3 replies to this topic

[Bioshox]

Hey guy's

Okay I needed someone to direct me with this

I need to piece of code to search multiple fields,

Fullname and Username

For example, if someone enters a full name it will pick it up, but if they only enter the username, it will pick it up the same (Like on Facebook)

I currently have the code

<?php

	$username = $_POST['username'];

	$sql = "SELECT * FROM users WHERE fullname = '$username'";

	$query = mysql_query($sql) or die(mysql_error());

    	if(mysql_num_rows($query) < 1) {//1

        echo "<div id='wrapper'>Sorry, we searched and searched but we couldent find anyone with that name!</div></div>";

        }else{

    

    	while($row = @mysql_fetch_assoc($query)) { //2

    	$sql = "SELECT * FROM users WHERE fullname = '$username'";

	$query = mysql_query($sql) or die(mysql_error());


	while($row = mysql_fetch_assoc($query)) { //3

	

	echo "<div id='wrapper'>";

	echo "<h2>Search Results:</h2><div class='line'></div>";

	echo "<a href='users.php?u=".$row['username']."'>".$row['fullname']." (".stripslashes($row['username']).")</a><br>".$row['location'].", ".$row['age'].", ".$row['gender']."";

	echo "</div>";


	} //3

    	

    	} //2

    

    	} //1

?>

Help D:

[SoN9ne]

You could do a single query and join the tables together. This is a method I use when performing checks like this. Although it can be a little tricky at first.

I typically use concat() on the two fields I want to search and join the tables, does this help?

[Bioshox]

Unfortunately, it doesn't help ):

[SoN9ne]

I will have to give you a generic sample since your code is doing the same check twice. I originally thought you were grabbing from two separate tables but it looks to be in one, this will be much easier.

$sql = "SELECT *

FROM users 

WHERE CONCAT(fullname, ' ', username) LIKE '%{$username}%'";

Also, why are you performing the same query twice? Asides from the display content the code is duplicated...

        while($row = @mysql_fetch_assoc($query)) { //2

        $sql = "SELECT * FROM users WHERE fullname = '$username'";

    $query = mysql_query($sql) or die(mysql_error());


    while($row = mysql_fetch_assoc($query)) { //3

    

    echo "<div id='wrapper'>";

    echo "<h2>Search Results:</h2><div class='line'></div>";

    echo "<a href='users.php?u=".$row['username']."'>".$row['fullname']." (".stripslashes($row['username']).")</a><br>".$row['location'].", ".$row['age'].", ".$row['gender']."";

    echo "</div>";


    }

You could just drop it and keep this:

<?php

$username = isset($_POST['username']) ? $_POST['username'] : NULL;

if ($username) {

    $sql = "SELECT username, fullname, location, age, gender FROM users WHERE CONCAT(fullname, ' ', username) LIKE '%".mysql_real_escape_string($username)."%'";

    $query = mysql_query($sql) or die(mysql_error());

    if(!mysql_num_rows($query)) {//1

        echo "<div id='wrapper'>Sorry, we searched and searched but we couldent find anyone with that name!</div></div>";

    } else {

        while($row = mysql_fetch_assoc($query)) { //2

            echo "<div id='wrapper'>";

            echo "<h2>Search Results:</h2><div class='line'></div>";

            echo '<a href="users.php?u='.$row['username'].'">'.$row['fullname'].' ('.stripslashes($row['username']).")</a><br />{$row['location']}, {$row['age']}, {$row['gender']}";

            echo "</div>";

        } //2

    } //1

} 

I also prevented some php warnings and sql injection as well as removed the suppressor @ as it isn't needed. I also dropped the ?> since it isn't needed by PHP. An easy way to prevent spurious output from an include file is to omit the closing tag at the end, which the parser considers this perfectly legal. This way you will never have to worry about whitespace trailing the ?> like many editors add to files.

Hopefully this will help now