变量$letter是英文字母。
如何在下面的查询中加上WHERE子句,以便它只返回title以与变量$letter相同的字母开头的结果?
$letter = $_GET['letter'];
$query2 = "select title, COUNT(*) as titlerows from submission
GROUP BY title
order by title asc
LIMIT $offset, $rowsperpage";
答案 0 :(得分:6)
$query2 = "select title, COUNT(*) as titlerows from submission WHERE title LIKE '$letter%'
GROUP BY title
order by title asc
LIMIT $offset, $rowsperpage";
编辑:
$letter = mysql_real_escape_string($_REQUEST['letter']);
$query2 = "SELECT `title`, COUNT(*) as `titlerows` from `submission`
WHERE `title` LIKE '".$letter."%'
GROUP BY `title` ASC
LIMIT $offset, $rowsperpage";
答案 1 :(得分:1)
WHERE `title` LIKE '$title%'
使用LIKE然后注意%,它表示没有或全部,这将返回标题开头为$ title
的所有记录答案 2 :(得分:0)
这应该这样做
$letter = $_GET['letter'];
$query2 = "SELECT title, COUNT(*) AS titlerows FROM submission WHERE title LIKE '$letter%'
GROUP BY title
order by title asc
LIMIT $offset, $rowsperpage";
答案 3 :(得分:0)
首先,你不应该直接将变量插入到SQL语句中,除非你可以100%确定它是安全的,即你只是在服务器端定义它并且它不包含用户可以制作/更改的数据。通常最好不要将任何变量插入到查询中以保证安全。
其次,正如其他问题提供了答案,我将演示一个更安全的版本:
$query = "SELECT * FROM submission WHERE title LIKE '" . mysql_real_escape_string($letter) . "%';";
%中使用的WHERE ... LIKE ...字符将匹配任意数量的字符,类似于正则表达式中的.*。另请注意,'_'可用于匹配任何单个字符。