Mysql的選擇多個查詢

Question

我有這個表：

------------------------------ 
|ID | name | employee_code | 
------------------------------ 
|24 | Robert | 20234  | 
------------------------------ 

和

------------------------------------- 
|ID | job_code |  team  | 
------------------------------------- 
|24 | 241124 | Robert, Eduard, Etc. | 
------------------------------------- 

我想通過員工代碼在第二個表進行搜索，我嘗試這樣：

$sql=mysql_query("SELECT * FROM works WHERE (SELECT name FROM employee WHERE employee_code LIKE '%".$_GET['employee_code']."%' AS searchname) team Like %searchname% "); 

結果：

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource 

Answer 1

嘗試此查詢 -

$employee_code = mysql_real_escape_string($_GET['employee_code']); 

$sql=mysql_query("SELECT w.* 
        FROM employee e 
        JOIN works w 
        ON w.team LIKE CONCAT('%', e.name ,'%') 
        WHERE employee_code LIKE '%$employee_code%'"); 

看到這個SQLFiddle例子 - http://sqlfiddle.com/#!2/8f8b7/1

Answer 2

您應該查看連接。

select * from table1 inner join table2 using (`ID`) where job_code = .... 

然後你有1排，兩個表結合在一起

還您使用mysql_ *功能，這些都不再維持請升級到mysqli_ *或PDO。

而且你需要逃避你的查詢，有一個SQL注入攻擊等在該代碼發生

Answer 3

這可能會告訴你什麼是錯的。

$sql=mysql_query("SELECT * FROM works WHERE (SELECT name FROM employee WHERE employee_code LIKE '%".$_GET['employee_code']."%' AS searchname) team Like %searchname% "); 
if (!$sql) 
    echo mysql_error(); 

你不應該只是假設您的查詢工作，然後進行使用該資源在另一個命令不檢查，它實際上是工作一樣。

你不應該做的另一件事就是將用戶輸入直接放入SQL查詢中，不用任何形式的轉義，因爲它可以使任何人都能完全控制你的數據庫。

SELECT * FROM works WHERE (SELECT name FROM employee WHERE employee_code LIKE '%".mysql_real_escape_string($_GET['employee_code'])."%' AS searchname) team Like %searchname% " 

Answer 4

你的SQL查詢是錯誤的嘗試這樣

SELECT * FROM works WHERE works.ID=employee.ID AND 
    employee.employee_code=".$_GET['employee_code']." 

Answer 5

SELECT * FROM table1 t1 INNER JOIN table2 t2 ON t1.employee_code = t2.job_code 

或

SELECT t1.id, t1.name, t2.team FROM table1 t1 INNER JOIN table2 t2 ON t1.employee_code = t2.job_code 

更清潔的結果