close ad
WARNING: Do Not Install the DREAMWEAVER CC 2017 or 2018 Update »
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

MySQLi Query Builder returning all and/or random records regardless of search criteria.

Thread began 11/04/2015 6:27 am by Nathon Jones Web Design | Last modified 1/12/2016 12:00 pm by Ray Borduin | 535 views | 8 replies |

Nathon Jones Web Design

MySQLi Query Builder returning all and/or random records regardless of search criteria.

Here's our search form:

<form class="navbar-form navbar-right" action="admin.php" method="post" name="pocsearchFORM" id="pocsearchFORM">
<div class="form-group">
<input type="text" name="adminsearch" id="adminsearch" placeholder="Search headstones..." class="form-control">
</div>
<button type="submit" class="btn btn-info" name="pocsearchBTN" id="pocsearchBTN">Search <span class="glyphicon glyphicon-search"></span></button>
</form>



Here's what MySQLi Query Builder generated:

<?php
$rsSEARCH = new WA_MySQLi_RS("rsSEARCH",$csdbmysqli,0);
$rsSEARCH->setQuery("SELECT POCheadstones.HeadstoneID, POCheadstones.MapRefID, POCheadstones.DGFHSID, POCheadstones.Inscription, POCheadstones.StoneDescription FROM POCheadstones WHERE POCheadstones.MapRefID = ? OR POCheadstones.Inscription LIKE ? OR POCheadstones.DGFHSID = ? OR POCheadstones.StoneDescription LIKE ? ORDER BY POCheadstones.MapRefID ASC");
$rsSEARCH->bindParam("i", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param1
$rsSEARCH->bindParam("c", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param2
$rsSEARCH->bindParam("i", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param3
$rsSEARCH->bindParam("c", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param4
$rsSEARCH->execute();
?>



If I type in a single keyword, for example "1865", it returns all manner of records - some contain "1865", some do not. Also, before we've even searched it returns records!

Page attached and, once I've posted this, I'll add a link and admin details for where you can test this online. Thank you.

Sign in to reply to this post

Nathon Jones Web Design

Online details below. You'll see, as soon as you log in, that 3 results are already displayed from the recordset despite you not having searched for anything.

If you search for "1865" you'll get three results, which each have "1865" within them however if you type in the word "Hannay" you get results that simply don't contain that term.

It's all most odd. I'd appreciate your help with it because I've been unable to use the extensions since this mess with DMX Zone Extension Manager.

Thank you.
NJ

Sign in to reply to this post

Nathon Jones Web Design

Checking this:

<?php
$rsSEARCH = new WA_MySQLi_RS("rsSEARCH",$csdbmysqli,0);
$rsSEARCH->setQuery("SELECT POCheadstones.HeadstoneID, POCheadstones.MapRefID, POCheadstones.DGFHSID, POCheadstones.Inscription, POCheadstones.StoneDescription FROM POCheadstones WHERE POCheadstones.MapRefID = ? OR POCheadstones.Inscription LIKE ? OR POCheadstones.DGFHSID = ? OR POCheadstones.StoneDescription LIKE ? ORDER BY POCheadstones.MapRefID ASC");
$rsSEARCH->bindParam("i", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param1
$rsSEARCH->bindParam("c", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param2
$rsSEARCH->bindParam("i", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param3
$rsSEARCH->bindParam("c", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param4
$rsSEARCH->execute();
?>



Despite TRIPLE checking that we were using the word LIKE instead of =, MySQLi Query Builder is changing Integer fields back to =.
So, to prove we weren't going mad, we re-created it and, lo and behold, MySQLi Query Builder just auto-changes the Integer fields back to =.
Extremely frustrating.

