Hey I have an search field where I am searching something from my database, now I saw the problem after testing that if I put "%" in the search field it will output everything that I have ready for searching. Is there a way to disable this?
<h3>Search Share Details</h3>
<p>You may search either by company name or issue date</p>
<form name = "search" method = "get">
<input type = "text" name = "share" size = "40" maxlength="50">
<input type = "submit" value = "Search">
</form>
Getting contents connecting to DB, fetching results and printing
function get_contents() {
if(isset($_GET['share']))
{
$conn = db_connect();
$shares = get_shareSearch($conn);
db_disconnect($conn);
$contents = array('shares' => $shares);
return $contents;
}
else
{
$conn = db_connect();
$shares = get_share($conn);
db_disconnect($conn);
$contents = array('shares' => $shares);
return $contents;
}
}
function print_contents($contents)
{
if(count($contents['shares']) == 0)
{
echo "<script type = 'text/javascript'>alert('Sorry but share is not found! Q_Q');</script>";
}
else
{
?>
<table>
<tr>
<th>Company Name</th>
<th>Rate</th>
<th>Issue Date</th>
</tr>
<?php
foreach ($contents['shares'] as $share)
{
print "<tr>";
$identifier = urlencode($share['SHAREID']);
print "<td><a href='share-details.php?id={$identifier}'>{$share['COMPANY']}</a></td>";
print "<td>{$share['RATE']}</td>";
$issue_date = $share['ISSUE_DATE'];
$issue_date = $issue_date === NULL ? "< not available >" : $issue_date;
print "<td>{$issue_date}</td>";
print "</tr>";
}
?>
</table>
<?php
}
}
//require("shares.php");
require("search.php");
?>
Query itself
function get_shareSearch($conn) {
$id = "";
if(isset($_GET['share'])){$id = $_GET['share'];}
$statement = db_create_statement($conn, "SELECT DISTINCT * FROM shares WHERE(company LIKE '{$id}' OR issue_date LIKE '{$id}')");
$resultset = db_fetch_resultset($statement);
return $resultset;
}