MySQL Query使用PHP搜索数据库

时间:2014-05-10 06:37:39

标签: php mysql sql

所以我要做的是运行搜索查询。我希望用户能够通过在HTML表单的框中输入搜索词来搜索mysql中的书籍数据库。然后,我希望根据用户输入的内容显示mysql数据。这很烦人,这在几个星期前工作,现在却没有。每当我运行脚本时,我都会收到以下消息:

  

警告:mysql_numrows()要求参数1为资源,布局在第52行的C:\ xampp \ htdocs \ Shopping Cart 2.0 \ search.php中给出

     

警告:mysql_fetch_array()期望参数1为资源,布局在第67行的C:\ xampp \ htdocs \ Shopping Cart 2.0 \ search.php中给出

我试过了mysql_error,但它告诉了我同样的事情。也许我把它放在错误的地方?无论如何,任何帮助将不胜感激。谢谢。

以下是引用的HTML表单:

<form action="search.php" method="GET">
<input type="text" name="query" alt="Search Books" value=" Search by ISBN, Author, or Title" 
maxlength="356" size="52" onfocus="if(this.value==this.defaultValue)this.value='';"     onblur="if(this.value=='')this.value=this.defaultValue;" />
<input type="submit" name="querybtn" value="Search Books"/>
 </form>

以下是php代码:

<?php
 $query= $_GET['query'];

$q1 = "(`Author(s)` LIKE '%" . $query . "%')";
$q2 = "(`Title` LIKE '%" . $query . "%')";
$q3 = "(`Price` LIKE '%" . $query . "%')"; 
$q4 = "(`Edition` LIKE '%" . $query . "%')";
$q5 = "(`Publication Date` LIKE '%" . $query . "%')";
$q6 = "(`ISBN-10` LIKE '%" . $query . "%')";
$q7 = "(`ISBN-13` LIKE '%" . $query . "%')";
$qfinal = $q1 . " OR " . $q2 . " OR " . $q3 . " OR " . $q4 . " OR " . $q5 . " OR " . $q6 . " OR " . $q7;

$qt1 = "SELECT * FROM accountingtextbooks WHERE " . $qfinal;
$qt2 = "SELECT * FROM anthropologytextbooks WHERE " . $qfinal;
$qt3 = "SELECT * FROM architecturetextbooks WHERE " . $qfinal;
$qt4 = "SELECT * FROM biologytextbooks WHERE " . $qfinal;
$qt5 = "SELECT * FROM businesstextbooks WHERE " . $qfinal;
$qt6 = "SELECT * FROM computersciencetextbooks WHERE " . $qfinal;
$qt7 = "SELECT * FROM economicstextbooks WHERE " . $qfinal;
$qt8 = "SELECT * FROM engineeringtextbooks WHERE " . $qfinal;
$qt9 = "SELECT * FROM geographytextbooks WHERE " . $qfinal;
$qt10 = "SELECT * FROM geologytextbooks WHERE " . $qfinal;
$qt11 = "SELECT * FROM historytextbooks WHERE " . $qfinal;
$qt12 = "SELECT * FROM mathematicstextbooks WHERE " . $qfinal;
$qt13 = "SELECT * FROM philosophytextbooks WHERE " . $qfinal;
$qt14 = "SELECT * FROM psychologytextbooks WHERE " . $qfinal;
$qt15 = "SELECT * FROM sociologytextbooks WHERE " . $qfinal;


$query = $qt1 . " UNION " . $qt2 . " UNION " . $qt3 . " UNION " . $qt4 . " UNION " . $qt5 . " UNION " . $qt6 . " UNION " . $qt7 . " UNION " . $qt8 . " UNION " . $qt9 . " UNION " . $qt10 . " UNION " . $qt11 . " UNION " . $qt12 . "UNION " . $qt13 . " UNION " . $qt14 . " UNION " . $qt15;

$result= mysql_query($query); 

$num = mysql_numrows($result);

echo "<table id='search' border='1'>

<tr>
<tr>
<th>Author(s)</th>
<th>Title</th>
<th>Price</th>
<th>Edition</th>
<th>Date</th>
<th>ISBN-10</th>
<th>ISBN-13</th>
</tr>";

while($row = mysql_fetch_array($result))
{
  echo "<tr>";
  echo "<td>" . $row['Author(s)'] . "</td>";
  echo "<td>" . $row['Title'] . "</td>";
  echo "<td>" . $row['Price'] . "</td>";
  echo "<td>" . $row['Edition'] . "</td>"; 
  echo "<td>" . $row['Publication Date'] . "</td>"; 
  echo "<td>" . $row['ISBN-10'] . "</td>"; 
  echo "<td>" . $row['ISBN-13'] . "</td>";
}

?>

编辑:这是我建立数据库连接的代码。

<?php 

 $username = "root";
 $password = "test";   
 $hostname = "localhost";
 $dbname = "thetextbookexpress";

//connection to the database
$dbhandle = mysql_connect($hostname, $username, $password) or die("Unable to connect to MySQL");
mysql_select_db($dbname, $dbhandle) or die('Could not select database.');

2 个答案:

答案 0 :(得分:1)

你在哪里连接数据库?

您应该像这样连接到mysql:

<?php
$link=@mysql_connect(/*host:*/'localhost',/*user:*/'root',/*password:*/'') or die('err/:'.mysql_error());

$db=mysql_select_db(/*database:*/'test') or die('err:'.mysql_error(),/*the resorce link that the warning is because*/$link);

$res=mysql_query($query);
?>

请注意SQL INJECTION并尝试使用PDO代替mysql_*来连接数据库。

并且警告说:

Warning: mysql_numrows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\Shopping Cart 2.0\search.php on line 52

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\Shopping Cart 2.0\search.php on line 67

表示您没有正确的连接,因此您应该查看mysql_connect,看看它是否有类似的错误:

$link=@mysql_connect(/*host:*/'localhost',/*user:*/'root',/*password:*/'') or die('err/:'.mysql_error());

答案 1 :(得分:1)

mysql_query函数失败并返回FALSE,这是一个布尔值,因为它在警告中被告知。检查您的查询以查找其中的一些错误。 See mysql_query reference

您可以在echo $query之前mysql_query($query)查找选择中的错误。使用联合时,最常见的问题是在每个select语句上使用不同的rown计数。

一些注意事项:

  1. mysql_*函数已弃用。您应该使用mysqli_*PDO代替。
  2. 在将表单输入附加到您的查询之前清理表单输入。