Index.php
<script src=“http://ajax.googleapis.com/ajax/libs/jquery/1.3/jquery.min.js” type=“text/javascript”></script>
<script src=“http://tab-slide-out.googlecode.com/files/jquery.tabSlideOut.v1.3.js”></script>
<script type=“text/javascript”>$(function() {$(‘input[type=text]’).focus(function() {$(this).val(‘’)});});</script>
<script type=“text/javascript”>
$(document).ready(function(){
$(“input[type=radio]”).click(function(){
$(“.box”).val(this.value);
});
});
</script>
<script language=“javascript” type=“text/javascript”>
<!–
//Browser Support Code
function ajaxFunction(){
var ajaxRequest;
try{
// Opera 8.0+, Firefox, Safari
ajaxRequest = new XMLHttpRequest();
} catch (e){
// Internet Explorer Browsers
try{
ajaxRequest = new ActiveXObject(“Msxml2.XMLHTTP”);
} catch (e) {
try{
ajaxRequest = new ActiveXObject(“Microsoft.XMLHTTP”);
} catch (e){
return false;
}
}
}
// Create a function that will receive data sent from the server
ajaxRequest.onreadystatechange = function(){
if(ajaxRequest.readyState == 4){
var ajaxDisplay = document.getElementById(‘ajaxDiv’);
ajaxDisplay.innerHTML = ajaxRequest.responseText;
}
}
var search_value_p = document.getElementById(‘search_value’).value;
var search_value_c = document.getElementById(‘search_value’).value;
var search_value_d = document.getElementById(‘search_value’).value;
var queryString = “?search_value_p=” + search_value_p + “&search_value_c=” + search_value_c + “&search_value_d=” + search_value_d;
ajaxRequest.open(“GET”, “get_results.php” + queryString, true);
ajaxRequest.send(null);
}
//–>
</script>
<span class=“medfont”>Search by:</span>
<form id=“searchSelect” action=“get_results.php”>
<input type=“radio” id=“search_value” name=“search_value” value=“Enter Professor Name”>Professor
<input type=“radio” id=“search_value” name=“search_value” value=“Enter Course (e.g. COM 310)”>Course
<input type=“radio” id=“search_value” name=“search_value” value=“Enter Major (e.g. Business)”>Major
<input class=“box” type=“text” name=“searchQuery” value=“Select an option…” class=“textField clearMeFocus” onclick=‘ajaxFunction()’ />
<input type=“submit” onclick=‘ajaxFunction()’ value=‘Search’ />
</form>
<div id=‘ajaxDiv’>Your result will display here</div>
get_results.php
<?php
$dbhost = “###”;
$dbuser = “###”;
$dbpass = “###”;
$dbname = “###”;
//Connect to MySQL Server
mysql_connect($dbhost, $dbuser, $dbpass);
//Select Database
mysql_select_db($dbname) or die(mysql_error());
// Retrieve data from Query String
$search_value_pref = $_GET[‘search_value’];
$search_value_code = $_GET[‘search_value’];
$search_value_dName= $_GET[‘search_value’];
$search_value_profName= $_GET[‘search_value’];
// Escape User Input to help prevent SQL Injection
$search_value_pref = mysql_real_escape_string($search_value_pref);
$search_value_code = mysql_real_escape_string($search_value_code);
$search_value_dName = mysql_real_escape_string($search_value_dName);
$search_value_profName = mysql_real_escape_string($search_value_profName);
//build query
$query = “SELECT prefix, code, name, lname, fname
FROM Course, Course_Department, Department, Professor
WHERE Course.prefix = ‘$search_value_pref’ AND Course.code=‘$search_value_code’
OR Department.name = ‘$search_value_dName’
OR Professor.lname = ‘$search_value_profName’;”;
/*if(is_numeric($search_value_pref))
$query .= " AND ae_age <= $age";
if(is_numeric($wpm))
$query .= " AND ae_wpm <= $wpm";
//Execute query
*/
$qry_result = mysql_query($query) or die(mysql_error());
//Build Result String
$display_string = “<table>”;
$display_string .= “<tr>”;
$display_string .= “<th>Value</th>”;
$display_string .= “</tr>”;
// Insert a new row in the table for each person returned
while($row = mysql_fetch_array($qry_result)){
$display_string .= “<tr>”;
$display_string .= “<td>$row[search_value]</td>”;
$display_string .= “</tr>”;
}
echo "Query: " . $query . “<br />”;
$display_string .= “</table>”;
echo $display_string;
?>
Can anyone help me here? Trying to allow users to search by professor name(composed of ‘lname’ and ‘fname’ attributes in the db) OR by course(‘prefix’, ‘code’ in db) OR by Major (‘name’ in db)
Dont worry about the connection strings, I edited them for privacy . What is going wrong here? Can anyone please show me a solution?
Thank you so much.