Yousef Altaf Yousef Altaf - 5 months ago 19
HTML Question

search with php on my site

I have a problem with my search on my site I don't understand why it give me this error

this is my form code

<form action="index.php?cat=search_results&learn_id=1" method="post">
<div id="topSearchBodyStyle">
<input type="text" name="search" class="topSearchTextBackground" />
<div id="topSearchButtonStyle">
<input type="submit" name="submit" class="topSearchButtonBackground" value="" />

and this is the page which have the php code


$getSearch = $_POST['search'];

if(!get_magic_quotes_gpc()) {
$getSearch = addslashes($getSearch);

$connectToDb = "select * from tutorials where tutorial_title like '%.$getSearch.%'";
$searchResults = $db->query($connectToDb) or die($db->error);
if ($searchResults){
$numResultas = $searchResults ->num_rows;
echo "<p>Found : " . $numResultas . "</p>";
while($row = mysqli_fetch_array($searchResults)) {

echo $row['tutorial_title'];
echo "cant connect";

any idea why it give me this note about "Undefined index: search"
and why the results come "0"

Answer Source

From the code example you've given, I don't see a reason you are getting Undefined index: search, however, are you sure that $_POST['search'] is actually set? If this is part of some framework or other project, I have seen some that unset $_POST and $_GET and you have to access them another way.

Is it possible that undefined index error is coming from a different line in your code?

If you are getting a value through $_POST['search'], the reason you are getting 0 results is because you have an error in your SQL statement.

Should be: "select * from tutorials where tutorial_title like '%".$getSearch."%'"

Finally, you should be using mysql_real_escape_string instead of addslashes, or better yet prepared statements.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download