php mysql search script, how to make matched results bold_问答_开发者

php mysql search script, how to make matched results bold

开发者 https://www.devze.com 2023-04-02 07:38 出处：网络

I have a script below which reads on displayed information from my mysql database on my webpage, how can I make matched results bold please? 开发者_运维问答for example, if I searched \"john\" how to m

I have a script below which reads on displayed information from my mysql database on my webpage, how can I make matched results bold please? 开发者_运维问答for example, if I searched "john" how to make the displayed results "john bloggs". thanks

here is the script so far,

<?
mysql_connect ("localhost", "user","pass")  or die (mysql_error());
mysql_select_db ("databasename");

$term = $_POST['term'];

$sql = mysql_query("select * from tablename where category like '%$term%' or title like '%$term%' or postcode like '%$term%' or info like '%$term%' ");

while ($row = mysql_fetch_array($sql)){
    echo '<br/> Category: '.$row['category'];
    echo '<br/> Title: '.$row['title'];
    echo '<br/> Address: '.$row['add1'];
    echo '<br/> Street: '.$row['street'];
    echo '<br/> City: '.$row['city'];
    echo '<br/> Postcode: '.$row['postcode'];
    echo '<br/> Phone: '.$row['phone'];
    echo '<br/> E-Mail: '.$row['email'];
    echo '<br/> Website: '.$row['website'];
    echo '<br/><br/>';
    }
?>

Let's say for instance you have an array $results which contains a few results from your MySQL query.

Let's say you were searching within the field name.

You could use a very simple str_replace to achieve this:

foreach($results as $result)
    echo str_replace($search,'<b>'.$search.'</b>',$result['name']);

This replaces all instances of $search (which should be your search string) with <b>$search</b> within $result['name'].

In your case:

while ($row = mysql_fetch_array($sql)){

    echo '<br/> Category: '.str_replace($term,'<b>'.$term.'</b>',$row['category']);
    echo '<br/> Title:    '.str_replace($term,'<b>'.$term.'</b>',$row['title']);
    echo '<br/> Address:  '.$row['add1'];
    echo '<br/> Street:   '.$row['street'];
    echo '<br/> City:     '.$row['city'];
    echo '<br/> Postcode: '.str_replace($term,'<b>'.$term.'</b>',$row['postcode']);
    echo '<br/> Phone:    '.$row['phone'];
    echo '<br/> E-Mail:   '.$row['email'];
    echo '<br/> Website:  '.$row['website'];
    echo '<br/><br/>';

}

BY THE WAY (IMPORTANT)

What you are doing here:

$term = $_POST['term'];

$sql = mysql_query("select * from tablename where category like '%$term%' or title like '%$term%' or postcode like '%$term%' or info like '%$term%' ");

Is extremely dangerous. $_POST['term'] comes from the user, what if this user fills in ';DROP TABLE tablename --? Your query will suddenly change to something that will drop your entire table and delete all your information.

You should always check your user input, here is a nice tutorial explaining some methods how:

http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php

function highlight($term, $result) {
    return str_replace($term, '<strong>'.$term.'</strong>', $result);
}

Then just do this for each field you want to highlight.

while ($row = mysql_fetch_array($sql)){
echo '<br/> Category: '.highlight($term, $row['category']);
echo '<br/> Title: '.highlight($term, $row['title']);
echo '<br/> Address: '.$row['add1'];
echo '<br/> Street: '.$row['street'];
echo '<br/> City: '.$row['city'];
echo '<br/> Postcode: '.highlight($term, $row['postcode']);
echo '<br/> Phone: '.$row['phone'];
echo '<br/> E-Mail: '.$row['email'];
echo '<br/> Website: '.$row['website'];
echo '<br/><br/>';
}

You are also able to highlight it in ALL fields one time. ex.

while ($row = array_map(function($res) use ($search){
        str_replace($search,'<b>'.$search.'</b>',$res);
    },mysql_fetch_array($sql))){
    //your print
}

It requires PHP 5.3+ but may be rewriten to 5.2-