高级搜索PHP
[英]Advanced Search PHP
问题描述
I have an advanced search with 4 fields, only one name_first is mandatory 
我有4个字段的高级搜索,只有一个name_first是必需的
There are many variations of search as the other fields are not mandatory so I need a select statement that only selects the fields that have been populated, but there are so many variations 由于其他字段不是强制性的,因此搜索有很多变体,因此我需要一条select语句,该语句仅选择已填充的字段,但是变化如此之多
I have tried the below script but it does not show the correct information (I think it is completely wrong?!) 我已经尝试了以下脚本,但是它没有显示正确的信息(我认为这是完全错误的?!)
$name_first=$_GET["name_first"];
$status=$_GET["status"];
$type=$_GET["type"];
$manstaff=$_GET["manstaff"];
$result401=mysql_query("SELECT * FROM `hr_employees` WHERE
(name_first LIKE '$name_first%')
AND
(status LIKE '$status%')
AND
(manages_staff LIKE '$manstaff%');")or die('Error' . mysql_error());
Any ideas what the script above should be? 任何想法上面的脚本应该是什么? Basically if the field isnt completed it doesnt need to search for it? 基本上,如果该字段未完成,则不需要搜索吗?
1 个解决方案
解决方案1
0 已采纳 2016-01-25 21:31:39
First define your SQL with only the required criteria 首先仅使用所需条件定义SQL
$sql = "SELECT * FROM `hr_employees` WHERE (name_first LIKE '$name_first%')";
then add the optional criteria... optionally 然后添加可选条件...可选
if ($status) {
$sql .= " AND (status LIKE '$status%') ";
}
if ($manstaff) {
$sql .= " AND (manages_staff LIKE '$manstaff%')";
}
$result401=mysql_query($sql) or die ('Error' . mysql_error());
Incidentally, please consider updating your code to avoid using the deprecated mysql functions, and keep in mind that concatenating variables into your SQL like this makes your code vulnerable to SQL injection. 顺便说一句,请考虑更新代码以避免使用已过时的mysql函数,并请注意,将变量连接到SQL中这样会使代码容易受到SQL注入的攻击。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.