PHP search page help with code

Can someone take a look at this code and let me know what is wrong with it. I created a search page and when i test it out, the Tech, problem type, office and decsription fields return everything or nothing. It doesnt filter it out like it suppose to. I still pretty new with php so im completly lost

<?php require_once('Connections/calls.php'); ?>
<?php require_once("header.php"); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_calls, $calls);
$query_rstec = "SELECT technicianname FROM technician";
$rstec = mysql_query($query_rstec, $calls) or die(mysql_error());
$row_rstec = mysql_fetch_assoc($rstec);
$totalRows_rstec = mysql_num_rows($rstec);
?>

<?php include("dataaccess.php"); ?>
<?php include("functions.php"); ?>

 <link rel="stylesheet" type="text/css" href="callcenterreloaded.css">
 <h3>Search</h3>
 

<?php
$status = "";
$technician = "";
$categoryid = "";
$severity = "";
$firstname = "";
$lastname = "";
$email = "";
$description = "";
$i = 0;

if ((!empty($_POST)) || (!empty($_GET)))
{
	if (!empty($_POST['technician']))
		$technician =  $_POST['technician'];
	if (!empty($_POST['problemtype']))
		$categoryid =  $_POST['problemtype'];
	if (!empty($_POST['status']))
		$status =  $_POST['status'];
	if (!empty($_POST['severity']))
		$severity =  $_POST['severity'];
	if (!empty($_POST['firstname']))
		$firstname =  $_POST['firstname'];
	if (!empty($_POST['lastname']))
		$lastname =  $_POST['lastname'];
	if (!empty($_POST['email']))
		$email =  $_POST['email'];
	if (!empty($_POST['description']))
		$email =  $_POST['{description'];
		
	if (!empty($_GET['technician']))
		$technician =  $_GET['technician'];
	if (!empty($_GET['problemtype']))
		$categoryid =  $_GET['problemtype'];
	if (!empty($_GET['status']))
		$status =  $_GET['status'];
	if (!empty($_GET['severity']))
		$severity =  $_GET['severity'];
	if (!empty($_GET['firstname']))
		$firstname =  $_GET['firstname'];
	if (!empty($_GET['lastname']))
		$lastname =  $_GET['lastname'];
	if (!empty($_GET['email']))
		$email =  $_GET['email'];
	if (!empty($_GET['description']))
		$email =  $_GET['{description'];
		
	dbconnect();
	

if(!empty($HTTP_GET_VARS))
{	
if (!empty($HTTP_GET_VARS["orderby"]))
	$orderby = $HTTP_GET_VARS["orderby"];
if (!empty($HTTP_GET_VARS["order"]))		
	$order = $HTTP_GET_VARS["order"];
}


if(empty($orderby))
{
	$orderby = "severity";
}
if(empty($order))
{
	$order = "asc";
}
if ($order == "asc") 
	$order = "desc";
else if ($order == "desc") 
	$order = "asc";
else
    $order = "asc";
	
$whereClause  = "";
	
if (!empty($status)) 
{
    $whereClause = $whereClause . whereorand($i) . " status = '" . $status .  "'";
	$i = $i + 1;
}
if (!empty($technician)) 
{
    $whereClause = $whereClause . whereorand($i) . " assignedto  =" . $technician  ;
	$i = $i + 1;
}
if (!empty($categoryid)) 
{
    $whereClause = $whereClause . whereorand($i) . " categoryid =" . $categoryid  ;
	$i = $i + 1;
}
if (!empty($severity)) 
{
    $whereClause = $whereClause . whereorand($i) . " severity ='" . $severity . "'" ;
	$i = $i + 1;
}
if (!empty($firstname)) 
{
    $whereClause = $whereClause . whereorand($i) . " firstname like '%" . $firstname . "%'"  ;
	$i = $i + 1;
}
if (!empty($lastname)) 
{
    $whereClause = $whereClause . whereorand($i) . " lastname like '%" . $lastname . "%'"  ;
	$i = $i + 1;
}
if (!empty($email)) 
{
    $whereClause = $whereClause . whereorand($i) . " email like '%" . $email . "%'"  ;
	$i = $i + 1;
}
if (!empty($description))
{
    $whereClause = $whereClause . whereorand($i) . " description like '%" . $description . "%'"  ;
	$i = $i + 1;
}


// Number of records to display
$nb = 20;

if (!isset($_GET['page'])) $page = 1;
// Used for paging
else $page = intval($_GET['page']);

if (!isset($_GET['total']))
{
$result = mysql_query("Select count(*) as count from calls where status='Open'". mysql_error());
$total = mysql_result($result,'0','count');
}
else $total = intval($_GET['total']);


