234

 Owlcation»
 STEM»
 Computer Science

Simple Search Using PHP and MySQL

Updated on April 30, 2016

csk157
more

Contact Author

I'm going to show you how to create simple search using PHP and MySQL. You'll learn:

 How to use GET and POST methods

 Connect to database
 Communicate with database
 Find matching database entries with given word or phrase
 Display results

Preparation
You should have Apache, MySQL and PHP installed and running of course (you can use
XAMPP for different platforms or WAMP for windows, MAMP for mac) or a web
server/hosting that supports PHP and MySQL databases.

Let's create database, table and fill it with some entries we can use for search:

 Go to phpMyAdmin, if you have server on your computer you can access it at

http://localhost/phpmyadmin/
 Create database, I called mine tutorial_search
 Create table I used 3 fields, I called mine articles.
 Configuration for 1st field. Name: id, type: INT, check AUTO_INCREMENT, index:
primary
INT means it's integer
AUTO_INCREMENT means that new entries will have other(higher) number than previous
Index: primary means that it's unique key used to identify row

 2nd field: Name: title, type: VARCHAR, length: 225

VARCHAR means it string of text, maximum 225 characters(it is required to specify maximum
length), use it for titles, names, addresses
length means it can't be longer than 225 characters(you can set it to lower number if you want)

 3rd field: Name: text, type: TEXT

TEXT means it's long string, it's not necessary to specify length, use it for long text.

 Fill the table with some random articles(you can find them on news websites, for
example: CNN, BBC, etc.). Click insert on the top menu and copy text to a specific
fields. Leave "id" field empty. Insert at least three.

It should look something like this:

  Create a folder in your server directory and two files: index.php and search.php (actually
we can do all this just with one file, but let's use two, it will be easier)
 Fill them with default html markup, doctype, head, etc.

?
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
4 <head>
<title>Search</title>
5 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
6 </head>
7 <body>
8
9 </body>
10</html>

 Create a form with search field and submit button in index.php, you can use GET or
POST method, set action to search.php. I used "query" as name for text field

GET - means your information will be stored in url

(http://localhost/tutorial_search/search.php?query=yourQuery)
POST - means your information won't be displayed it is used for passwords, private information,
much more secure than GET

?
1<form action="search.php" method="GET">
2 <input type="text" name="query" />
3 <input type="submit" value="Search" />
4 </form>

Ok, let's get started with php.

 Open search.php
 Start php (<?php ?>)
 Connect to a database(read comments in following code)

?
1 <?php
mysql_connect("localhost", "root", "") or die("Error connecting to
2 database: ".mysql_error());
3 /*
4 localhost - it's location of the mysql server, usually localhost
5 root - your username
6 third is your password
7
if connection fails it will stop loading the page and display an
8 error
9 */
10
11 mysql_select_db("tutorial_search") or die(mysql_error());
12 /* tutorial_search is the name of database we've created */
13
14
15
16?>

You can go and check if there is no errors.

 Now go to the <body></body> part of the page

 I'm using GET method, if you want to use POST, just use $_POST instead of $_GET
 Also some functions to make it more secure. Read comments in the code
 Send query to database
 Check if there is any results
 If there is any, post them using while loop

