D
Deleted member 622421
Guest
help me po sana sa mga masters dyan
thanks in advance guys.
thanks in advance guys.
Hindi mo na kailangan i-declare yung variable $search bago gamitin. Delikado yung queries mo, risk sa sql injection.<?php
include 'connection.php';
$search = "";
if(isset($_GET['submit'])){
$search = $_GET['search'];
}
?>
<!DOCTYPE html>
<html>
<head>
<title>View Contacts</title>
</head>
<body>
<div align="center">
<div style="display: inline-block;">Click Here to<a href="index.php"> add </a>Contacts</div>
<div style="display: inline-block;">
<form method="GET" action="">
<input type="text" name="search" placeholder="SEARCH HERE">
<input type="submit" name="submit" value="submit" >
</form>
</div>
<div>
<table border="1">
<tr>
<th>ID</th>
<th>NAME</th>
<th>PHONE NUM</th>
<th>EMAIL</th>
<th colspan="2">ACTION</th>
</tr>
<?php
$getresultsql = mysqli_query($connect,"SELECT * FROM contacts WHERE (name LIKE '%$search%' OR id = '$search')");
while($getresult = mysqli_fetch_array($getresultsql)){
$id = $getresult[0];
$name = $getresult[1];
$phone = $getresult[2];
$email = $getresult[3];
?>
<tr>
<td><?php echo $id; ?></td>
<td><?php echo $name; ?></td>
<td><?php echo $phone; ?></td>
<td><?php echo $email; ?></td>
<td><a href="<?php echo "update.php?getid=".$id; ?>"><button>View</button></a></td>
<td><a href="<?php echo "delete.php?getid=".$id; ?>"><button>Delete</button></a></td>
</tr>
<?php
}
?>
</table>
</div>
</div>
</body>
</html>
Yan buong php para alam mo
may mysqli_real_escape_string() /mysqli_escape_string() namanHindi mo na kailangan i-declare yung variable $search bago gamitin. Delikado yung queries mo, risk sa sql injection.
walang ganun sa code na binigay niya.may mysqli_real_escape_string() /mysqli_escape_string() naman
Easiest way is gamit ka ajax/javascript.