Yousef Altaf Yousef Altaf - 26 days ago 8
HTML Question

search with php on my site

I have a problem with my search on my site I don't understand why it give me this error

this is my form code

<form action="index.php?cat=search_results&learn_id=1" method="post">
<div id="topSearchBodyStyle">
<input type="text" name="search" class="topSearchTextBackground" />
</div>
<div id="topSearchButtonStyle">
<input type="submit" name="submit" class="topSearchButtonBackground" value="" />
</div>
</form>


and this is the page which have the php code

<?php

$getSearch = $_POST['search'];
trim($getSearch);

if(!get_magic_quotes_gpc()) {
$getSearch = addslashes($getSearch);
}

$connectToDb = "select * from tutorials where tutorial_title like '%.$getSearch.%'";
$searchResults = $db->query($connectToDb) or die($db->error);
if ($searchResults){
$numResultas = $searchResults ->num_rows;
echo "<p>Found : " . $numResultas . "</p>";
while($row = mysqli_fetch_array($searchResults)) {

echo $row['tutorial_title'];
}
}else{
echo "cant connect";
}
?>


any idea why it give me this note about "Undefined index: search"
and why the results come "0"

Answer Source

From the code example you've given, I don't see a reason you are getting Undefined index: search, however, are you sure that $_POST['search'] is actually set? If this is part of some framework or other project, I have seen some that unset $_POST and $_GET and you have to access them another way.

Is it possible that undefined index error is coming from a different line in your code?

If you are getting a value through $_POST['search'], the reason you are getting 0 results is because you have an error in your SQL statement.

Should be: "select * from tutorials where tutorial_title like '%".$getSearch."%'"

Finally, you should be using mysql_real_escape_string instead of addslashes, or better yet prepared statements.