I want to know how do they do a query with only one textbox in the page, but the current text in the text box can be used as a parameter for the query. I’m currently using the query below but I don’t think I’m getting the desired results, is there anything wrong with my query?
$result1=query_database("SELECT * FROM prod_table WHERE CATEGORY LIKE '$cuts%' OR PRODUCT LIKE '$cuts%' OR P_DESC LIKE '$cuts%' ", "onstor", $link);
?>
<?php
if(mysql_num_rows($result1)==0){
}else{
How to do this kind of query better.
Advertisement
Answer
use % before $cut and escape this query is fine
$result1=query_database("SELECT * FROM prod_table WHERE CATEGORY LIKE '%$cuts%' OR PRODUCT LIKE '%$cuts%' OR P_DESC LIKE '%$cuts%' ", "onstor", $link);