堆棧內存溢出
  簡體   English   中英

如何在MySQL的兩個不同字段中使用兩個變量進行搜索

[英]How can i Search using two variables in two different fields in MySQL

 原文  2011-02-05 18:05:12       php/ sql/ mysql/ mysql-error-1064

問題描述

這是我擁有的代碼-我無法使其工作: 

<?php require_once('../Connections/User.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
  $updateSQL = sprintf("UPDATE grade SET GSCode=%s, GSem=%s, GYear=%s, Grade=%s WHERE GStudNo=%s",
                       GetSQLValueString($_POST['GSCode'], "text"),
                       GetSQLValueString($_POST['GSem'], "text"),
                       GetSQLValueString($_POST['GYear'], "text"),
                       GetSQLValueString($_POST['Grade'], "text"),
                       GetSQLValueString($_POST['GStudNo'], "text"));

  mysql_select_db($database_User, $User);
  $Result1 = mysql_query($updateSQL, $User) or die(mysql_error());
}

mysql_select_db($database_User, $User);
$query_Recordset1 = sprintf("SELECT * 
           FROM grade 
          WHERE GSCode = '%s' AND GStudNo = '%s'",
        mysql_real_escape_string($_POST['a']),
        mysql_real_escape_string($_POST['b']));

$Recordset1 = mysql_query($query_Recordset1, $User) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
$query_Recordset1 = "SELECT * FROM grade WHERE GSCode = '$_POST[a]' $$ GStudNo =  '$_POST[b]'";
$Recordset1 = mysql_query($query_Recordset1, $User) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<form action="<?php echo $editFormAction; ?>" method="post" name="form1" id="form1">
  <table align="center">
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">GStudNo:</td>
      <td><?php echo $row_Recordset1['GStudNo']; ?></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">GSCode:</td>
      <td><input type="text" name="GSCode" value="<?php echo htmlentities($row_Recordset1['GSCode'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">GSem:</td>
      <td><input type="text" name="GSem" value="<?php echo htmlentities($row_Recordset1['GSem'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">GYear:</td>
      <td><input type="text" name="GYear" value="<?php echo htmlentities($row_Recordset1['GYear'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">Grade:</td>
      <td><input type="text" name="Grade" value="<?php echo htmlentities($row_Recordset1['Grade'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">&nbsp;</td>
      <td><input type="submit" value="Update record" /></td>
    </tr>
  </table>
  <input type="hidden" name="MM_update" value="form1" />
  <input type="hidden" name="GStudNo" value="<?php echo $row_Recordset1['GStudNo']; ?>" />
</form>
<p>&nbsp;</p>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

4 個解決方案

解決方案1
 2  2011-02-05 18:08:19

SQL在條件中使用AND ,而不在&&

解決方案2
 1 已采納  2011-02-05 18:08:44

使用AND代替&&

並使用sprintf保護您的變量: 

sprintf("SELECT * 
           FROM grade 
          WHERE GSCode = '%s' AND GStudNo = '%s'",
        mysql_real_escape_string($_POST['a']),
        mysql_real_escape_string($_POST['b']));

解決方案3
 1  2011-02-05 18:09:20

使用而不是&&。 

mysql_query("select * from table where `one`='$_POST[one]' and `two`='$_POST[two]'") or die (mysql_error());

解決方案4
 0  2011-02-05 18:08:41

我想你是說 

"SELECT * FROM grade WHERE GSCode = '{$_POST['a']}' and GStudNo = '{$_POST['b']}'"

不僅是“和”,還包括職位價值。 還是您實際上是想搜尋文字文本:'$ _ POST [s]'? 這仍然無法以您發布的方式工作,因為如果您不轉義,PHP字符串解析器將嘗試評估$_POST

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 搜索具有不同字段的兩個不同的MySQL表 如何在MySQL的兩個字段上使用max和min搜索? 如何在select2下拉列表中的兩個字段中進行搜索 MYSQL發現兩個文本字段有何不同? 我如何在MySQL中比較兩個字段並返回結果 如何將相同的字段用於兩種不同的形式? 如何使用codeigniter中的左連接的活動記錄顯示來自兩個不同表的字段? 如何將兩個不同的變量傳遞給View 使用ajax我如何將變量傳遞給兩個不同的php腳本 如何使用MySQL查詢搜索兩個字符的單詞?
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM