1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

calculate search results

Discussion in 'PHP' started by hendkandeel, Apr 18, 2009.

  1. #1
    I made a code to search and display the results in a table (extracting data from my sql db) how to display number of resulting records?

    here is my code:

    $sel = $HTTP_POST_VARS[sel];

    $Submit = $HTTP_POST_VARS[Submit];
    $textfield=$HTTP_POST_VARS[textfield];
    if ($Submit){

    $sel="select * from lib where lib_name like '%$textfield%' order by lib_name asc";
    $do_sel=mysql_query($sel);
    $c=1;
    while($get_sel=mysql_fetch_array($do_sel)){ ?>


    <tr>
    <td bgcolor="#FFFFCC"><p align="center"><?php echo $get_sel[lib_name];?></td>
    <td bgcolor="#FFFFCC"><p align="center"><?php if($get_sel[lib_add] !== null) { echo $get_sel[lib_add]; }else{ echo "&nbsp;"; }?></p></td>
    <td bgcolor="#FFFFCC"><p align="center"><?php if($get_sel[lib_tel] !== null) { echo $get_sel[lib_tel]; }else{ echo "&nbsp;"; }?></p></td>
    <td bgcolor="#FFFFCC"><p align="center"><?php if($get_sel[lib_fax] !== null) { echo $get_sel[lib_fax]; }else{ echo "&nbsp;"; }?></p></td>
    <td bgcolor="#FFFFCC"><p align="center"><?php if($get_sel[lib_mail] !== null){ echo $get_sel[lib_mail];}else{ echo "&nbsp;"; }?></p></td>


    </tr>
    <?php
    $c++;
    };
    }?>
     
    hendkandeel, Apr 18, 2009 IP
  2. SmallPotatoes

    SmallPotatoes Peon

    Messages:
    1,321
    Likes Received:
    41
    Best Answers:
    0
    Trophy Points:
    0
    #2
    $do_sel=mysql_query($sel);
    $number_of_records = mysql_num_rows($do_sel);
    echo "<p>Number of records: {$number_of_records}</p>";
    Code (markup):
     
    SmallPotatoes, Apr 18, 2009 IP
  3. grikis

    grikis Banned

    Messages:
    333
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    0
    #3
    your code is hackable..
     
    grikis, Apr 19, 2009 IP
  4. hendkandeel

    hendkandeel Peon

    Messages:
    52
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Dear grikis,
    what do you mean by hackable ? why ?
    please tell me
    thanks
     
    hendkandeel, Apr 19, 2009 IP
  5. joep1978

    joep1978 Peon

    Messages:
    30
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #5
    You're not escaping your SQL queries - you need to use addslashes otherwise someone could POST textfield as

    '; DELETE FROM lib;

    and delete everything in your lib table. You want something like:-

    $sel="select * from lib where lib_name like '%".addslashes($textfield)."%' order by lib_name asc";
     
    joep1978, Apr 19, 2009 IP
  6. hendkandeel

    hendkandeel Peon

    Messages:
    52
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #6
    Many thanks to all , helped me

    thanks for solution ,joep1978

    Is that injection ?
     
    hendkandeel, Apr 19, 2009 IP
  7. hasanrosidi

    hasanrosidi Peon

    Messages:
    8
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #7

    although your code is hackkable
    you can count the search result from
    your array result
    ex : $search_count = count($get_sel);
     
    hasanrosidi, Apr 19, 2009 IP
  8. SmallPotatoes

    SmallPotatoes Peon

    Messages:
    1,321
    Likes Received:
    41
    Best Answers:
    0
    Trophy Points:
    0
    #8
    That counts the columns (actually it gives you twice the number of columns, since $get_sel came from mysql_fetch_array()). I am pretty sure he wants to count the rows.
     
    SmallPotatoes, Apr 19, 2009 IP
  9. Delirious_Dreams

    Delirious_Dreams Guest

    Messages:
    8
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #9
    Hmmm I'm not sure about PHPs COUNT function but using "NUM_ROWS" is the easiest way to do it;

    
    $q="select * from sometable";
    $r=mysql_query($q) or die(mysql_error());
    [COLOR="Red"]$numrows=mysql_num_rows($r);[/COLOR]
    
    Code (markup):
     
    Delirious_Dreams, Apr 20, 2009 IP