this is what I have so far:
include "config.php";
if (@$_POST['search']=="search")
{
$keyword=$_POST['keyword'];
$result=mysql_query("SELECT * FROM listed WHERE `itemname` LIKE '%$keyword%' OR `message1` LIKE '%$keyword%'");
while ($results = mysql_fetch_array($result))
{
$tag=$results['tag'];
$idno=$results['id'];
$title=$results['name'];
$description=$results['message1'];
$position=40;
$post = substr($description, 0, $position);
echo "$tag,$title,$post,$idno
?>
I also heard of adding a thing called noslashes or something which is supposed to prevent unwanted SQL queries. Any info on that?
2006-09-30 02:48:58 · 2 answers · asked by detroitkid17 2 in Computers & Internet ➔ Programming & Design
Try this:
include "config.php";
if (@$_POST['search']=="search")
{
@$keywords=split(" ",$_POST['keyword']);
foreach ($keywords As $keyword){
$keyword = get_magic_quotes_gpc() ? addslashes(trim($keyword)) : trim($keyword);
$search[]="itemname LIKE '%$keyword%' OR message1 LIKE '%$keyword%'";
}
$search = join("OR ", $search);
$result=mysql_query("SELECT * FROM listed WHERE($search)");
while ($results = mysql_fetch_array($result))
{
$tag=$results['tag'];
$idno=$results['id'];
$title=$results['name'];
$description = $results['message1'];
$position=40;
$post = substr($description, 0, $position);
echo "$tag,$title,$post,$idno" . "
";
}
}
?>
I had to guess a few things because Yahoo put ellipse (...) on some of the words in your post. So can change it if it is wrong
2006-09-30 11:10:01 · answer #1 · answered by dt01pqt_pt 2 · 0⤊ 0⤋
You didn't say which search engine you use, I use Google and they have an advanced search area that lets you input the words that you want or you can search on a word or phrase and then go to the bottom of the page and click on 'search within these results' to narrow things down.
Hope this helps
2006-09-30 02:53:21 · answer #2 · answered by ladeehwk 5 · 0⤊ 0⤋