PHP
public function Search($searchinput)
{
$db = new Db();
$select = "SELECT * FROM tblusers WHERE name = '" . $searchinput . "' OR surname ='" . $searchinput . "'";
$result = $db->conn->query($select);
return $result;
}
if(isset($_POST["btnSearch"])){
try {
$searchinput = $_POST['btnSearch']; // remember to filter that variable since you can be easily attacked
$searchresult = $user->Search($searchinput);
}
catch(exception $e){
$feedback = $e->getMessage("no results");
}
}
HTML
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<input type="text" name="btnSearch" placeholder="search"/>
<input type="submit" value="search members" />
</div>
</div>
<div class="row">
<?php
if(is_object($searchresult))
while($row = $searchresult->fetch_array()) {
echo "<div><p>" . $row['surname'] . "</p></div>";
}
?>
</div>