0
我想做一个简单的搜索框旁边的标签组,搜索框只用于搜索电话类型,我做了这个代码和除搜索框外的每件事情工作。我这个错误: 注意:未定义指数:搜索php简单的搜索框与标签
<form action="" method="post" name="form" >
<body>
<script>
$(function() {
$("#xx").tabs();
});
</script>
<div id="xx" >
<ul>
<li><a href="#all">all phones</a></li>
<li><a href="#small">small</a></li>
<li><a href="#large">large</a></li>
<li><a href="#search">search:<input type="text" name="search">
</a></li>
</ul>
<?php
include 'db.php';
?>
<div id="all">
<?php
$res = mysql_query("SELECT * FROM table1");
while($row = mysql_fetch_array($res))
{
echo 'phone name'.$row[2];
echo 'phone type'.$row[3];
echo 'phone sise'.$row[4];
}
?>
</div>
<div id="small">
<?php
$res2 = mysql_query("SELECT * FROM table1 WHERE phonesize = 'small' ");
while($row = mysql_fetch_array($res2))
{
echo 'phone name'.$row[2];
echo 'phone type'.$row[3];
echo 'phone sise'.$row[4];
}
?>
</div>
<div id="large">
<?php
$res3 = mysql_query("SELECT * FROM table1 WHERE phonesize = 'large' ");
while($row = mysql_fetch_array($res3))
{
echo 'phone name'.$row[2];
echo 'phone type'.$row[3];
echo 'phone sise'.$row[4];
}
?>
</div>
<div id="large">
<?php
$search = $_POST['search'];
$res4 = mysql_query("SELECT * FROM table1 WHERE phonetype = '$search'");
while($row = mysql_fetch_array($res4))
{
echo 'phone name'.$row[2];
echo 'phone type'.$row[3];
echo 'phone sise'.$row[4];
}
?>
</div>
</form>
可以通过使用if(isset($ _ POST ['search'])来避免此错误)'但是这只是一个问题,你的代码很容易受到sql注入的影响,你必须使用PDO或MySQLi来获得更好的编码和安全性。 – 2013-08-03 01:24:03
将你的输入转换为mysql,这段代码基本上是SQL注入友好代码的一个例子 – zajd