?
<?php
1 $query = $_GET['query'];
2 // gets value sent over search form
3
4 $min_length = 3;
5 // you can set minimum length of the query if you want
6
if(strlen($query) >= $min_length){ // if query length is more or equal
7
minimum length then
8
9 $query = htmlspecialchars($query);
10 // changes characters used in html to their equivalents, for
11example: < to &gt;
12
13 $query = mysql_real_escape_string($query);
// makes sure nobody uses SQL injection
14
15
$raw_results = mysql_query("SELECT * FROM articles
16 WHERE (`title` LIKE '%".$query."%') OR (`text` LIKE
17'%".$query."%')") or die(mysql_error());
18
19 // * means that it selects all fields, you can also write: `id`,
20`title`, `text`
// articles is the name of our table
21
22
// '%$query%' is what we're looking for, % means anything, for
23example if $query is Hello
24 // it will match "hello", "Hello man", "gogohello", if you want
25 exact match use `title`='$query'
26 // or if you want to match just full word so "gogohello" is out use
'% $query %' ...OR ... '$query %' ... OR ... '% $query'
27
28 if(mysql_num_rows($raw_results) > 0){ // if one or more rows are
29returned do following
30
31 while($results = mysql_fetch_array($raw_results)){
// $results = mysql_fetch_array($raw_results) puts data from
32database into array, while it's valid it does the loop
33
34 echo
35"<p><h3>".$results['title']."</h3>".$results['text']."</p>";
36 // posts results gotten from database(title and text) you
37 can also show id ($results['id'])
}
38
39 }
40 else{ // if there is no matching rows do following
41 echo "No results";
42 }
43
}
44
else{ // if query length is less than minimum
echo "Minimum length is ".$min_length;
}
?>

Done!
Now it works. Try different words, variations, editing code, experiment. I'm adding full code of
both files in case you think you've missed something. Feel free to ask questions or ask for
tutorials.

index.php
?
1
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
4 <head>
5 <title>Search</title>
6 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="style.css"/>
7 </head>
8 <body>
9 <form action="search.php" method="GET">
10 <input type="text" name="query" />
11 <input type="submit" value="Search" />
</form>
12</body>
13</html>
14

search.php
?
<?php
1 mysql_connect("localhost", "root", "") or die("Error connecting to
2 database: ".mysql_error());
3 /*
4 localhost - it's location of the mysql server, usually localhost
5 root - your username
third is your password
6
7 if connection fails it will stop loading the page and display an
8 error
9 */
10
11 mysql_select_db("tutorial_search") or die(mysql_error());
12 /* tutorial_search is the name of database we've created */
?>
13
14<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
15"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
16<html xmlns="http://www.w3.org/1999/xhtml">
17<head>
<title>Search results</title>
18 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
19 <link rel="stylesheet" type="text/css" href="style.css"/>
20</head>
21<body>
22<?php
$query = $_GET['query'];
23 // gets value sent over search form
24
25 $min_length = 3;
26 // you can set minimum length of the query if you want
27
28 if(strlen($query) >= $min_length){ // if query length is more or equal
29 minimum length then
30
$query = htmlspecialchars($query);
31 // changes characters used in html to their equivalents, for
32example: < to &gt;
33
34 $query = mysql_real_escape_string($query);
35 // makes sure nobody uses SQL injection
36
37 $raw_results = mysql_query("SELECT * FROM articles
WHERE (`title` LIKE '%".$query."%') OR (`text` LIKE
38'%".$query."%')") or die(mysql_error());
39
40 // * means that it selects all fields, you can also write: `id`,
41`title`, `text`
42 // articles is the name of our table
43
44 // '%$query%' is what we're looking for, % means anything, for
example if $query is Hello
45 // it will match "hello", "Hello man", "gogohello", if you want
46exact match use `title`='$query'
47 // or if you want to match just full word so "gogohello" is out use
'% $query %' ...OR ... '$query %' ... OR ... '% $query'
48
49 if(mysql_num_rows($raw_results) > 0){ // if one or more rows are
50returned do following
51
52 while($results = mysql_fetch_array($raw_results)){
53 // $results = mysql_fetch_array($raw_results) puts data from
54 database into array, while it's valid it does the loop
55
echo
56"<p><h3>".$results['title']."</h3>".$results['text']."</p>";
57 // posts results gotten from database(title and text) you
58can also show id ($results['id'])
59 }
60
}
61
else{ // if there is no matching rows do following
62 echo "No results";
63 }
64
65 }
66 else{ // if query length is less than minimum
echo "Minimum length is ".$min_length;
67 }
68?>
</body>