如何基於多個參數搜索

Question

我遇到了我的搜索查詢問題。我嘗試搜索基於用戶輸入的數據庫，並限制它們查看某些細節，但它不起作用。我究竟做錯了什麼？

這裏是我的查詢：

if(isset($_GET['search_term'])) 
{ 


    $search_term = $_GET['search_term']; 
    $ind = 'IND'; 
    if(empty($search_term)){ 
    echo '<div class="alert-warning" id="alert_message">Error: enter your query parameter.</div>'; 
    }else{ 

    $query = "SELECT * FROM [info].[dbo].[customer] WHERE cust_no LIKE '%$search_term' OR branch LIKE $search_term AND cust_type != 'BUS' AND cust_type != 'GRP' AND cust_type != 'MGM' AND cust_type != 'INT'" ; 
    $check = sqlsrv_query($conn, $query); 

    #checks if the search was made 
         if($check == false){ 
          die(print_r(sqlsrv_errors(), true)); 
         } 

         #checks if the search brought some row and if it is one only row 
         if(sqlsrv_has_rows($check) != 1){ 
           echo '<div class="alert-warning" id="alert_message">Error: no data found for this query.</div>'; 


         } 

Answer 1

你不應該結合OR和AND這樣，它不會做你所期望的搭配多了很多。

你可能想是這樣的：

SELECT * FROM [info].[dbo].[customer] WHERE 
    (cust_no LIKE '%$search_term' OR branch LIKE $search_term) // are these conditions even valid sql? 
    AND cust_type != 'BUS' 
    AND cust_type != 'GRP' 
    AND cust_type != 'MGM' 
    AND cust_type != 'INT' 

注：你也應該考慮準備好的發言擺脫你現在有SQL注入的問題。

Answer 2

試試這個：

SELECT 
    * 
FROM 
    [ info ] .[ dbo ] .[ customer ] 
WHERE (
    cust_no LIKE '%sss%' 
    OR branch LIKE '%sss%' 
) 
    AND cust_type != 'BUS' 
    AND cust_type != 'GRP' 
    AND cust_type != 'MGM' 
    AND cust_type != 'INT' 

Answer 3

試試這個

$query = "SELECT * FROM [info].[dbo].[customer] WHERE cust_no LIKE '". %$search_term ."' OR branch LIKE '". %$search_term% ."' AND cust_type != 'BUS' AND cust_type != 'GRP' AND cust_type != 'MGM' AND cust_type != 'INT'" ;