以下代码用于从数据库中的表中搜索姓氏。用于搜索的字段是'q' 这是查询
$sims = mysql_query("SELECT * FROM electors
WHERE constituency = '$constituency'
AND ward = '$ward' AND (surname RLIKE '$q') LIMIT 18");
但是,如果用户输入以下任何一个或任何组合以任何顺序放在一起,那么该查询将无法正常工作,因为它只搜索姓氏
title,first_name,initial,surname,suffix,roll no,email,phone
我希望在不重复结果的情况下搜索任何这些字段的匹配结果。
这意味着,如果我输入KNIGHT它会找到每个姓KNIGHT的人,如果我输入ROBIN KNIGHT,它会找到任何名字为ROBIN且姓氏为KNIGHT的人,反之亦然。
答案 0 :(得分:0)
将它们分成OR语句:
$sims = mysql_query("SELECT *
FROM `electors`
WHERE `constituency` = '$constituency'
AND `ward` = '$ward'
AND (`title` RLIKE '$q'
OR `first_name` RLIKE '$q'
OR `initial` RLIKE '$q'
OR `surname` RLIKE '$q'
OR `suffix` RLIKE '$q'
OR `roll_no` RLIKE '$q'
OR `email` RLIKE '$q'
OR `telephone` RLIKE '$q')
LIMIT 18");
不是最有效的查询,但它可以完成工作。
此外,请确保在执行该查询之前清除$q。 SQL注入是一个主要问题。
答案 1 :(得分:0)
$q = str_replace(" ", "|", $q);
$sims = mysql_query("SELECT DISTINCT * FROM electors
WHERE constituency = '$constituency'
AND ward = '$ward'
AND (title RLIKE '$q'
OR first_name RLIKE '$q'
OR initial RLIKE '$q'
OR surname RLIKE '$q'
OR suffix RLIKE '$q'
OR roll_no RLIKE '$q'
OR email RLIKE '$q'
OR telephone RLIKE '$q')
LIMIT 18");
但实际上你应该使用mysqli和预备语句。
$stmt = $mysqli->prepare("SELECT DISTINCT * FROM electors
WHERE constituency = ?
AND ward = ?
AND (title RLIKE ?
OR first_name RLIKE ?
OR initial RLIKE ?
OR surname RLIKE ?
OR suffix RLIKE ?
OR roll_no RLIKE ?
OR email RLIKE ?
OR telephone RLIKE ?)
LIMIT 18");
$stmt->bind_param('ssssssssss', $constituency, $ward,
$q, $q, $q, $q, $q, $q, $q, $q, $q);
$stmt->execute();