More efficient query in mysql

I want to know how do they do a query with only one textbox in the page, but the current text in the text box can be used as a parameter for the query. I’m currently using the query below but I don’t think I’m getting the desired results, is there anything wrong with my query?

$result1=query_database("SELECT * FROM prod_table WHERE CATEGORY LIKE '$cuts%' OR PRODUCT LIKE '$cuts%' OR P_DESC LIKE '$cuts%' ", "onstor", $link);

?>


<?php

if(mysql_num_rows($result1)==0){

}else{

JavaScript
​x
 
$result1=query_database("SELECT * FROM prod_table WHERE CATEGORY LIKE '$cuts%' OR PRODUCT LIKE '$cuts%' OR P_DESC LIKE '$cuts%' ", "onstor", $link);​?>​​<?php​if(mysql_num_rows($result1)==0){​}else{​

How to do this kind of query better.

Answer

use % before $cut and escape this query is fine

 $result1=query_database("SELECT * FROM prod_table WHERE CATEGORY LIKE '%$cuts%' OR PRODUCT LIKE '%$cuts%' OR P_DESC LIKE '%$cuts%' ", "onstor", $link);

JavaScript
 
 $result1=query_database("SELECT * FROM prod_table WHERE CATEGORY LIKE '%$cuts%' OR PRODUCT LIKE '%$cuts%' OR P_DESC LIKE '%$cuts%' ", "onstor", $link);​

Advertisement

Answer