0

i have an question about a command that won't give

Notice: Undefined index: q in C:\xampp\htdocs\Capstone - Copy\index.php on line 118

even if the field is empty i have this code for the site that's the only problem where if i don't put a value in my search it will give that error and can i erase the value of get when i reload the site so it will only give the default output that is the whole rows and pictures i'll put a print screen of the site the screen shot is the default view of the site.

>  <?php
> 
>                        $searchtext = $_GET['q'];
> 
> 
>                         $per_page =5;
>                         $pages_query = mysql_query("SELECT COUNT('PersonID') FROM persons");
>                         $pages = ceil(mysql_result($pages_query,0) / $per_page);
> 
>                         $page = (isset($_GET['page'])) ? (int)$_GET['page'] : 1;
>                         $start = ($page - 1) * $per_page;
> 
> 
>    $query=mysql_query("select * from persons where firstname like
> '%$searchtext' or lastname like '%$searchtext' order by date desc
> LIMIT $start,$per_page ");            while($test = mysql_fetch_array($query))
>           {
>               $id = $test['PersonID'];
> 
> 
> 
>                                 echo"<div class = content />";
>               echo"<img height=200 width=200 src='upload/". $test['Image'] ."'/>";
>               echo"" .$test['LastName']." ";
>               echo"". $test['MiddleName']. " ";
>               echo"". $test['FirstName']. "";
>               echo"<right> <a href ='view.php?PersonID=$id'>Edit</a></right>";
>               echo"<right> <a href ='del.php?PersonID=$id'>Delete</a></right>";
>                                 echo"</div>";
> 
> 
> 
>           }
>               if ($pages >=1 && $page <= $pages) {
>                            for ($x=1; $x<=$pages; $x++) {
>                            echo ($x == $page) ? '<strong><a href="?page='.$x.'">'.$x.' </a></strong> ' : '<a
> href="?page='.$x.'">'.$x.' </a>';
>                            }
>                          } ?>
> 
>

screen shot screenshot2

and here's the sample result that won't give an error because there's a default value

screenshot 3

Improve this question

2 Answers 2

Reset to default
1

You want to only run the query if $searchtext is not null. 

$searchtext = '';
if(isset($_GET['q'])) $searchtext = $_GET['q'];
if($searchtext) {
    //run query
    //display results
} else {
    //display normal page
}

Keep in mind that as you have this now, your begging for an SQL Injection attack. Please use PDO and bind the values.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

He wants to run the query if $searchText is null. His query then will return all missing persons!
1

Well if i understood you correctly this should help:

Change this: $searchtext = $_GET['q'];

to this: $searchText = isset($_GET['q']) ? mysql_real_escape_string($_GET['q']) : "";

WATCH OUT

Please do not use the mysql_* functions anymore and switch instead to the mysqli_ functions or PDO. mysql_ is with php 5.5 deprecated and won't be supported by php >= 5.5. In addition to this i should mention, that your script is vulnerable for mysql injections. Always escape your values before inserting them into a database query!

My code example contains the function mysql_real_escape_string which is like i told you deprecated. If you stick to mysql_* this is the least you can do to secure your application.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.