[英]Search through database doesn't work
任何人都可以帮助我...我想按名称或协议进行搜索Num,但它不起作用,它仅按名称进行搜索,
我绝对是计算机编程的初学者,当我想按协议编号进行搜索时,它仅显示数据库的第一条记录,并且仅按名称进行搜索非常有效,
'
mysql_select_db("aruba", $con);
$a1=$_POST['u_Name'];
$a2=$_POST['u_Agreement'];
$sql=" SELECT * FROM customer
WHERE Name like ('%$a1%')
OR AgreementNum ='$a2'
";
$q=mysql_query($sql);
$x=mysql_fetch_array($q);
?>
$q=mysql_query($sql);
$x=mysql_fetch_array($q);
?><table>
<tr><td><b>Customer Name:</b></td><td><?php echo" " ,$x['Name'];
?></td><?php
?><tr><td><b>Address:</b></td><td><?php echo"", $x['Address'];
?></td><?php
?><tr><td><b>Contact Person:</b></td><td><?php echo" " ,$x['Sales'];
?></td><?php
?><tr><td><b>Phone Number: </b></td><td><?php echo" ", $x['PhoneNum'];
?></td><?php
?><tr><td><b>Maintenance Agreement No:</b></td><td><?php echo" " ,$x['AgreementNum'];
?></td><?php
?><tr><td><b>Start Date:</b></td><td><?php echo" " ,$x['StartDate'];
?></td><?php
?><tr><td><b>End Date: :</b></td><td><?php echo" " ,$x['EndDate'];
?></td><?php
?><tr><td><b>Reseller Name:</b></td><td><?php echo" " ,$x['Reseller'];
?></td><?php
?><tr><td><b>Product Model:</b></td><td><?php echo" " ,$x['ModelNum'];
?></td><?php
?><tr><td><b>Remarks:</b></td><td><?php echo" " ,$x['Quantity'];
?></td><?php
mysql_close($con)
?>
'
select * from table where field in ('1','2','3')
尝试将您的陈述用括号括起来。 我不确定LIKE是否接受AND参数,但我认为这是问题的根源。 尝试:
$sql=" SELECT * FROM customer
WHERE (Name like ('%$a1%') )
OR ( AgreementNum ='$a2' )
";
另外,请注意以下几点:
想知道如果突然发生这种情况会怎样? (请勿在您的数据库上对此进行测试!)
$a2 = "'); DELETE FROM customer;--";
回答:
SELECT * FROM customer
WHERE (Name like ('%$a1%') )
OR ( AgreementNum =''); DELETE FROM customer;--' )
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.