以下代碼可用於從數據庫中的表中搜索姓氏。用於獲取搜索領域是「Q」 這是查詢PHP mySQL搜索函數加入各個字段
$sims = mysql_query("SELECT * FROM electors
WHERE constituency = '$constituency'
AND ward = '$ward' AND (surname RLIKE '$q') LIMIT 18");
如果用戶輸入下列任何一種或其中任何的組合放在一起以任何順序,然後該查詢將無法正常工作。然而因爲它只是搜索的姓
標題,FIRST_NAME,初始,姓,後綴,推出無,電子郵件,電話
我想它從任何這些領域的匹配結果查詢無需重複結果。
這意味着如果例如我在KNIGHT中輸入了一個姓KNIGHT的人,如果我輸入ROBIN KNIGHT,它會找到任何名字爲ROBIN和KNIGHT的人,反之亦然。
只需將它們分割成一個OR聲明:
$sims = mysql_query("SELECT *
FROM `electors`
WHERE `constituency` = '$constituency'
AND `ward` = '$ward'
AND (`title` RLIKE '$q'
OR `first_name` RLIKE '$q'
OR `initial` RLIKE '$q'
OR `surname` RLIKE '$q'
OR `suffix` RLIKE '$q'
OR `roll_no` RLIKE '$q'
OR `email` RLIKE '$q'
OR `telephone` RLIKE '$q')
LIMIT 18");
不是最有效的查詢,但它會完成這項工作。
另外,請確保在執行該查詢前清潔$q。 SQL注入是一個主要問題。
$q = str_replace(" ", "|", $q);
$sims = mysql_query("SELECT DISTINCT * FROM electors
WHERE constituency = '$constituency'
AND ward = '$ward'
AND (title RLIKE '$q'
OR first_name RLIKE '$q'
OR initial RLIKE '$q'
OR surname RLIKE '$q'
OR suffix RLIKE '$q'
OR roll_no RLIKE '$q'
OR email RLIKE '$q'
OR telephone RLIKE '$q')
LIMIT 18");
但是真的你應該使用mysqli和預處理語句。
$stmt = $mysqli->prepare("SELECT DISTINCT * FROM electors
WHERE constituency = ?
AND ward = ?
AND (title RLIKE ?
OR first_name RLIKE ?
OR initial RLIKE ?
OR surname RLIKE ?
OR suffix RLIKE ?
OR roll_no RLIKE ?
OR email RLIKE ?
OR telephone RLIKE ?)
LIMIT 18");
$stmt->bind_param('ssssssssss', $constituency, $ward,
$q, $q, $q, $q, $q, $q, $q, $q, $q);
$stmt->execute();
對不起,我不明白你。你的帖子中有問題嗎? –
Urgs,SQL注入最好... – feeela
mysql擴展現在已被棄用:http://www.php.net/manual/en/faq.databases.php#faq.databases.mysql.deprecated – CodeZombie