmail)) { $sql = SELECT WorkOrderID FROM hs_builder_profile WHERE WorkOrderID'' ; if (!empty($CustomerName)) { $sql .= AND OrganizationName LIKE '%. $CustomerName .%' ; } if (!empty($CustomerEmail)) { $sql .= AND LeadEmail LIKE '%. $CustomerEmail .%' ; } if (!empty($SalesRep)) { $sql .= AND Salesperson LIKE '%. $SalesRep .%' ; } if (!empty($SalesRepEmail)) { $sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } } // Homescape Builder Spec Home if (!empty($CustomerName) || !empty($SalesRep) || !empty($SalesRepEmail)) { $sql = SELECT WorkOrderID FROM hs_spec_home WHERE WorkOrderID'' ; if (!empty($CustomerName)) { $sql .= AND CommunityName LIKE '%. $CustomerName .%' ; } if (!empty($SalesRep)) { $sql .= AND Salesperson LIKE '%. $SalesRep .%' ; } if (!empty($SalesRepEmail)) { $sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ; }
[PHP] Help with a Search Function
Hey Everyone, been steaming right along for a couple days but now I'm stuck on writing a search function, could you all take a look at it and see what it could be, I will mark the line throwing the error in red, I did try just commenting out that line and searching for a record by OrderID that I know is there but it does not return anything , I am trying to search several tables in one db: Code: ?php session_start(); include(inc/dbconn_open.php); if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] 'OK' ){ header (Location: LogOut.php); } if (isset($_GET['AdminID']) !empty($_GET['AdminID'])){ $AdminID = $_GET['AdminID']; } elseif (isset($_POST['AdminID']) !empty($_POST['AdminID'])){ $AdminID = $_POST['AdminID']; } else { header (Location: LogOut.php); } $query = SELECT SearchWorkOrder FROM admin WHERE AdminID='$AdminID'; $result = mysql_query ($query); $row = mysql_fetch_object ($result); if ($row-SearchWorkOrder == NO) { header (Location: Welcome.php?AdminID='.$_SESSION[AdminLogin]'msg=Sorry, you do not have access to that page.); } if (isset($_POST['WorkOrderID'])) {$WorkOrderID = $_POST['WorkOrderID'];} else {$WorkOrderID = '';} if (isset($_POST['WorkOrderName'])) {$WorkOrderName = $_POST['WorkOrderName'];} else {$WorkOrderName = '';} if (isset($_POST['CustomerName'])) {$CustomerName = $_POST['CustomerName'];} else {$CustomerName = '';} if (isset($_POST['CustomerEmail'])) {$CustomerEmail = $_POST['CustomerEmail'];} else {$CustomerEmail = '';} if (isset($_POST['SalesRep'])) {$SalesRep = $_POST['SalesRep'];} else {$SalesRep = '';} if (isset($_POST['SalesRepEmail'])) {$SalesRepEmail = $_POST['SalesRepEmail'];} else {$SalesRepEmail = '';} if (isset($_POST['SortBy'])) {$SortBy = $_POST['SortBy'];} else {$SortBy = 'WorkOrderID DESC';} if (isset($_POST['Page'])) {$Page = $_POST['Page'];} else {$Page = 1;} $PerPage = 30; $StartPage = ($Page - 1) * $PerPage; $OrderID = ''; // All Orders $sql = SELECT WorkOrderID FROM workorders WHERE WorkOrderID '' ; if (!empty($WorkOrderName)) { $sql .= AND Advertiser LIKE '%. $WorkOrderName .%' ; } if (!empty($WorkOrderID)) { $sql .= AND WorkOrderID LIKE '%. $WorkOrderID .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } // Work Orders if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep) || !empty($SalesRepEmail)) { $sql = SELECT WorkOrderID FROM workorderform WHERE WorkOrderID'' ; if (!empty($CustomerName)) { $sql .= AND Advertiser LIKE '%. $CustomerName .%' ; } if (!empty($CustomerEmail)) { $sql .= AND AdContactEmail LIKE '%. $CustomerEmail .%' ; } if (!empty($SalesRep)) { $sql .= AND Salesperson LIKE '%. $SalesRep .%' ; } if (!empty($SalesRepEmail)) { $sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } } // Homescape Builder Profile if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep) || !empty($SalesRepEmail)) { $sql = SELECT WorkOrderID FROM hs_builder_profile WHERE WorkOrderID'' ; if (!empty($CustomerName)) { $sql .= AND OrganizationName LIKE '%. $CustomerName .%' ; } if (!empty($CustomerEmail)) { $sql .= AND LeadEmail LIKE '%. $CustomerEmail .%' ; } if (!empty($SalesRep)) { $sql .= AND Salesperson LIKE '%. $SalesRep .%' ; } if (!empty($SalesRepEmail)) { $sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } } // Homescape Builder Spec Home if (!empty($CustomerName) || !empty($SalesRep) || !empty($SalesRepEmail)) { $sql = SELECT WorkOrderID FROM hs_spec_home WHERE WorkOrderID'' ; if (!empty($CustomerName)) { $sql .= AND CommunityName LIKE '%. $CustomerName .%' ; } if (!empty($SalesRep)) { $sql .= AND Salesperson LIKE '%. $SalesRep .%' ; } if (!empty($SalesRepEmail)) { $sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } } // Planet Discover Coupon if (!empty($CustomerName) || !empty($SalesRep) || !empty($SalesRepEmail)) { $sql = SELECT WorkOrderID FROM pd_coupon WHERE WorkOrderID'' ; if (!empty($CustomerName)) { $sql .= AND BusinessName LIKE '%.
