0

I have this simple form wich allows to search and I want to show results into a DIV, so I am using ajax for it.

<script type="text/javascript">  
$(document).ready(function(){  
    $('#boton_cargar').click(function() {   

    var nombre = $("#nombre").val(); 
        $.ajax({ 
        type: "GET",           
        url: 'resultados.php?nombre='+nombre, 
            success: function(data) {  
                $('#resultados').html(data);  
                $('#resultados div').slideDown(1000);  
            }  
        });  
    });  

});  
</script> 




<form>
<input id="nombre" name="nombre" type="text" />

<input name="boton_cargar" id="boton_cargar" type="button" value="buscar" />
</form>

<div id="resultados">
   // I want to show results here
</div>

and this is resultados.php

<?php
include('loader.php'); //call db

$conn = new conection();
$rs = new RecordSet($conn);

if(isset($_GET['nombre']))

$sql="SELECT * FROM clientes INNER JOIN alquiler ON clientes.id_cliente = alquiler.id_cliente INNER JOIN insumos ON  insumos.id_insumo = alquiler.id_insumo WHERE `clientes`.`nombre` = {$_GET['nombre']}";
else
die('error');


unset($rs);
unset($conn);
?>

<?php foreach($resultados as $res){ ?> 
    <?php echo $res->nombre ?>
<?php }?>

I don't know what it's wrong, for example if I replace {$_GET['nombre']} for "jhon" I can get the results.

Hope can help me, thank u so much in advance!

Improve this question
3
  • warning your code is vulnerable to sql injection attacks! Commented Aug 27, 2013 at 23:00
  • where is the execution of $sql ? and where is the definition of $resultados? Commented Aug 27, 2013 at 23:02
  • instead of {$_GET['nombre']} try '".$_GET['nombre']."' Commented Aug 27, 2013 at 23:04

3 Answers 3

Reset to default
1

You need to put quotes around {$_GET['nombre']}

$sql="SELECT * FROM clientes INNER JOIN alquiler ON clientes.id_cliente = alquiler.id_cliente INNER JOIN insumos ON  insumos.id_insumo = alquiler.id_insumo WHERE `clientes`.`nombre` = '{$_GET['nombre']}'";
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Try by replacing the sql line with this:

$sql="SELECT * FROM clientes INNER JOIN alquiler ON clientes.id_cliente = alquiler.id_cliente INNER JOIN insumos ON  insumos.id_insumo = alquiler.id_insumo WHERE `clientes`.`nombre` = '" . $_GET['nombre'] . "'";
Improve this answer

Comments

0

Your problem is the query, that is not returning nothing because its format, try this:

$sql = "SELECT * FROM clientes INNER JOIN alquiler ON clientes.id_cliente = alquiler.id_cliente INNER JOIN insumos ON  insumos.id_insumo = alquiler.id_insumo WHERE `clientes`.`nombre` = '".$_GET['nombre']."'";

I hope that can help you.

Improve this answer

1 Comment

thanks for the answears! I am trying with 2 variables, maybe I am doing it wrong becouse it's not working url: 'resultados.php?nombre='+nombre'&insumos='+insumos, <select id="insumos" name="insumos"> <?php foreach($insumos as $in){ ?> <option id="<?php $in->id_insumo ?>"><?php echo $in->insumo ?></option> <?php }?> </select> if(isset($_GET['nombre']) && ($_GET['insumos'])) $sql="SELECT * FROM ....... WHERE clientes.nombre = '".$_GET['nombre']."' AND alquiler.id_insumo = '".$_GET['insumos']."'";

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.