We have also changed the recordset to:

<?php
if (isset($_POST["pocsearchBTN"]) || isset($_POST["pocsearchBTN_x"])) {
$rsSEARCH = new WA_MySQLi_RS("rsSEARCH",$csdbmysqli,0);
$rsSEARCH->setQuery("SELECT POCheadstones.HeadstoneID, POCheadstones.MapRefID, POCheadstones.DGFHSID, POCheadstones.Inscription, POCheadstones.StoneDescription FROM POCheadstones WHERE POCheadstones.MapRefID LIKE ? OR POCheadstones.Inscription LIKE ? OR POCheadstones.DGFHSID LIKE ? OR POCheadstones.StoneDescription LIKE ? ORDER BY POCheadstones.MapRefID ASC");
$rsSEARCH->bindParam("c", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param1
$rsSEARCH->bindParam("c", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param2
$rsSEARCH->bindParam("c", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param3
$rsSEARCH->bindParam("c", "".(isset($_POST['adminsearch'])?$_POST['adminsearch']:"") ."", "-1"); //WAQB_Param4
$rsSEARCH->execute();
}
?>



Because, no matter what we do, the recordset is returning values despite us not having submitted the search form. No idea what's happening there.
NJ

Sign in to reply to this post

Ray BorduinWebAssist

LIKE and Contains are not valid for integer fields. That is why it is trying to update your SQL to be valid syntax... However I think they should still work though technically invalid MySQL should be smart enough to treat them like text when a LIKE operator is used.

You will have to do that manually after running the Querybuilder, but that doesn't explain the strange results you are seeing. I'd have to debug to figure that one out because it seems like it should work after you made your update.

Please post FTP information in the private area of a response and I'll figure out what is going on.

Sign in to reply to this post

Nathon Jones Web Design

Sorry, going back to this one, I simplified the search as much as I could but we are still seeing very odd results in our searches.

We have this live on the domain now at:
http://www.portpatrickchurchyard.org.uk/

Using the search box, top right, works well but, spookily, if you try a search for "jones" two records are always returned despite them having NO reference to the name "jones" at all in any of the fields the querybuilder is querying!

This is our WebAssist QueryBuilder code...

<?php
if (isset($_POST["pocsearchBTN"]) || isset($_POST["pocsearchBTN_x"])) {
$rsSEARCH = new WA_MySQLi_RS("rsSEARCH",$csdbmysqli,0);
$rsSEARCH->setQuery("SELECT POCheadstones.HeadstoneID, POCheadstones.MapRefID, POCheadstones.DGFHSID, POCheadstones.Inscription, POCheadstones.StoneDescription, COUNT(POCphotographs.PhotographID) AS numofimgs, POCphotographs.PhotographFilename FROM POCheadstones INNER JOIN POCphotographs ON POCheadstones.HeadstoneID = POCphotographs.HeadstoneID WHERE POCheadstones.MapRefID LIKE ? OR POCheadstones.Inscription LIKE ? OR POCheadstones.DGFHSID LIKE ? OR POCheadstones.StoneDescription LIKE ? GROUP BY POCheadstones.MapRefID ASC");
$rsSEARCH->bindParam("c", "".(isset($_POST['headstonesearch'])?$_POST['headstonesearch']:"") ."", "-1"); //WAQB_Param1
$rsSEARCH->bindParam("c", "".(isset($_POST['headstonesearch'])?$_POST['headstonesearch']:"") ."", "-1"); //WAQB_Param2
$rsSEARCH->bindParam("c", "".(isset($_POST['headstonesearch'])?$_POST['headstonesearch']:"") ."", "-1"); //WAQB_Param3
$rsSEARCH->bindParam("c", "".(isset($_POST['headstonesearch'])?$_POST['headstonesearch']:"") ."", "-1"); //WAQB_Param4
$rsSEARCH->execute();
}
?>



Hope you can help shed some light on this one.
Thank you.
NJ

Sign in to reply to this post

Ray BorduinWebAssist

If you give me FTP access I can debug it and figure out what is going on.

Sign in to reply to this post

Nathon Jones Web Design

Provided below. Incidentally, the "Keep me logged in" feature of this forum isn't working. Asks me for my credentials every log in using Microsoft Edge.
Thank you Ray. Wishing you all the best for 2016.

Sign in to reply to this post

Ray BorduinWebAssist

In the description field for both of those you have:

<a href="http://www.nathonjoneswebdesign.co.uk/portpatrickoldkirkyard/headstone-detail.php?Hid...

it is finding the "jones" from inside the links in the description... so they do have jones in them.

Sign in to reply to this post

Nathon Jones Web Design

Man, I must have looked at that a hundred times or more! :(
I think a qualified doctor would be genuinely concerned reading through some of my posts.
Sorry for the hassle Ray.

NJ.

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...