Re: [PHP] Help with a Search Function
On Tue, 2008-12-23 at 16:14 -0600, Terion Miller wrote: Hey Everyone, been steaming right along for a couple days but now I'm stuck on writing a search function, could you all take a look at it and see what it could be, I will mark the line throwing the error in red, I did try just commenting out that line and searching for a record by OrderID that I know is there but it does not return anything , I am trying to search several tables in one db: Code: ?php session_start(); include(inc/dbconn_open.php); if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] 'OK' ){ header (Location: LogOut.php); } if (isset($_GET['AdminID']) !empty($_GET['AdminID'])){ $AdminID = $_GET['AdminID']; } elseif (isset($_POST['AdminID']) !empty($_POST['AdminID'])){ $AdminID = $_POST['AdminID']; } else { header (Location: LogOut.php); } $query = SELECT SearchWorkOrder FROM admin WHERE AdminID='$AdminID'; $result = mysql_query ($query); $row = mysql_fetch_object ($result); if ($row-SearchWorkOrder == NO) { header (Location: Welcome.php?AdminID='.$_SESSION[AdminLogin]'msg=Sorry, you do not have access to that page.); } if (isset($_POST['WorkOrderID'])) {$WorkOrderID = $_POST['WorkOrderID'];} else {$WorkOrderID = '';} if (isset($_POST['WorkOrderName'])) {$WorkOrderName = $_POST['WorkOrderName'];} else {$WorkOrderName = '';} if (isset($_POST['CustomerName'])) {$CustomerName = $_POST['CustomerName'];} else {$CustomerName = '';} if (isset($_POST['CustomerEmail'])) {$CustomerEmail = $_POST['CustomerEmail'];} else {$CustomerEmail = '';} if (isset($_POST['SalesRep'])) {$SalesRep = $_POST['SalesRep'];} else {$SalesRep = '';} if (isset($_POST['SalesRepEmail'])) {$SalesRepEmail = $_POST['SalesRepEmail'];} else {$SalesRepEmail = '';} if (isset($_POST['SortBy'])) {$SortBy = $_POST['SortBy'];} else {$SortBy = 'WorkOrderID DESC';} if (isset($_POST['Page'])) {$Page = $_POST['Page'];} else {$Page = 1;} $PerPage = 30; $StartPage = ($Page - 1) * $PerPage; $OrderID = ''; // All Orders $sql = SELECT WorkOrderID FROM workorders WHERE WorkOrderID '' ; if (!empty($WorkOrderName)) { $sql .= AND Advertiser LIKE '%. $WorkOrderName .%' ; } if (!empty($WorkOrderID)) { $sql .= AND WorkOrderID LIKE '%. $WorkOrderID .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } // Work Orders if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep) || !empty($SalesRepEmail)) { $sql = SELECT WorkOrderID FROM workorderform WHERE WorkOrderID'' ; if (!empty($CustomerName)) { $sql .= AND Advertiser LIKE '%. $CustomerName .%' ; } if (!empty($CustomerEmail)) { $sql .= AND AdContactEmail LIKE '%. $CustomerEmail .%' ; } if (!empty($SalesRep)) { $sql .= AND Salesperson LIKE '%. $SalesRep .%' ; } if (!empty($SalesRepEmail)) { $sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } } // Homescape Builder Profile if (!empty($CustomerName) || !empty($CustomerEmail) || !empty($SalesRep) || !empty($SalesRepEmail)) { $sql = SELECT WorkOrderID FROM hs_builder_profile WHERE WorkOrderID'' ; if (!empty($CustomerName)) { $sql .= AND OrganizationName LIKE '%. $CustomerName .%' ; } if (!empty($CustomerEmail)) { $sql .= AND LeadEmail LIKE '%. $CustomerEmail .%' ; } if (!empty($SalesRep)) { $sql .= AND Salesperson LIKE '%. $SalesRep .%' ; } if (!empty($SalesRepEmail)) { $sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } } // Homescape Builder Spec Home if (!empty($CustomerName) || !empty($SalesRep) || !empty($SalesRepEmail)) { $sql = SELECT WorkOrderID FROM hs_spec_home WHERE WorkOrderID'' ; if (!empty($CustomerName)) { $sql .= AND CommunityName LIKE '%. $CustomerName .%' ; } if (!empty($SalesRep)) { $sql .= AND Salesperson LIKE '%. $SalesRep .%' ; } if (!empty($SalesRepEmail)) { $sql .= AND SalespersonEmail LIKE '%. $SalesRepEmail .%' ; } $result = mysql_query ($sql); while ($row = mysql_fetch_object ($result)) { $OrderID = $OrderID ., . $row-WorkOrderID; } } // Planet Discover Coupon if (!empty($CustomerName) ||