<div class="title_box">Search</div> <form method="get" action="results.php" enctype="multipart/from-data"> <input type="text" name="user_query" class="newsletter_input" placeholder = "Ürün arayın" / > <input type="submit" name="search" class="button" value="HIZLI ARA" / > </form>
<?php if (isset($_GET['search'])) { $search_query = $_GET['user_query']; $get_pro = "SELECT * FROM product WHERE title LIKE '%search_query%' "; $run_pro = mysqli_query($con, $get_pro) or die(mysql_error()); while ($row_pro=mysqli_fetch_array($run_pro)) { $pro_id = $row_pro['id']; $pro_title = $row_pro['title']; $pro_descrip = $row_pro['descrip']; $pro_price = $row_pro['price']; $pro_way = $row_pro['way']; $pro_keywords = $row_pro['product_keywords']; echo '<div class="prod_box"> <div class="center_prod_box"> <div class="product_title"><a href="details.html">'.$pro_title.'</a></div> <div class="product_img"><a href="#"><img src=prod/'.$pro_way.' alt="" border="0" height="71" width="94"/></a></div> <div class="prod_price"><span class="reduce">750$</span> <span class="price">'.$pro_price.'$</span></div> </div> <div class="prod_details_tab"> <a href="#" class="prod_buy">Sepete Ekle</a> <a href=details.php?pro_id='.$pro_id.' class="prod_details">İncele</a> </div> </div>'; } } ?>
$search_query = '%'.$_GET['user_query'].'%'; // Create a prepared statement if($stmt = $mysqli -> prepare("SELECT * FROM product WHERE title LIKE ?")) { // Bind parameter $stmt -> bind_param("s", $search_query); $stmt -> execute(); $run_pro = $stmt->get_result(); while ($row = $run_pro->fetch_array(MYSQLI_ASSOC)) { $pro_id = $row['id']; // other code } }
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)