1

I've developed a page that a user can use to search a variety of data in my database, however nothing gets displayed.

No errors or messages are displays it simply just refreshes the page.

bind_param is new to me so I have a feeling it may be an error in the line - $stmt->bind_param('s', $name);

I have compared to the database and all the table names and variable names are correct.

search.php

<html>
<?php 
include 'searchform.php';
include 'header.php';
if(isset($_POST['searchsubmit']))
{
        $name=$_POST['name'];

        if ($stmt = $connection->prepare ("SELECT * FROM users WHERE Username = '$name'")) 
        {
            $stmt->bind_param('s', $name);
            $stmt->execute();
            $stmt->bind_result($personresult);
            $stmt->fetch();
            print_r($personresult);
        } 
        else
        { 
            echo  "<p>Please enter a search query</p>"; 
        } 
    }
 else 
    {
     echo "NOT SET!";
     }

?>
</html>

Errors Displayed

Warning: session_start(): Cannot send session cookie - headers already sent

searchform.php:2 which is displayed underneath:

<br><br><br><br>
<?php
error_reporting(E_ALL); 
ini_set('display_errors', -1);
include 'header.php';
include 'connection.php';
?>
<br /><br />
<html>
    <header>
<link rel="stylesheet" type="text/css" href="web.css" />

<link rel="stylesheet" type="text/css" href="/web.css" />
    </header> 
    <body>
        <center>
            <h2>Search for people</h2>
        <br />
        Please enter the name you wish to search for<br /><br />
        <form method="post" action="search.php" id="searchform">
        <input  type="text" name="name"> 
        <input  type="submit" name="searchsubmit" value="Submit"> 
        </form><br /><br/>
        Or search people by category
Matt Murphy
  • 265
  • 2
  • 11
  • 3
    you are not handling errors that is why you don't get errors. look here for [mysqli error](http://php.net/manual/en/mysqli.error.php) handling. also what you can try is `error_reporting(E_ALL); ini_set('display_errors', -1);` at the top of the php part of your file – BRoebie Jan 05 '16 at 14:08
  • Okay sweet I've got that sorted, thankyou! – Matt Murphy Jan 05 '16 at 14:11
  • 1
    @MattMurphy you should always show errors like this when developing - but please remember removing it for production. – JimL Jan 05 '16 at 14:13
  • No problem those two lines of code will display all the errors your php gets. Can you update the question with the error you are getting. – BRoebie Jan 05 '16 at 14:13
  • Sure, I will post it now – Matt Murphy Jan 05 '16 at 14:15
  • 1
    @MattMurphy try [`ob_start();`](http://php.net/manual/en/function.ob-start.php) at the top of the php part of the page too under the error handling part:P. I added a link too for learning purposes. edit: after reading it again myself I am not sure it will work but please try. you'll never know – BRoebie Jan 05 '16 at 14:17
  • I've added my searchform code in, I get an error when i load the search form which is showed above then another error when I try and search, that states session's already been started. So i take it they're linked – Matt Murphy Jan 05 '16 at 14:20
  • ob_start(); had no affect im afraid! – Matt Murphy Jan 05 '16 at 14:21
  • 1
    @MattMurphy oke already thought so what if you put the `include 'searchform.php'; include 'header.php';` part inside the `if(isset($_POST['searchsubmit'])) {` part. edit: look at [this question](http://stackoverflow.com/q/8028957/5396496) maybe it will help. – BRoebie Jan 05 '16 at 14:22

1 Answers1

5

I think it should be like this:

    if ($stmt = $connection->prepare ("SELECT * FROM users WHERE Username = ?"))

With a ? as placeholder.

Got it from the examples here: http://php.net/manual/en/mysqli-stmt.bind-param.php

DaMaGeX
  • 693
  • 7
  • 18
  • 2
    upvoted - but could just remove the quotes around the placeholder. they aren't needed :) – JimL Jan 05 '16 at 14:07
  • Ahhh yes brilliant! However it doesn't display anything still, but I've noticed when I click submit it doesn't even show the echo "Please enter a search query". I think some of the text may be getting hidden behind things. Is it possible to do a messagebox to see if its hidden or not? – Matt Murphy Jan 05 '16 at 14:08
  • @MattMurphy I added a comment for you to learn how to handle errors – BRoebie Jan 05 '16 at 14:09
  • Sweet, i have the errors displayed so I'll figure them out. I'll accept your answer when it says I can :) thankyou – Matt Murphy Jan 05 '16 at 14:12
  • The error doesn't seem relevant to this code. I think it's better if you open a new question. – DaMaGeX Jan 05 '16 at 14:18