I'm trying to create a search function that will retrieve search results for different posters we're creating on our site. If a person is searching for lets say "dog" then it will show the posters which is related to dogs. The site is going to publish different events in the form of posters.
The code looks as following at the moment:
<?php
class Search
{
public static $con;
private $search = '';
function __construct()
{
self::$con = mysqli_connect('localhost', 'guest', 'guestpw', 'db_users');
$this->search = mysqli_real_escape_string(self::$con, $_POST['search']);
}
if(isset($_POST['submit_search']))
{
$sql = mysqli_query($con, "SELECT * FROM Event WHERE eventNamn LIKE '%" . $search);
$sql = mysqli_query($con, "SELECT * FROM Användare WHERE userName LIKE '%" . $search);
$sql = mysqli_query($con, "SELECT * FROM Poster WHERE Kategori LIKE '%" . $search);
$sql = mysqli_query($con, "SELECT * FROM EventTyp WHERE EventTyp LIKE '%" . $search);
$result = mysqli_query($sql);
}
}
What I want to happen now is to use the search word the user is searching for and then display the events that are associated with that word. All help is much appreciated! Thank you.
The code you're having now is not going to work. You're checking for a $_POST request inside a class? I made some adjustments
<?php
class Search
{
public static $con;
private $search = '';
public function __construct($search)
{
self::$con = mysqli_connect('localhost', 'guest', 'guestpw', 'db_users');
$this->search = mysqli_real_escape_string(self::$con, $search);
}
//Do this for every search
public function search() {
$sql = mysqli_query(self::$con, "SELECT [column] FROM Event WHERE eventNamn LIKE '%" . $search . "'".
"UNION ALL ".
"SELECT [column] FROM Användare WHERE userName LIKE '%" . $search . "'".
"UNION ALL".
"SELECT [column] FROM Poster WHERE Kategori LIKE '%" . $search . "'".
"UNION ALL".
"SELECT [column] FROM EventTyp WHERE EventTyp LIKE'%" . $search . "'");
return mysqli_query($sql);
}
}
if(isset($_POST['search'])) {
$searchClass = new Search($_POST['search']);
$result = $searchClass->searchEvent();
}
You might want to use UNION or UNION ALL operator. The SQL UNION operator combines the result of two or more SELECT statements.
SELECT col FROM Event WHERE ...
UNION ALL
SELECT col FROM User WHERE ...
The document is here:
MYSQL UNION operator : http://dev.mysql.com/doc/refman/5.0/en/union.html
Your code could go like this:
$sql = "SELECT [your column] AS event FROM Event WHERE eventNamn LIKE '%" . $search . "'".
"UNION ALL ".
"SELECT [your column] AS event FROM Användare WHERE userName LIKE '%" . $search . "'".
"UNION ALL".
"SELECT [your column] AS event FROM Poster WHERE Kategori LIKE '%" . $search . "'".
"UNION ALL".
"SELECT [your column] AS event FROM EventTyp WHERE EventTyp LIKE'%" . $search . "'";
$result = mysqli_query($con,$sql);
while($row = mysqli_fetch_array($result)) {
echo $row['event '];
echo "<br>";
}
mysqli_close($con);
Hope this helps.
1.don't rely on mysqli escape string. use a prepared statement. its faster and foolproof.
2.You can select from multiple tables in one query pretty easily
public $mysqli; //make sure your connection is available
public $result = NULL;//setup your result variable
public $search = NULL;
public function getresults() //pass your connection to the object
{
$search = $_POST["search"]; //post is a super global. no need to pass it by reference
$result = array();//create an array to store the search results in
$mysqli = $this->mysqli;//define mysqli so you can access the property of your class object.
//construct mysqli in your __construct call, and return it.
$stmt = $mysqli->prepare("SELECT column1,column2,column3,column4
FROM Event,Användare,Poster,Eventyp
WHERE eventNamn LIKE '% ?';");//prepare our query
$stmt->bind_param('s', $this->search);
//bind our search parameters to the question mark in the query.
//if you have multiple querystrings, they must be bound in order.
if($stmt->execute())//execute prepared statment
{
$stmt->bind_result($col1,$col2,$col3,$col4);//bind the selected column results to variables.
//these also must be bound in order
if($stmt->num_rows > 0)
{
$result[] = array('type'=> 'success','result' => $stmt->num_rows, 'search string' => $search); //success!
while($row = $stmt->fetch()) //never use get_result to fetch your statement. always use fetch.
{
$result[] = array('type' => 'result',
'column1' => $col1 ,
'column2' => $col2 ,
'column3' => $col3 ,
'column4' => $col4); //store each result row in an array.
}
$stmt->close();//close the connection
}else{
$result[] = array('type'=> 'emptyresult','result' => 'No Results Found', 'search string' => $search); //No Results!
}
}else{
$result[] = array('type'=> 'error','result' => 'Error with query', 'search string' => $search); //No Results!
}
return $result;//finally return our result for further processing
}