-3
我這裏有我的代碼,和IM的股票有這樣的錯誤:過濾數據庫使用搜索按鈕
警告:請求mysql_query()預計參數1爲字符串,資源在C中給出:\ XAMPP \ htdocs中\ XAMPP \ elev8log \ \頁表\上線task.php 396
這裏是我的代碼:
<?php
$sql = mysql_query('select * from taskview where dept_id=(select deptid from users where username="'.$_SESSION['username'].'")');
//where empname="'.$_SESSION['username'].'" and req_dateapprove IS NULL');
//where req_approveuser="'.$_SESSION['username'].'" and req_dateapprove IS NULL'
if(isset($_POST['search'])) {
$search_term = mysql_real_escape_string($_POST['search_box']);
$search_term=mysql_real_escape_string($_POST['search_box']);
$sql.="WHERE req_code LIKE '%{$search_term} %'";
$sql.="OR req_date LIKE '%{$search_term} %'";
$sql.="OR req_status LIKE '%{$search_term} %'";
$sql.="OR req_dateneeded LIKE '%{$search_term} %'";
$sql.="OR req_approveuser LIKE '%{$search_term} %'";
$sql.="OR req_noteuser LIKE '%{$search_term} %'";
$sql.="OR req_datenote LIKE '%{$search_term} %'";
$sql.="OR form_name LIKE '%{$search_term} %'";
$sql.="OR itrf_type LIKE '%{$search_term} %'";
$sql.="OR username LIKE '%{$search_term} %'";
$sql.="OR itrf_details LIKE '%{$search_term} %'";
$sql.="OR itrf_date LIKE '%{$search_term} %'";
$sql.="OR comp_name LIKE '%{$search_term} %'";
$sql.="OR dept_name LIKE '%{$search_term} %'";
$sql.="OR dept_code LIKE '%{$search_term} %'";
$sql.="OR dept_id LIKE '%{$search_term} %'";
// $sql.="OR descriptionsql LIKE '%{$search_term}%'";
}
//THIS IS THE LINE 396------->>>>>>$query = mysql_query($sql) or die(mysql_error());
?>
<!-- Main content -->
<section class="content">
<div class="row">
<div class="col-xs-12">
<div class="box">
<div class="box-header">
<h3 class="box-title">List of Pending Task</h3>
</div><!-- /.box-header -->
<div class="box-body">
<table id="example2" class="table table-bordered table-hover">
<label><input type="radio" name="all" value="all" checked> All </label>
<label><input type="radio" name="all" value="wait"> Waiting for Feedback </label><thead>
<label><input type="radio" name="all" value="closed"> Closed</label><thead>
<form name="search_form" method="POST" action="task.php">
Search: <input type="text" name="search_box" value="" />
<input type="submit" name="search" value="search....">
</form>
<tr>
<th>Date of Request</th>
<th>Requestor Name</th>
<th>Form Type</th>
<th>Request Type</th>
<th>Date Needed</th>
<th>Status</th>
<th>Action</th>
</tr>
</thead>
<?php
// if(isset($_GET['req_code'])){
// }
while($row = mysql_fetch_array($query))
{
?>
<tr>
<td><?php echo date($row['req_date']); ?></td>
<td class="left"><?php echo htmlentities($row['username'], ENT_QUOTES, 'UTF-8'); ?></a></td>
<td><?php echo htmlentities($row['form_name'], ENT_QUOTES, 'UTF-8'); ?></td>
<td> <?php echo ($row['itrf_type']);?></td>
<td> <?php echo ($row['req_dateneeded']);?></td>
<td> <?php echo ($row['req_status']);?></td>
<td class="left"><a href="#proceed-<?php echo $row['req_code'];?>" data-toggle="modal"><button type="submit" class="btn btn-primary" name="approved">Manage Task</button></a>
</tr>
爲什麼你使用mysql_query它已被廢棄,請使用PDO或mysqli –
這段代碼很醜!你可以在這裏定義$ sql作爲資源:'$ sql = mysql_query('select * from tas ....)''。你不能連接後,$ sql不是一個字符串!你必須定義一個新的變量。 –