Why is the filter not working?

C

coldunox2018-06-08 20:58:41

PHP

coldunox, 2018-06-08 20:58:41

Created a search form

<form action="users.tpl.php" method="post">
    <label class="col-md-4 control-label" for="newRole">Найти студента</label>
    <input type="text" name="valueToSearch" placeholder="Поиск студентов..." ng-model="searchText" class="form-control "/>
    <input type="submit" name="search"  class="btn btn-default" value="Фильтр"/>
</form>

Filter code

<?php 
   if (isset($_POST['search'])){
       $valueToSearch = $_POST['valueToSearch'];
       $query = "SELECT * FROM `users` WHERE concat(`fullName`, `group_name`) like '%" . $valueToSearch . "%'";
       $search_result = filterTable($query);
       
   } else {
       $query = "select * from `users` where role_id=2 order by fullName";
       $search_result = filterTable($query);
   }
   
   function filterTable($query){
       $conn = mysqli_connect('XXX', 'XXX', 'XXX', 'XXX');
       $filter_Result = mysqli_query($conn, $query);
       return $filter_Result;
}
?>

Table

<table  id="myTable" class="table table-bordered table-hover table-striped">
<thead>
    <tr>
        <th>ФИО</th>
        <th>Группа</th>
        <th>Логин</th>
        <th>Email</th>
    </tr>
</thead>
<tbody>
<?php
    while ($row = mysqli_fetch_array($search_result)) { ?>
        <tr data-ng-click="showEditForm(); getUserData(<?php echo $row['id'];?>);" >
            <td><?php echo $row['fullName']; ?></td>
            <td><?php echo $row['group_name']; ?></td>
            <td><?php echo $row['login']; ?></td>
            <td><?php echo $row['email']; ?></td>
            
        </tr>
    <?php } ?>
</tbody>
</table>

Why doesn't mysqli_fetch_array work?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dmitry Entelis, 2018-06-09
@DmitriyEntelis

Okay, I'll be serious.
Regarding the problem itself:
You can guess 100500 times in telepath mode about what is happening.
In fact, the question is too abstract, learn how to debug the code.
Concrete example: you have your "filtering code".
It would be ideal to put xdebug and an ide that can work with it, but in extreme cases, print_r and var_dump will save you.
Right from the beginning, take it, and check for each line in turn - whether the data you received was what you expected, whether the lines were formed what you expected, etc.
Most likely you will understand what the problem is yourself.
Even if you do not understand, you can ask a specific question already.
Well, it would be nice to include the output of all errors and notifications.

<?php
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);

Now for the whole code:
1. Read about MVC. mysqli functions mixed with html layout are not allowed.
2. Transfer all work with the database to a separate lib. there are 100500 ready-made solutions on github.
sql connect in filterTable - very bad.
3. User input cannot be sent to the database without processing! At a minimum, you need to do mysqli_real_escape_string
4. For a request where concat(`fullName`, `group_name`) = ...in a real project, you are fired immediately. The query does not use indexes and must perform a union of 2 fields for each row of the table, and then also compare. It's wildly slow.
You need such a string for searching - collect it as a separate field in the database.