I have a form where a user can type in the firstname to search,

Question

0

Asked: May 27, 20262026-05-27T20:41:40+00:00 2026-05-27T20:41:40+00:00

I have a form where a user can type in the firstname to search,

0

I have a form where a user can type in the firstname to search, my query is not returning the correct results, what am I doing wrong?

$sfn = $_POST["Text1"];
$sql = "SELECT * FROM ex_usrs WHERE firstname LIKE '$sfn'";
...

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T20:41:41+00:00

Your query will only return rows where firstname is equal to $_POST["Text1"]. When you use LIKE you can use a wildcard (%) to represent any number of characters.

This will find rows where firstname starts with $_POST["Text1"].
```
SELECT * FROM ex_usrs WHERE firstname LIKE '$sfn%'
```
This will find rows where firstname ends with $_POST["Text1"].
```
SELECT * FROM ex_usrs WHERE firstname LIKE '%$sfn'
```
This will find rows where firstname contains $_POST["Text1"].
```
SELECT * FROM ex_usrs WHERE firstname LIKE '%$sfn%'
```

Note: Never use variables from $_POST without escaping them first. What if I searched for "O'Neil" (or worse "'; DROP TABLE ex_users; -- ")?

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a form where a user can type in the firstname to search,

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply