[英]Php Syntax Help
我正在使用搜索功能,四天前工作正常,现在返回此错误
您的SQL语法有误; 检查与您的MySQL服务器版本相对应的手册,以在第1行的'AND state ='AZ'附近使用正确的语法
该行的正确语法是什么?
if($search_state !== "") {
$query .="AND state = '" . $search_state . " ' " ;
整个部分是:
$query = "SELECT id, name, contact, contact2, address1, address2, city, state, postalcode, country, location, workphone, fax, email, webaddress, region, rail, food, forest, metal, bulk, chem, general, paper FROM companies_new WHERE dummy = '' ORDER BY state ASC ";
if($search_co !== "") {
$query .= "AND name LIKE '%" . $search_co ."%' ";
}
if($search_first !== "") {
$query .= "AND contact LIKE '%" .$search_first."%' ";
}
if($search_last !== "") {
$query .= "AND contact LIKE '%" .$search_last."%' ";
}
if($search_city !== "") {
$query .="AND city = ' " . $search_city . " ' ";
}
if($search_state !== "") {
$query .="AND state = '" . $search_state . " ' " ;
}
您不能在ORDER BY
之后将WHERE
子句的AND
连词放入。 您的ORDER BY
子句必须位于整个WHERE
子句之后。
WHERE部分在代码中的AND之前,这是错误的。 这就是你想要的
$query = "SELECT id, name, contact, contact2, address1, address2, city, state, postalcode, country, location, workphone, fax, email, webaddress, region, rail, food, forest, metal, bulk, chem, general, paper FROM companies_new WHERE dummy = '' ";
if($search_co !== "") {
$query .= "AND name LIKE '%" . $search_co ."%' ";
}
...
$query .= " ORDER BY state ASC ";
另外,出于完整性考虑,您可以使代码更易于阅读:
$query .= "AND name LIKE '%$search_co%' ";
因为您的字符串用双引号引起来
您需要将AND语句放在where之后和sort_by之前。 将sort_by移动到php的末尾(附加到查询字符串),它应该可以工作。
尝试这个:
$query = "SELECT id, name, contact, contact2, address1, address2, city, state, postalcode, country, location, workphone, fax, email, webaddress, region, rail, food, forest, metal, bulk, chem, general, paper FROM companies_new WHERE dummy = '' ";
if($search_co !== "") {
$query .= "AND name LIKE '%".$search_co."%' ";
}
if($search_first !== "") {
$query .= "AND contact LIKE '%".$search_first."%' ";
}
if($search_last !== "") {
$query .= "AND contact LIKE '%".$search_last."%' ";
}
if($search_city !== "") {
$query .= "AND city = '".$search_city."' ";
}
if($search_state !== "") {
$query .= "AND state = '". $search_state."' " ;
}
$query.= "ORDER BY state ASC"
正如其他人所说,您的order by
声明order by
必须排在最后。 此外,查询的city =
部分中的城市名称周围有空格。 尽管这是有效的SQL语法,但只会返回城市名称被空格包围的结果。 我猜那不是您想要的。
另外,您可能希望通过添加更多字段到您的order by
。 现在,它将按状态排序,但是记录将按状态随机返回。 也许像
$query.= "ORDER BY state, city, name, id"
最后,仅供参考,如果您不仔细清理搜索输入,则此方法容易受到SQL注入的影响。
我认为这可能有效:
$query = "SELECT id, name, contact, contact2, address1, address2, city, state, postalcode, country, location, workphone, fax, email, webaddress, region, rail, food, forest, metal, bulk, chem, general, paper FROM companies_new ";
$conditions = array();
if(!empty($search_co)) {
$conditions[] = "name LIKE '%" . $search_co ."%' ";
}
if(!empty($search_first)) {
$conditions[] = "contact LIKE '%" .$search_first."%' ";
}
if(!empty($search_last)) {
$conditions[] = "contact LIKE '%" .$search_last."%' ";
}
if(!empty($search_city)) {
$conditions[] = "city = '" . $search_city . "' ";
}
if(!empty($search_state)) {
$conditions[] = "state = '" . $search_state . "' " ;
}
if (count($conditions) > 0) {
$query .= " WHERE " . implode(' AND ', $conditions);
}
$query .= " ORDER BY state ASC";
编辑:使用的原始版本为空,应该为空。 现在已修复。
编辑2:这还假设您已经使用mysql_real_escape_string或类似方法清理了变量。
注意,ORDER BY必须在WHERE子句之后。
implode接受一个数组并将其转换为在元素之间具有指定字符串的字符串。 因此,鉴于:
$myArray = array('A', 'B', 'C');
你可以做
$myString = implode(' and ', $myArray);
这会将“ A,B和C”放入$myString
。
另外,您似乎在单引号和双引号之间有空格,这将使查询如下:AND state ='AZ'可能不是您想要的。 您还可以通过使用以下语法来避免PHP中的其他引号和串联:
$query .= " AND state = '$search_state' ";
当然,我不得不提到,您应该清理输入内容以防止SQL注入。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.