我的WHERE LIKE声明存在问题。理想情况下,我希望能够搜索多个术语(或只是1个或另一个)。现在,出于测试目的,我在测试表单中将其分开,然后选择我正在运行的函数类型。
目的: 请暂时忽略更新功能(我确定它和其他功能一样混乱,但我还没有在那里完成)。仍在尝试完成dFind()函数。此测试的目的是,我可以构建一个数据类,该类将创建一个类,将数据插入数据库,在数据库中搜索数据并将其拉出,更新该数据。到目前为止,每一步都是我的学习曲线,所以请耐心等待。
关于dFind(): 下面,如果我只是将查询保持为1,就像dFind()函数中的实例一样,它可以工作(名称是2中更重要的,但是一旦我开始工作,我需要搜索其他字段)。如果我在查询中添加“OR phone LIKE:phone”,那么它就不会提取正确的数据(我得到了所有内容)。我在phpmyadmin中测试了我的查询,但它工作得很好,所以我不确定这是我如何处理查询本身或我没有用php捕捉的东西(我也尝试添加'并逃避它,但那也没有帮助。)
你们有没有看到我在哪里出错了?提前致谢。此外,任何建议或方向,以实现我正在努力的功能更受欢迎。这些方法将被整合到一个小型数据库中,用于设置,搜索和更新消费者。
的index.php :
<\?php
require 'incl/con.php';
require 'incl/class.php';
?>
<!DOCTYPE html>
<html>
<head><title>Test 1 Million</title>
</head>
<body>
<h3>Pull data using classes</h3>
<form method="POST" action="index.php">
<table border="0">
<tr>
<td>ID (Required for update):</td><td><input type="text" name="id" maxlength="4"></td>
</tr>
<tr>
<td>Name:</td><td><input type="text" name="name"></td>
</tr>
<tr>
<td>phone:</td><td><input type="text" name="phone"></td>
</tr>
<tr>
<td>Insert<input type="radio" name="type" value="insert" checked="checked">Find<input type="radio" name="type" value="find">Update<input type="radio" name="type" value="update"></td><td><input type="submit" value="Submit"></td>
</tr>
</table>
</form>
<?
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$type = $_POST['type'];
$name = $_POST['name'];
$phone = $_POST['phone'];
$id = $_POST['id'];
$newData = new Data($name, $phone);
if ($type == 'insert') {
$newData->dInsert();
} elseif ($type == 'find') {
$newData->dFind();
} elseif ($type == 'update') {
if ($id != null && $name != null) {
$newData->dUpdate($id,$name,$phone);
} else {
echo 'Please enter, at minimum, the id and name fields.';
return false;
}
}
} else {
echo 'Please enter data in both fields and choose the correct option.';
}
?>
</body>
</html>
CON.PHP :
<\?php
# VARs
# set the current timezone (host is MST)
date_default_timezone_set("America/New_York");
#$host = "MY_HOST";
#$db = "MY_DB";
#$user = "MY_UN";
#$pw = "MY_PW";
CLASS.PHP :
<\?php
class Data {
private $dsn = "DSN STRING";
private $user = "MY_UN"; // I know this was already declared - was trying it within the class to see how it works, which does ok.
private $pw = "MY_PW"; // I know this was already declared - was trying it within the class to see how it works, which does ok.
private $opts = array( PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION );
public $name;
public $phone;
public function __construct($n,$p) {
$this->name = $n;
$this->phone = $p;
}
public function dInsert() {
try {
$DBH = new PDO($this->dsn, $this->user, $this->pw, $this->opts);
$STH = $DBH->prepare("INSERT INTO directory (name, phone) VALUES (:name, :phone)");
$STH->bindParam(':name', $this->name);
$STH->bindParam(':phone', $this->phone);
$STH->execute();
} catch(PDOException $e) {
echo "I'm sorry, Dave. I'm afraid I can't do that.<br />";
echo date("d/m/y : H:i:s", time()) . " - " . $e->getMessage();
file_put_contents('PDOErrors.txt', date("d/m/y : H:i:s", time()) . " - " . $e->getMessage() . "\n", FILE_APPEND);
$DBH = null;
}
$DBH = null;
}
public function dFind() {
try {
$DBH = new PDO($this->dsn, $this->user, $this->pw, $this->opts);
# $STH = $DBH->prepare('SELECT id, name, phone FROM directory WHERE name LIKE :name OR phone LIKE :phone');
# $STH = $DBH->prepare("SELECT * from directory WHERE name LIKE CONCAT('%', :name ,'%') OR phone LIKE CONCAT('%', :phone ,'%')");
$STH = $DBH->prepare("SELECT * from directory WHERE name LIKE :name OR phone LIKE :phone");
$STH->bindValue(':name', '%' . $this->name . '%');
$STH->bindValue(':phone', '%' . $this->phone . '%');
$STH->execute();
$STH->setFetchMode(PDO::FETCH_ASSOC);
while($row = $STH->fetch()) {
echo $row['id'] . " " . $row['name'] . ": " . $row['phone'] . "<br />";
}
} catch(PDOException $e) {
echo "I'm sorry, Dave. I'm afraid I can't do that.<br />";
echo date("d/m/y : H:i:s", time()) . " - " . $e->getMessage();
file_put_contents('PDOErrors.txt', date("d/m/y : H:i:s", time()) . " - " . $e->getMessage() . "\n", FILE_APPEND);
$DBH = null;
}
$DBH = null;
}
public function dUpdate($id,$name,$phone) {
$this->name = $name;
$this->phone = $phone;
try {
$DBH = new PDO($this->dsn, $this->user, $this->pw, $this->opts);
$STH = $DBH->prepare('UPDATE directory SET name = :name, phone = :phone WHERE id = :id');
$STH->bindValue(':id', $id);
$STH->bindValue(':name', '%' . $name . '%');
$STH->bindValue(':phone', '%' . $phone . '%');
$STH->execute();
$STH->setFetchMode(PDO::FETCH_ASSOC);
while($row = $STH->fetch()) {
echo $row['id'] . " " . $row['name'] . ": " . $row['phone'] . "<br />";
}
} catch(PDOException $e) {
echo "I'm sorry, Dave. I'm afraid I can't do that.<br />";
echo date("d/m/y : H:i:s", time()) . " - " . $e->getMessage();
file_put_contents('PDOErrors.txt', date("d/m/y : H:i:s", time()) . " - " . $e->getMessage() . "\n", FILE_APPEND);
$DBH = null;
}
$DBH = null;
}
}
- - - - - - - - - - - - - - - - - - - - - - - - 已解决 - - - - - - - - - - - - - - - - - - - - - - - -
使用@ mzedeler的建议(谢谢!)来自下面的帖子,即将dFind()查询更改为:
SELECT *
FROM directory
WHERE name LIKE :name
AND :name_provided = 1
OR phone LIKE :phone
AND :phone_provided = 1
使用以下内容替换dFind()中的绑定数据,它似乎正在起作用:
$STH->bindValue(':name', '%' . $this->name . '%');
$STH->bindValue(':phone', '%' . $this->phone . '%');
$STH->bindValue(':name_provided', empty($this->name) ? 0 : 1);
$STH->bindValue(':phone_provided', empty($this->phone) ? 0 : 1);
答案 0 :(得分:1)
运行查询时,问题可能是$this->phone为空。
在这种情况下,查询将是SELECT * FROM [...] OR WHERE phone LIKE '%%',它将始终返回所有内容。
解决方案:如果未提供电话标准,或省略(黑客警报!),请使用该列中永远不会出现的值。
另一种方法是将查询更改为
SELECT *
FROM directory
WHERE name LIKE :name
AND :name_provided = 1
OR phone LIKE :phone
AND :phone_provided = 1
如果定义了:phone_provided,则将$this->phone绑定为1,否则为0。与:name_provided一样。