You have 2 ways to do it, the first and most optimized is in the same sql, practically all database engines (MySql, Sql-Server, Oracle, Informix) are compatible with the comparator "Like ", this allows you to make" inaccurate "comparisons thanks to" Wildcards ", special characters that represent a specific group of characters. In this case, we will use the wildcard "%" (which is a string of any character and any size, possibly null) to "Search for a word" within a field of a table, as an example:
SELECT * FROM Personas WHERE Nombre like '%Pepito%'
This will return all people with any part of Nombre that matches "Pepito", names like "Juan Pepito Hernandez", "Pepito Alberto Gonzales", "ErnestoPepitoSinEspacios" and "Gonzales Pepito".
However, there are considerable differences if we alter the use of wildcards of like , for example like 'Pepito%' would only return "Pepito Alberto Gonzales", like '%Pepito' would only return "Gonzales Pepito".
On the other hand, something considerably less optimized but also works, is to return all the "Record Set" of the table, read each Row by storing them in your variable $row (as I think you are already doing) and use the function strpos in your if as follows:
if (strpos($row['cliente'] , $_POST['inputbuscarcliente'])){
//Este $row es coincide con el cliente buscado
}
Since strpos returns a character position in base 1 (if it finds the word, even at the beginning, it will return a number of the position being the initial 1) or False when it is not found, it is sufficient condition for the if . However, unless for other reasons you have to go through the entire table with your variable $row I advise you to use the like at the time of the query.
Try to use methods that prevent the known "SQL inject" if you plan to concatenate $_POST['inputbuscarcliente'] within the sql, such as this or read more here .