PHP : Search Data within MySQL Table using Prepared Statements by mysqli() and PDO

Two way to perform search operation  using prepare statement   on MySQL Database

1.  mysqli()  object oriented – save  in “searchData.php”

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<?php
$flag=false;
$c=5678;
$host = '127.0.0.1';
$user='root';
$pass='';
$database='university';

if( isset($_POST["submitButton"]) )
  {
     if(!empty($_POST["txtcode"]))
	  {

		$db= new mysqli($host,$user,$pass,$database) or die('Unable to connect');
		if ( ! $db->connect_error) 
		{
		echo 'Connected Sucessfully...';

		$c= $_POST["txtcode"];
		$stmt = $db->prepare('SELECT * FROM teacher  where t_code=?');
		$stmt->bind_param("i", $c);
		$stmt->execute();
		$stmt->bind_result($code, $name, $department,$subject);
		print '<table border="1">';
		//fetch records
		while($stmt->fetch()) {
	    print '<tr>';
    	print '<td>'.$code.'</td>';
	    print '<td>'.$name.'</td>';
    	print '<td>'.$department.'</td>';
	    print '<td>'.$subject.'</td>';
    	print '</tr>';
		}   
		
		print '</table>';
		//close connection
		$stmt->close();
		}
		else
	 	{
		$flag=true;
	 	}

		
}

}
?>
<body>

 <form actin="searchData.php" method="post">
 
  enter  code <input type="text"  name="txtcode" />
     <?php
         if( $flag==true)
		 {
			 echo "Field empty";
		 }
	 ?>
  <br />
  <input type="submit"  name="submitButton" />
 
 </form>
</body>
</html>


2. PDO

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<?php
$flag=false;
$host = '127.0.0.1';
$user = 'root';
$pass = '';
$dbname = 'university';

    				
  if( isset($_POST["submitButton"]) )
  {
	  if(!empty($_POST["txtcode"]))
	  {
	  	  
			$c= $_POST["txtcode"];
			echo "Entered  code is::".$c;
					
			try
			{
			$db = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);
			$result=$db->prepare('SELECT * FROM teacher  where t_code=?');	
			$result->bindParam(1,$c,PDO::PARAM_INT);			
			$result->execute();
			$result->setFetchMode(PDO::FETCH_ASSOC);
		    while($row = $result->fetch())
		    {
		 	echo  "<br/>".$row['T_code']."|".$row['T_Name']."|".$row['T_Dept']."|".$row['T_Subject'];
			}
	 		$db->close();
			}
					
			catch(PDOException $e)
			{
			echo $e->getMessage();
			}
	  }
	  else
	  {
		  $flag=true;
	  }

  }
?>
<body>

 <form actin="searchData.php" method="post">
 
  enter  code <input type="text"  name="txtcode" />
     <?php
         if( $flag==true)
		 {
			 echo "Field empty";
		 }
	 ?>
  <br />
  <input type="submit"  name="submitButton" />
 
 </form>
</body>
</html>


3. Here is Database

12may_1

Posted in PHP