1. 首页
  2. 问答
  3. 高级搜索PHP,MySQL

高级搜索PHP,MySQL

2016-03-30 95 views
-1

我想在我的网站上设置高级搜索,但是当用户提交搜索时,如果有空字段,它会发送为NULL。我不知道如何排除空的参数。高级搜索PHP,MySQL

下面是搜索的形式:

<form> 
    <div class="form-group"> 
    <div class="col-sm-2"> 
     <label for="Author" class="control-label">Author</label> 
    </div> 
    <div class="col-sm-10"> 
     <input type="text" class="form-control" id="author" placeholder="Author" name="author"> 
    </div> 
    </div> 
    <div class="form-group has-feedback"> 
    <div class="col-sm-2"> 
     <label for="isbn" class="control-label">ISBN</label> 
    </div> 
    <div class="col-sm-10"> 
     <input type="text" class="form-control" id="isbn" placeholder="ISBN" name="isbn"> 
    </div> 
    </div> 
    <div class="form-group"> 
    <div class="col-sm-2"> 
     <label for="genre" class="control-label">Genre</label> 
    </div> 
    <div class="col-sm-10"> 
     <input type="text" class="form-control" id="genre" placeholder="Genre" name="genre"> 
    </div> 
    </div> 
    <div class="form-group"> 
    <div class="col-sm-2"> 
     <label for="tags" class="control-label">Tags</label> 
    </div> 
    <div class="col-sm-10"> 
     <input type="text" class="form-control" id="tags" placeholder="Tags" name="tags"> 
    </div> 
    </div> 
    <div class="form-group"> 
    <div class="col-sm-2"> 
     <label for="location" class="control-label">Location</label> 
    </div> 
    <div class="col-sm-10"> 
     <input type="text" class="form-control" id="location" placeholder="Location" name="location"> 
    </div> 
    </div> 

    <div class="form-group"> 
    <div class="col-sm-offset-2 col-sm-10"> 
     <button type="submit" name="AdvancedSearch" value="Search" class="btn btn-block btn-lg btn-primary">Search</button> 

    </div> 
    </div> 
</form>

下面是查询:

$sql = "select * 
      from Book_info 
      where user_id=$u_id 
      AND title like '%$_REQUEST[title]%' 
      AND location like '%$_REQUEST[location]%' 
      AND author like '%$_REQUEST[author]%' 
      AND tags like '%$_REQUEST[tags]%' 
      AND genre like '%$_REQUEST[genre]%' 
      OR ISBN='$_REQUEST[isbn]'";

来源

2016-03-30 user93

回答

0

首先,我觉得我应该对在直接注射请求的值宁愿prepared statements评论到查询字符串中。

您的问题最简单的解决办法是这样的:

<?php 

$sql="select * from Book_info where user_id=$u_id"; 

$title = $_REQUEST['title']; 
$location = $_REQUEST['location']; 

if($title != null) { 
    $sql .= " AND title like '%$title%'"; 
} 

if($location != null) { 
    $sql .= " AND location like '%$location%'"; 
} 

//and so on...

的想法是,你检查,如果该值为空,然后追加新的where子句来查询,只要值不为空(或者为空或者其他要添加的谓词)。

来源

2016-03-30 01:54:58

相关问题

 相关问题