Code problem

Asked

Viewed 54 times

1

Okay, here’s the thing, I got this code:

    <form style="" name="form">
        <input placeholder="Search..." name="name" id="fn" type="text">
        <input style="display: none ! important;" value="Search" id="search-btn" type="submit">
    </form>

    <div id = "results"></div>


<script type = "text/javascript">
$(document).ready(function(){
    $('#results').load('search_results.php').show();
    $('#search-btn').click(function(){
        showValues();
    });

    $("#fn").keyup(function() {
    if($(this).val().length >= 3) 
        showValues();
    });

    $(function() {
        $('form').bind('submit',function(){
            showValues(); 
            return false; 
        });
    });

    function showValues() {
        $.post('search_results.php', { name: form.name.value },
    function(result){
            $('#results').html(result).show();
        });
    }       
    });
</script>

.

<?php
ini_set('display_errors', true);
 error_reporting(E_ALL);
include_once("../../cdn/lib/config.php");
$stmt = $db->query("SELECT * FROM films ORDER BY Title");
$stmt->execute();
$films = $stmt->fetchAll(PDO::FETCH_ASSOC);

    isset( $_REQUEST['name'] ) ? $name=$_REQUEST['name'] : $name='';

    if( empty( $name )){
    foreach($films as $index => $row) {  ?>


    <div id="cover" class="img-thumbnail">
        <div class="audiopt"></div>
            <a href="<? echo $row['ID']; ?>" target="_self">
                <div id="effect" class="img-thumbnail" alt="<? echo $row['Title']; ?>" title="<? echo $row['Title']; ?>"></div>
                    <img src="../../cdn/uploads/films/<? echo $row['Cover']; ?>" alt="<? echo $row['Title']; ?>" title="<? echo $row['Title']; ?>" class="img-thumbnail" />
            </a>
    </div>


    <?
    }
        }



        else{
   $sql = "SELECT * FROM films WHERE Title LIKE ? ORDER BY Title"
   $stmt = $db->prepare($sql);
   $stmt->bindValue(1, '%'. $name .'%');
   $stmt->execute();
   $films = $stmt->fetchAll(PDO::FETCH_ASSOC);

    if(empty($films)){?>

        <div id="not-found">No films with this title (<b><? echo "$name" ?></b>)</div>

    <?
    }
    else{
    foreach($films as $index => $row) { ?>


    <div id="cover" class="img-thumbnail">
        <div class="audiopt"></div>
            <a href="<? echo $row['ID']; ?>" target="_self">
                <div id="effect" class="img-thumbnail" alt="<? echo $row['Title']; ?>" title="<? echo $row['Title']; ?>"></div>
                    <img src="../../cdn/uploads/films/<? echo $row['Cover']; ?>" alt="<? echo $row['Title']; ?>" title="<? echo $row['Title']; ?>" class="img-thumbnail" />
            </a>
    </div>


        <?
        }
        }
        }
        ?>

The problem is: no shaman that code works perfectly, but not on my site. I do the research and it just doesn’t react. Can anyone help me? Just at the beginning give me the dados everyone. But when I search nothing happens.

php javascript mysql

  • If you access the php file that resumes the business, does the screen go blank or does it show any errors? Add these lines at the beginning of php and see if any errors appear: ini_set('display_errors', true); error_reporting(E_ALL);

  • Warning: mysql_real_escape_string(): Access denied for user 'tvfootba'@'localhost' (using password: NO) in /home/user/public_html/PASTA/search_results.php on line 10&#xA;&#xA;Warning: mysql_real_escape_string(): A link to the server could not be established in /home/user/public_html/PASTA/search_results.php on line 10 gave this

  • you are just using the right PDO? mysql_*(old) n is part of your code.

  • right, but in the shaman everything worked out..

1 answer

1


To use mysql_real_escape_string an active connection is required as you have not connected the database with the old functions mysql_* remove the line below.

$name = mysql_real_escape_string( $name );

Sanitize user inputs with Prepared statements, the first step is to remove mysql_real_escape_string code, then convert the sql string into a method-prepared query prepare(), now make the bind of $name with the interrogation using bindValue() the first argument is the question position and the second the value that will be assigned to it and finally get the result of the query with fetchAll().

Change:

else{
   $stmt = $db->query("SELECT * FROM films WHERE Title LIKE '%$name%' ORDER BY Title");
   $stmt->execute();
   $films = $stmt->fetchAll(PDO::FETCH_ASSOC);

To:

else{
   $sql = "SELECT * FROM films WHERE Title LIKE ? ORDER BY Title"
   $stmt = $db->prepare($sql);
   $stmt->bindValue(1, '%'. $name .'%');
   $stmt->execute();
   $films = $stmt->fetchAll(PDO::FETCH_ASSOC);

  • I did that and now it’s all white ..

  • @thecreator, I’m reviewing here soon update

  • All right, I’ll be waiting. Thank you very much

  • you changed the queryfor prepare(), also check if you are falling into Else that has the Where query.

  • @thecreator, see the previous comment, I made the test only with the query worked, now it may not be falling on some if/Else

  • http://prntscr.com/70igxo error is able to be here, no? xd

  • still not working, I updated the code

  • @thecreator, who lacked the ; in $sql = "SELECT ...", tbm doesn’t need two else followed, leave a single.

  • It worked, thank you !

  • Thank you for your time in helping me !

  • @thecreator, I think I’d better go back to editing your question, it gets kind of weird, because one of the reasons for the first mistake was the mysql_real_escape function. The other mistake was because I forgot the ; in my xD response.

Show 6 more comments

Browser other questions tagged php javascript mysql

You are not signed in. Login or sign up in order to post.