I want to know the below code is correct or not?
$sql = mysql_query(“SELECT * FROM searchengine WHERE pagecontent LIKE ‘%$_GET[term]%’ LIMIT 0,$_GET[results]”);
while($ser = mysql_fetch_array($sql)) {
echo “
$ser[pageurl]
”;}
}
Short answer, no.
Don’t use mysql_ functions. Do use mysqli_ or PDO.
Use prepared statements. Using a get variable directly in a query makes it even easier to kill your database.
In an echo/ print statement you cannot directly use an array. It either has to be surrounded by brackets, or be outside on the enclosed quotes. *note this only applies to function calls and any type of array with indexing. A regular variable is fine inside of double quotes.