Tell me more ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 2 down vote favorite

I have a problem with my search query, $s_query. The user can search a type (Date, Title, or Location) which corresponds to a colum in my mysql database

$search_type =mysql_real_escape_string($_POST['type']);
$search_query =mysql_real_escape_string($_POST['search_query']);

if ($search_query == "") {
  echo "<p>Please enter a search...</p>";
  exit;}

$s_query = "SELECT * FROM `posts` WHERE `$search_type` == `$search_query` ";

$s_result1=mysql_query($s_query);

if (!$s_result1) {
    die('Invalid query: ' . mysql_error());
    //header ("Location: /UC_page.html");
}

$s_row = mysql_fetch_array($s_result1);
$s_num1=mysql_numrows($s_result1);
mysql_close();

mysql_error says: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '== 1956'

i have tried every operator possible and every kind of syntax i could find, but im stuck. at one point i got the date to work, but not any of the strings. thanks in advance.

share|improve this question
No need for == just one = should do it. – Tim Withers Mar 15 '12 at 21:28
add comment (requires an account with 50 reputation)

3 Answers

up vote 4 down vote accepted

Actually you have two problems. First, you're surrounding your value with `, which is invalid. Use " or ' instead.

Also, == is not valid syntax, you need to use a single = instead. Although, looking at what you're doing, you probably want to use LIKE instead, for a case-insensitive search.

So this query should work:

SELECT * FROM `posts` WHERE `$search_type` = '$search_query'

Or with LIKE:

SELECT * FROM `posts` WHERE `$search_type` LIKE '$search_query'
share|improve this answer
Thank you!!! works perfectly! – user1107703 Mar 15 '12 at 21:33
add comment (requires an account with 50 reputation)
up vote 3 down vote

You are putting ` (on top of the tab button) around your insert value. Those only go on the field. YOu shoudl use ' (on top of the slash button) for the value.

share|improve this answer
thank you for your response i tried it and got mysql_error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '== 'Lorem Ipsum'' – user1107703 Mar 15 '12 at 21:28
add comment (requires an account with 50 reputation)
up vote 0 down vote

This might help you understand what query MySQL is expecting:

$s_query = "SELECT * FROM `posts` WHERE `" . $search_type . "` = " . $search_query;

Also make sure you add the necessary quotes to $search_query. EG: If it is a string then surround it with '.

share|improve this answer
add comment (requires an account with 50 reputation)

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.