Page 1 of 1

Using PHP to query Mysql and displaying the results

Posted: Wed Apr 07, 2004 7:01 am
by idnoble
hello,
I created this php script to search for products and display the results in the browser, but each time I run it, it always displays everything in my database and not just what i requested, i've checked it and can't find anything wrong, please help i'm buggered.
here's the script:

Code: Select all

<?php 

$Search = $HTTP_POST_VARS['Search']; 

$session = mysql_connect ("localhost", "root", "platinum"); 

if (!$session) 
{ 
echo 'Error: Could not connect to the database. Please try again later.'; 
exit; 
} 
$Search= trim($Search); 

$Search = addslashes($Search); 

$session = mysql_connect("localhost", "root", "platinum"); 
if (!$session) 
{ 
echo 'Error: Could not connect to the database. Please try again later.'; 
exit; 
} 

mysql_select_db('xplosive'); 
$query = "select * from movies where Title like '".$Search."%'"; 
$result = mysql_query($query); 

$num_results = mysql_num_rows($result); 

echo '<p> Number of products found: '.$num_results.'</p>'; 

for ($i=0; $i <$num_results; $i++) 
{ 
 $row = mysql_fetch_array($result); 
 echo '<p><strong>'. ($i+1).'. Title: '; 
 echo htmlspecialchars (stripslashes($row['Title'])); 
 echo '<strong><br />Genre: '; 
 echo stripslashes($row['Genre']); 
 echo '<br/> Synopsis: '; 
 echo stripslashes ($row['Synopsis']); 
 echo'<br> Price: '; 
 echo stripslashes ($row['Price']); 
 echo '<br/> Itemcode: '; 
 echo stripslashes ($row['Price']); 
 echo '</p>'; 
} 
?>

Posted: Wed Apr 07, 2004 7:13 am
by patrikG
SQL Manual: look for LIMIT or WHERE - depending on what you want.

Posted: Wed Apr 07, 2004 9:58 am
by pickle
Echo the query just before you run it. The way it's set up, the query will return everything if $Search is empty.