使用PHP pdo的简单Mysql DB搜索-返回不正确的值
[英]Simple Mysql DB Search with PHP pdo - returning incorrect value
问题描述
I am developing a very basic php/mysql search. 
我正在开发一个非常基本的php / mysql搜索。 The search is based on a filter criteria of the value chosen from a dropdown menu. 搜索基于从下拉菜单中选择的值的过滤条件。 For this example I limited the filter to search all tables only. 对于此示例,我将过滤器限制为仅搜索所有表。 The tables are blog and pages . 这些表是blog和pages 。 I have been able to get a fully functional search using php mysqli style but I am running until a wall when using PDO style.. For the search using mysqli , a mysqli_query is executed and followed by mysqli_num_rows to count the number of rows of the results. 我已经能够使用php mysqli风格进行全功能搜索,但是使用PDO风格时我一直跑到墙前。对于使用mysqli的搜索,将执行mysqli_query ,然后执行mysqli_num_rows来计算结果的行数。 The main problem is the following: 主要问题如下:
The approach is a little different for the PDO style as I can't use rowCount . 对于PDO样式,该方法有些不同,因为我不能使用rowCount 。 I have to use fetchColumn in this manner shown HERE . 我必须按照此处所示的方式使用fetchColumn 。 The results for the PDO sytle search are incorrect and not displaying properly? PDO sytle搜索的结果不正确并且显示不正确? Test both searches with keyword blah . 使用关键字blah测试两个搜索。 The correct search will display 13 results. 正确的搜索将显示13个结果。
SEARCH-1 -Mysqli style SEARCH-1 -Mysqli样式
SEARCH-2 -PDOstyle SEARCH-2 -PDOstyle
mysqli mysqli的
include("db_con/db_con.php");
$search_output = "";
if(isset($_POST['searchquery']) && $_POST['searchquery'] != ""){
$searchquery = preg_replace('#[^a-z 0-9?!]#i', '', $_POST['searchquery']);
if($_POST['filter1'] == "All Tables"){
$sqlCommand = "(SELECT id, page_title AS title FROM pages WHERE page_title LIKE '%$searchquery%' OR page_body LIKE '%$searchquery%') UNION (SELECT id, blog_title AS title FROM blog WHERE blog_title LIKE '%$searchquery%' OR blog_body LIKE '%$searchquery%')";
}
$query = mysqli_query($db_conx, $sqlCommand) or die(mysql_error());
$count = mysqli_num_rows($query);
if($count > 0){
$search_output .= "<hr />$count results for <strong>$searchquery</strong><hr />$sqlCommand<hr />";
while($row = mysqli_fetch_array($query)){
$id = $row["id"];
$title = $row["title"];
$search_output .= "Item ID: $id - $title<br />";
} // close while
} else {
$search_output = "<hr />0 results for <strong>$searchquery</strong><hr />$sqlCommand";
}
}
pdo PDO
include("db_con/db_con.php");
$search_output = "";
if(isset($_POST['searchquery']) && $_POST['searchquery'] != ""){
$searchquery = preg_replace('#[^a-z 0-9?!]#i', '', $_POST['searchquery']);
if($_POST['filter1'] == "All Tables"){
$sqlCommand = "(SELECT COUNT(*) FROM pages WHERE page_title LIKE '%$searchquery%' OR page_body LIKE '%$searchquery%') UNION (SELECT COUNT(*) FROM blog WHERE blog_title LIKE '%$searchquery%' OR blog_body LIKE '%$searchquery%')";
$sql_prepare = $db_con->prepare($sqlCommand);
}
if($sql_prepare->execute()){
$count = $sql_prepare->fetchColumn();
if($count > 1){
if(isset($_POST['searchquery']) && $_POST['searchquery'] != ""){
$searchquery = preg_replace('#[^a-z 0-9?!]#i', '', $_POST['searchquery']);
if($_POST['filter1'] == "Whole Site"){
$sqlCommand = "(SELECT id, page_title AS title FROM pages WHERE page_title LIKE '%$searchquery%' OR page_body LIKE '%$searchquery%') UNION (SELECT id, blog_title AS title FROM blog WHERE blog_title LIKE '%$searchquery%' OR blog_body LIKE '%$searchquery%')";
$sql_prepare = $db_con->prepare($sqlCommand);
}
}
$search_output .= "<hr />$count results for <strong>$searchquery</strong><hr />$sqlCommand<hr />";
$query = $sql_prepare->fetchAll();
foreach($query as $row){
$id = $row["id"];
$title = $row["title"];
$search_output .= "Item ID: $id - $title<br />";
} // close while
} else {
$search_output = "<hr />0 results for <strong>$searchquery</strong><hr />$sqlCommand";
}
}
}
html HTML
<form method="POST" action="<?php echo $_SERVER['PHP_SELF'] ?>">
Search For:
<input name="searchquery" type="text" size="44" maxlength="88">
Within:
<select name="filter1">
<option value="All Tables">All Tables</option>
</select>
<input name="myBtn" type="submit">
<br />
</form>
1 个解决方案
解决方案1
1 已采纳 2014-01-03 00:38:32
Edit to include more complete form. 编辑以包括更完整的表格。
The only thing that is different from your mysqli solution is how you count the number of items in the result set. 与mysqli解决方案唯一不同的是如何计算结果集中的项目数。
include("db_con/db_con.php");
$search_output = "";
if(isset($_POST['searchquery']) && $_POST['searchquery'] != ""){
$searchquery = preg_replace('#[^a-z 0-9?!]#i', '', $_POST['searchquery']);
if($_POST['filter1'] == "All Tables"){
$sqlCommand = "(SELECT id, page_title AS title FROM pages WHERE page_title LIKE '%$searchquery%' OR page_body LIKE '%$searchquery%') UNION (SELECT id, blog_title AS title FROM blog WHERE blog_title LIKE '%$searchquery%' OR blog_body LIKE '%$searchquery%')";
}
$sql_result = $db_con->query($sqlCommand);
$query = $sql_prepare->fetchAll();
$count = count($query);
$search_output="";
foreach($query as $row){
$id = $row["id"];
$title = $row["title"];
$search_output .= "Item ID: $id - $title<br />";
}
echo $search_output;
}
When you are not using prepared statement, there is no need to do PDO::prepare. 当您不使用预处理语句时,则无需执行PDO :: prepare。 However it is a good practice to use prepared statement whether in mysqli or PDO.. 但是,在mysqli或PDO中使用预处理语句是一个好习惯。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.