PDA

View Full Version : FancyBox iFrame - PHP and MySQL not working


cocoonfx
04-11-2012, 11:16 AM
I am struggling to get a search form in PHP to work with a fancybox iFrame. The search form queries a MySQL database and I want the results to show in the iFrame. However for some reason i can not get this to work. I have pasted the complete code below. Appreciate any support with this?

script type="text/javascript">
$(document).ready(function() {
$("#tip5").fancybox({
'scrolling' : 'no',
'titleShow' : false,
'onClosed' : function() {
$("#login_error").hide();
}
});
});
</script>

PHP and HTML

<form method="post" action="test2.php?go" id="topF">
<input type="text" name="name">
<input type="submit" name="submit" id="tip5" href="#results" value="Search" class="buttonSubmit">
</form>


<div id="results">
<?php



if(isset($_POST['submit'])){
if(isset($_GET['go'])){
if(preg_match("/[A-Z | a-z]+/", $_POST['name'])){
$name=$_POST['name'];


//-query the database table
$sql="SELECT id, COMPANY, TOWN, COUNTY, ServiceStandards,Active FROM main WHERE Active='Y' AND COMPANY LIKE '%" . $name . "%' OR TOWN LIKE '%" . $name . "%'AND Active='Y' OR ServiceStandards LIKE '%" . $name . "%' AND Active='Y' OR COUNTY LIKE '%" . $name . "%'AND Active='Y'";
$result5=mysql_query($sql);
$numrows=mysql_num_rows($result5);

echo "<p>" .$numrows . " results found for " . stripslashes($name) . "</p>";

//-create while loop and loop through result set
while($numrow=mysql_fetch_array($result5)){

$Company =$numrow['COMPANY'];
$Town=$numrow['TOWN'];
$County=$numrow['COUNTY'];
$ID=$numrow['id'];
$Service=$numrow['ServiceStandards'];

//-display the result of the array

echo "<ul>\n";
echo "<li>" . "<a href=\"test2.php?id=$ID\">" .$Company . "</a></li>\n";
echo "</ul>";
}
}
else{
echo "<p>Please enter a search query</p>";
}
}
}

if(isset($_GET['by'])){
$letter=$_GET['by'];
$sql="SELECT *,COMPANY,COMPANY+0 FROM main WHERE Active='Y' AND COMPANY LIKE '" . $letter . "%' ORDER BY COMPANY";
$result5=mysql_query($sql);
$result6=mysql_query($sql);
$rows=mysql_num_rows($result6);

echo "<p>" .$numrows . " results found for " . $letter . "</p>";
while($rows=mysql_fetch_array($result6)){

$Company =$rows['COMPANY'];
$Town=$rows['TOWN'];
$County=$rows['COUNTY'];
$Post=$rows['POSTCODE'];

$ID=$rows['id'];

//-display the result of the array

echo "<ul>\n";
echo "<li>" . "<a href=\"test2.php?id=$ID\">" .$Company . "</a> <br/>" .$Town . ", " .$County. ", " .$Post."</li>\n";

echo "</ul>";
}
}

if(isset($_GET['id'])){
$contactid=$_GET['id'];
$sql="SELECT * FROM main WHERE Active='Y' AND id=" . $contactid;
$result7=mysql_query($sql);
while($row=mysql_fetch_array($result7)){

$Company =$row['COMPANY'];
$Town=$row['TOWN'];
$County=$row['COUNTY'];
$Email=$row['Email'];
$Web=$row['Web'];

//-display the result of the array


echo 'Company Name: '. $row['COMPANY'] . '<br />';
echo 'Town: '. $row['TOWN'] . '<br/>';
echo 'Postcode: '. $row['POSTCODE'] . '<br/>';
echo 'Telephone: '. $row['TELEPHONE'] . '<br/>';
echo 'Email: '. $row['Email'] . '<br/>';
echo 'Web: ' . "<a href=".$Web.">" .$Web . "</a> <br/>\n";

echo ' '. '<br/>';
echo 'Service: '. $row['ServiceStandards'] . '</br>';


}
}


?>




</div>

jmichae3
04-23-2012, 11:58 PM
script tag is missing opening < may be typo or just copy mistake I can ignore.
I don't see any iframe anywhere (I am not an expert on jquery), in fact, the #tip5 appears to be a submit button your js seems to be acting on. is that intended? you said iframe.
I am going to do some debugging.

