This is my code as I have it right now. I'm trying to take user input from an HTML form and search a database, then display the results using the PHP script. The problem is, I have no idea what the syntax is for wildcards in WHERE/LIKE clauses. Any ideas?

<html>

<head>
<title>Search Results...Powered by BRYAN and search.php!!!!!!!!!</title>
</head>

<body>

<h2>Hope that this is the person you wanted...</h2>

<?php

$hostname = "host";
$username = "username";
$password = "usr";
$dbname = "User";
$tablename = "Person";

trim($fname);
trim($lname);
trim($ssno);

$fname = addslashes($fname);
$lname = addslashes($lname);
$ssno = addslashes($ssno);

$link = mysql_pconnect($hostname,$username,$password);

if(!$link)
{
echo "Don't worry...it's never a user error ID-10-T";
exit;
}

mysql_select_db($dbname);

$query = "select * from $tablename where $fname like '$fname%'";

echo $query;

echo "<br>";

$result =@ mysql_query($query,$link);

$num_results =@ mysql_num_rows($result);

echo "Out of ".$num_results." people,";
echo " this person should be in here somewhere...";

for($i=0; $i < $num_results;$i++)
{
$row = mysql_fetch_array($result);
echo "<table>";
echo "<tr><td><b>First Name:</td></b>";
echo "<td><b>Last Name:</b></td>";
echo "<td><b>SSN: </b></td>";
echo "<tr><td>";
echo htmlspecialchars( stripslashes($row["fname"]));
echo "</td><td> ";
echo htmlspecialchars( stripslashes($row["lname"]));
echo "</td><td>";
echo htmlspecialchars( stripslashes($row["ssno"]));
echo "</td><td></tr>";
echo "</table>";
}

?>

</body>
</html>

    Unless you want to search for anything ending in $fname, you should make if "LIKE '%$fname%'."

      It didn't work...do i need periods or double quotes or slashes in there anywhere?

        Write a Reply...