Hi, Good day! I created a search box and my problem is when I type Employee ID the auto list displayed is Employee Name, I need to display on the list is based on what I type. I don't know if it is possible that in one search box I can search Employee name then the list of names will display, when I type Employee ID, employee id list will display. same with Passport no and res id. Now, when I type Employee Id or Passport No or res id and employee name. the displayed list is employee name. this is my code: <script type="text/javascript" src="js/jquery.js"></script> <script type='text/javascript' src='js/jquery.autocomplete.js'></script> <link rel="stylesheet" type="text/css" href="js/jquery.autocomplete.css" /> <script type="text/javascript"> //----auto complete emp no--// $().ready(function() { $("#search_data").autocomplete("get_emp_info.php", { width: 237, minLength: 3,//search after three characters matchContains: true, mustMatch: true, selectFirst: false }); }); </script> <table> <tr> <td style="border: none;color:#80600a;font-weight:bold;">Search:</td> <td><input type="text" name="search_data" id="search_data" value="" size="35" autofocus></td> </tr> </table> Code (markup): <?php ob_start(); include('includes/connection.php'); $q = strtolower($_GET["q"]); if ($q == '') { header("HTTP/1.0 404 Not Found", true, 404); } //else (!$q) return; else{ $sql = "SELECT pe.employee_no, pe.employee_name, pe.passport_no, gov.res_id FROM tbl_personal_info AS pe JOIN tbl_public_info AS pu ON (pe.employee_no = pu.employee_no) JOIN tbl_e_government_info AS gov ON (pu.employee_no = gov.employee_no) WHERE pe.employee_no LIKE '%".$q."%' OR pe.employee_name LIKE '%".$q."%' OR pe.passport_no LIKE '%".$q."%' OR gov.res_id LIKE '%".$q."%'"; $result = $conn->query($sql); if ($result->num_rows > 0) { // output data of each row while($row = $result->fetch_assoc()) { $pid = $row["employee_no"]; $employee_name = $row["employee_name"]; $passport_no = $row["passport_no"]; $res_id = $row["res_id"]; echo "$employee_name|$pid|$passport_no|$res_id\n"; } } else { echo "0 results"; } $conn->close(); } ?> Code (markup):
Well, the script is horribly insecure, as you're pasting user-input (the searchquery variable) directly into the SQL-query. VERY bad practice. Also, the code for the search-box is horrible, and shold be fixed. However, the result shown should match - since you don't provide any info about how the autocomplete-javascript function works, there's no way for us to know how the echoed result is interpreted. It looks a bit weird that it should return results with a | as limiter, but that might be some weird hack by the writer of the script. I'd return JSON, and decode it on the receiving end, but to each his own.
What @PoPSiCLe said -- + over 9000. What makes labels and inputs a table? Where even IS your label? (You do know there's a tag for that, right?) ... and assuming $conn is either a PDO or mysqli object, you should be using prepared queries, not blindly pasting values into it and using the ->query method. As to isolating different values, a separate select to say what is being searched for might be in order -- you could also do some form of prefix; a single letter or symbol to say what's being looked for -- not very intuitive, but also very powerful.
I am using mysqli Sir. I'm not familiar with json decode. my jquery function works like this: when I type on the search box he will gets the list data suggested on the database. I think the reason why even I type employee no the employee name still appear: echo "$employee_name|$pid|$passport_no|$res_id\n"; because the first echo is the employeename.
What is this Sir? Thank you. All I need is a search box where I can search anything from database like google.
This is an example of a SQL injection, which your code looks vulnerable to. You should definitely check this out before you publish the code because it's very insecure and someone could delete your database. https://www.owasp.org/index.php/SQL_Injection