0
我有下面的代码,当表单填写完毕后从数据库返回行。问题是,除非填写了所有三个字段(名称,地址,类型),否则代码不会返回任何内容。我想要更改代码,以便让我们假设只填写了一个字段,它将只搜索那个字段。执行条款,如果字段为空
我想这得益于另一名成员帮助,但我想我可能已经实施了一个错误:
if (empty($name)) {
$nameClause='';
} else {
$nameClause="name='".$name."'";
}
.....
<?php
require("db_access.php");
function parseToXML($htmlStr)
{
$xmlStr=str_replace('<','<',$htmlStr);
$xmlStr=str_replace('>','>',$xmlStr);
$xmlStr=str_replace('"','"',$xmlStr);
$xmlStr=str_replace("'",''',$xmlStr);
$xmlStr=str_replace("&",'&',$xmlStr);
return $xmlStr;
}
$name=$_POST['name'];
$address=$_POST['address'];
$type=$_POST['type'];
// Opens a connection to a MySQL server
$connection=mysql_connect (localhost, $username, $password);
if (!$connection) {
die('Not connected : ' . mysql_error());
}
// Set the active MySQL database
$db_selected = mysql_select_db($database, $connection);
if (!$db_selected) {
die ('Can\'t use db : ' . mysql_error());
}
// Select all the rows in the markers table
$query = sprintf(
"SELECT * FROM markers WHERE name = '%s' AND address = '%s' AND type = '%s'",
mysql_real_escape_string($name),
mysql_real_escape_string($address),
mysql_real_escape_string($type)
);
$result = mysql_query($query);
if($result == false) {
die(mysql_error() . "<br />\n$query");
}
if(mysql_num_rows($result) == 0) {
user_error("No rows returned by:<br />\n$query");
}
header("Content-type: text/xml");
// Start XML file, echo parent node
echo '<markers>';
// Iterate through the rows, printing XML nodes for each
while ($row = @mysql_fetch_assoc($result)){
// ADD TO XML DOCUMENT NODE
echo '<marker ';
echo 'name="' . parseToXML($row['name']) . '" ';
echo 'address="' . parseToXML($row['address']) . '" ';
echo 'type="' . parseToXML($row['type']) . '" ';
echo 'lat="' . $row['lat'] . '" ';
echo 'lng="' . $row['lng'] . '" ';
echo '/>';
}
// End XML file
echo '</markers>';
?>
我取代。该:
$query = sprintf(
"SELECT * FROM markers WHERE name = '%s' AND address = '%s' AND type = '%s'",
mysql_real_escape_string($name),
mysql_real_escape_string($address),
mysql_real_escape_string($type)
);
与本
:
$query = sprintf(
"SELECT * FROM markers WHERE name = '%s' AND address = '%s' AND type = '%s'",
mysql_real_escape_string($name),
mysql_real_escape_string($address),
mysql_real_escape_string($type)
);
$result = mysql_query($query);
if($result == false) {
die(mysql_error() . "<br />\n$query");
}
if(mysql_num_rows($result) == 0) {
user_error("No rows returned by:<br />\n$query");
}
我把正是这种代码:(见我的代码编辑)我加了分号,因为这是给我“意外}”的错误,虽然现在我得到这个错误:注意:没有通过返回的行:SELECT * FROM标记WHERE型= '类型' – pufAmuf
对不起,我只是固定的错误:'mysql_real_escape_string($输入)'应该是:'mysql_real_escape_string($ _ POST [$输入])' 。 –
完美无瑕!谢谢你,你救了我很多时间:))! – pufAmuf