jmichae3
04-24-2012, 12:29 AM
mysql query doesn't have a space before AND in a LIKE statement, several times. paste error looks like.
also, you should put perens around the expressions you want to group, or you may not get the results you expect! you can't always expect the compiler to correctly handle the priority of AND over OR. you can assume that sometimes, it MAY just do left to right... and sometimes it may not, so put in those perens!
for instance, do you want:
$sql="
SELECT
id,
COMPANY,
TOWN,
COUNTY,
ServiceStandards,
Active
FROM
main
WHERE
(Active='Y' AND COMPANY LIKE '%" . $name . "%') OR
(TOWN LIKE '%" . $name . "%' AND Active='Y') OR
(ServiceStandards LIKE '%" . $name . "%' AND Active='Y') OR
(COUNTY LIKE '%" . $name . "%' AND Active='Y'");

should be using mysql_fetch_assoc instead of mysql_fetch_array.
your preg_match character class doesn't make any sense: why are there multiple spaces? what are you trying to achieve? maybe I can help. if I don't know it offhand, I have a very good "Mastering Regular Expressions book from O'Reilly. preg whatever is Perl regular expressions feature set if I am not mistaken.

I think by /[A-Z | a-z]+/ you were trying to say /[A-Za-z]+/ or were you trying to include spaces and pipes (vertical bars)? if you were trying to include space, then /[A-Za-z ]+/

what exactly is COMPANY+0? I don't think that's going to convert it to an integer if it isn't already one.


here's the code I have reformatted:

<form method="post" action="test2.php?go" id="topF">
<input type="text" name="name">
<input type="submit" name="submit" id="tip5" href="#results" value="Search" class="buttonSubmit">
</form>


<div id="results">
<?php
if(isset($_POST['submit'])) {
if(isset($_GET['go'])) {
if(preg_match("/[A-Z| a-z]+/", $_POST['name'])) {
$name=$_POST['name'];

//-query the database table
$sql="
SELECT
id,
COMPANY,
TOWN,
COUNTY,
ServiceStandards,
Active
FROM
main
WHERE
Active='Y' AND
COMPANY LIKE '%" . $name . "%' OR
TOWN LIKE '%" . $name . "%' AND
Active='Y' OR
ServiceStandards LIKE '%" . $name . "%' AND
Active='Y' OR
COUNTY LIKE '%" . $name . "%' AND
Active='Y'";
$result5=mysql_query($sql);
$numrows=mysql_num_rows($result5);

echo "<p>" .$numrows . " results found for " . stripslashes($name) . "</p>";

//-create while loop and loop through result set
while($numrow=mysql_fetch_assoc($result5)) {
$Company =$numrow['COMPANY'];
$Town=$numrow['TOWN'];
$County=$numrow['COUNTY'];
$ID=$numrow['id'];
$Service=$numrow['ServiceStandards'];

//-display the result of the array

echo "<ul>\n";
echo "<li><a href=\"test2.php?id=$ID\">" .$Company . "</a></li>\n";
echo "</ul>";
}
} else {
echo "<p>Please enter a search query</p>";
}
}
}

if(isset($_GET['by'])){
$letter=$_GET['by'];
$sql="
SELECT
*,
COMPANY,
COMPANY+0
FROM
main
WHERE
Active='Y' AND COMPANY LIKE '" . $letter . "%'
ORDER BY COMPANY
";
$result5=mysql_query($sql);
$result6=mysql_query($sql);
$rows=mysql_num_rows($result6);

echo "<p>" .$numrows . " results found for " . $letter . "</p>";
while($rows=mysql_fetch_array($result6)) {
$Company =$rows['COMPANY'];
$Town=$rows['TOWN'];
$County=$rows['COUNTY'];
$Post=$rows['POSTCODE'];
$ID=$rows['id'];

//-display the result of the array
echo "<ul>\n";
echo "<li>" . "<a href=\"test2.php?id=$ID\">" .$Company . "</a> <br/>" .$Town . ", " .$County. ", " .$Post."</li>\n";
echo "</ul>";
}
}

if(isset($_GET['id'])){
$contactid=$_GET['id'];
$sql="SELECT * FROM main WHERE Active='Y' AND id=" . $contactid;
$result7=mysql_query($sql);
while($row=mysql_fetch_array($result7)) {

$Company =$row['COMPANY'];
$Town=$row['TOWN'];
$County=$row['COUNTY'];
$Email=$row['Email'];
$Web=$row['Web'];

//-display the result of the array
echo 'Company Name: '. $row['COMPANY'] . '<br />';
echo 'Town: '. $row['TOWN'] . '<br/>';
echo 'Postcode: '. $row['POSTCODE'] . '<br/>';
echo 'Telephone: '. $row['TELEPHONE'] . '<br/>';
echo 'Email: '. $row['Email'] . '<br/>';
echo 'Web: ' . "<a href=".$Web.">" .$Web . "</a> <br/>\n";

echo ' '. '<br/>';
echo 'Service: '. $row['ServiceStandards'] . '</br>';
}
}
?>
</div>
<script type="text/javascript">
$(document).ready(function() {
$("#tip5").fancybox({
'scrolling' : 'no',
'titleShow' : false,
'onClosed' : function() {
$("#login_error").hide();
}
});
});
</script>



still more debugging after I make a slightly different version which runs on my system...

jmichae3
04-24-2012, 01:19 AM
this is how you do a list.

echo "<ul>\n";
//-create while loop and loop through result set
while($row=mysql_fetch_assoc($result5)) {
$userid=$row['userid'];
$uname=$row['username'];
$fname=$row['user_fname'];
$lname=$numrow['user_lname'];
$password=$numrow['password'];

//-display the result of the array

echo "<li><a href=\"1a.php?id=$ID\">" .$Company . "</a></li>\n";
}
echo "</ul>";

not this:

//-create while loop and loop through result set
while($row=mysql_fetch_assoc($result5)) {
$userid=$row['userid'];
$uname=$row['username'];
$fname=$row['user_fname'];
$lname=$numrow['user_lname'];
$password=$numrow['password'];

//-display the result of the array

echo "<ul>\n";
echo "<li><a href=\"1a.php?id=$ID\">" .$Company . "</a></li>\n";
echo "</ul>";
}

you want to display only *1* set of UL tags per list, not 1 set of UL's per list item... (that's messy).


also, when you are getting ANY input from the outside into the database via a query, make sure you filter that through mysql_real_escape_string(), it's a security precaution against hackers and spammers.

it is better to also check if the $_GET[] string is blank also. GET can be very garbage-bound sometimes. so if it's supposed to be an integer, convert it to an integer using int() and CHECK ITS RANGE for instance, if it's a database ID, you knoiw that AUTOINCREMENT always starts at 1, so check if it's >= 1.
these are security checks to prevent hacking. when it' converted to int(), there's not obvious need to use mysql_real_escape_string().
if(isset($_GET['id']) && int($_GET['id']) >= 1){
$uid=int($_GET['id']);
$sql="SELECT * FROM users WHERE user_id='$uid'"; //it's OK to not use mysql_real_escape_string here because it's an int()

ALWAYS after you are finished with a mysql_query resultset, free the results with mysql_free_result() or you will be using up resources on the server you don't need to AND be causing problems/hiccups with your own queries. in fact, doing so allows you to reuse the same resultset variable without pebalty (no strange behavior)!

I ran this through firebug in firefox, and it says $("#tip5").fancybox is not a function.

jmichae3
04-24-2012, 01:20 AM
I forgot one thing I was going to tell you, it was important.

jmichae3
04-24-2012, 01:39 AM
I noticed you had one entire section of row variables named $numrows.
if you want to get the count of a column, use the SQL keyword COUNT(somecolumnname) you will get 1 row which contains the count. there is also AVG, MIN and MAX and SUM.
COUNT can also be COUNT(DISTINCT columnname) which gives a count of only the unique items.

edbr
04-24-2012, 02:37 AM
@jmicheal3 please use code tags in your posts

jmichae3
04-24-2012, 10:43 AM
I would like to very much, but the reply link in email and quick-reply (same thing) both give me a VERY simplified editor which does not have the code tags. so I don't know if I can even put code tags in if they are not button-ized (maybe it's pure laziness on my part for not checking bbcode, or my unsureness about how this forum works - what's enabled when) hmm.

let me try something. I have no code buttons right now since I clicked on a reply link, what happens if I simply put in PHP bbcode tags like this:
<?php
if (isset($_GET['uid']) && int($_GET['uid']) >= 1) {
mysql_query("
SELECT
fname,
lname,
password
FROM
users
WHERE
user_id='".int($_POST['id'])."'", $link);
//...
}
?>

jmichae3
04-24-2012, 10:44 AM
it worked! well, anyway, pleasde fix the quick reply editor. thanks.

jmichae3
04-24-2012, 10:45 AM
edbr, do you have an SQL code tag? you guys need one if you don't. SQL is often discussed on this site.

edbr
04-24-2012, 12:04 PM
no use code