$debut = ($page - 1) * $nb;

	$result = mysql_query("select id, DATE_FORMAT(callstarted, '%m-%d-%y %h:%i %p') as callstarted, DATE_FORMAT(estimatedtime, '%m-%d-%y %h:%i %p') as estimatedtime, firstname, lastname, phonenumber, email, status, categoryid, severity, assignedto, description, resolution from calls " . $whereClause . " order by " . $orderby . " " .  $order .  mysql_error()); 
	if (!$result) {
	   die('Invalid query: ' . mysql_error());
	   }
	   
	$noofrows = mysql_num_rows($result);
	
	 
	   
	 echo "<br><div align=center>Total Number of calls found in your reports: " . $noofrows . "<br>";

 echo "<BR><table width=700 align=center border=0><tr bgcolor=#0066CC class=header><th class=header><a href='opencalls.php?orderby=callstarted&order=" . $order . "'>Call Started</a></th><th class=header><a href='opencalls.php?orderby=firstname&order=" . $order . "'>Full Name</a></th><th font class=header><a href='opencalls.php?orderby=severity&order=" . $order . "'>Severity</a></th><th class=header> <th class=header>Description</th></tr>n"; 


while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
	   echo "<tr bgcolor='#99CCFF'><td><a href='search_page.php?id=$row[id]'>" . $row["email"] ."</a></td><td>"  . $row["firstname"] . " " .  $row["lastname"] . "</td><td>" . $row["severity"]  ."</td><td>" . $row["estimatedtime"] . "</td><td>" . $row["description"] . "</td></tr>n";
}
echo "</table><br><br>";


$nbpages = ceil($total / $nb); 

for($i = 1;$i <= $nbpages;$i ++){
  echo '<a href="'.$_SERVER['PHP_SELF'].'?page='.$i.'&total='.$total.'&problemtype='.$categoryid.'&status='.$status.'&technician='.$technician.'&firstname='.$firstname.'&lastname='.$lastname.'&email='.$email.'&description='.$description.'">Page '.$i.'</a>';
  if($i < $nbpages) echo ' - ';
}
echo "</div>";
	   
mysql_free_result($result);

mysql_close();
}
else
{
?>
 
<div align=center><strong><em>Search By</em></strong></div>
<form action="Search.php" method="post">
<table align="center" width="480" border="0" cellspacing="1" cellpadding="1">
  <tr>
    <td bgcolor="#eeeeee">Status :</strong></td>
    <td><select name="status">
	<option value=""></option>
	<option value="Open">Open</option>
	<option value="Closed">Closed</option>
	</select></td>
  </tr>
   <tr>
    <td bgcolor="#eeeeee">Severity :</td>
    <td><select name="severity">
	<option value=""></option>
	
	<option value="High">High</option>	
	<option value="Medium">Medium</option>	
	<option value="Low">Low</option>		
	</select></td>
  </tr>
   <tr>
    <td bgcolor="#eeeeee">Technician :</strong></td>
    <td><?php listdropdownwithempty("technician", "technician");?></td>
  </tr>
  <tr>
    <td bgcolor="#eeeeee">Problem Type :</td>
    <td><?php listdropdownwithempty("problemtype", "category");?></td>
  </tr>
  <tr>
    <td bgcolor="#eeeeee">First Name :</td>
    <td><input name="firstname" type="text"></td>
  </tr>
   <tr>
    <td bgcolor="#eeeeee">Last Name :</td>
    <td><input name="lastname" type="text"></td>
  </tr>
  <tr>
    <td bgcolor="#eeeeee">Office :</td>
    <td><input name="phonenumber" type="text"></td>
  </tr>
  <tr>
    <td bgcolor="#eeeeee">Date Opened :</td>
    <td><input name="email" type="text"></td>
  </tr>
  <tr>
    <td bgcolor="#eeeeee">Description :</td>
    <td><input name="description" type="text"></td>
  </tr>
   <tr>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
   <tr>
    <td></td>
    <td><input class="buttonclass" name="" type="submit" value="  Search">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input class="buttonclass" name="" type="reset" value="  Reset">  </tr>
  </table>
</form>
<h2>As of right now, you can't search by Tech, Problem type or description. This is being worked on and will be up and running shortly!</h2>
<?php
}
?>
<?php //include("base.php");


 
mysql_free_result($rstec);
?>

if (!empty($_GET[‘description’]))
$email = $_GET[’{description’];

end office seems to be missing.

please use error_reporting(E_ALL); at the beginning of ur script to get notices about undefined variables.

Sponsor our Newsletter | Privacy Policy | Terms of Service