使用PHP搜索显示所有数据库数据

时间:2014-03-18 11:20:06

标签: php database search

我正在尝试从数据库中搜索某些数据。搜索工作正常,但是如果单击搜索而不在表单中输入任何内容,则会显示数据库中的所有数据。无论如何我可以解决这个问题吗?

这是我的PHP代码。

$link=mysqli_connect("localhost","root","");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

$db_selected = mysqli_select_db($link,"AnimalTracker1");

if (!$db_selected)
  {
  die ("Can\'t use test_db : " . mysqli_error($link));
  }
$searchKeyword = $_POST['find']; // Sanitize this value first !!
   $sql=mysqli_query($link, "Select * FROM Locations WHERE `Animal_Type` LIKE '%$searchKeyword%' ");



if ($sql == FALSE)
{
  die($sql." Error on query: ".mysqli_error($link)); 
 }

while($result = mysqli_fetch_array($sql))
{
echo  $result ['Animal_Type'];
echo "<br>";
echo $result ['Latitude'];
echo "<br> ";
echo $result ['Longitude'];
echo " <br>";
echo $result ['Seen'];
echo " <br> ";
echo $result ['Time'];
echo "<br> ";
echo "<br> ";
}
//}
?>

2 个答案:

答案 0 :(得分:0)

确保$ searchKeyword具有(有效)值

$link=mysqli_connect("localhost","root","");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

$db_selected = mysqli_select_db($link,"AnimalTracker1");

if (!$db_selected)
  {
  die ("Can\'t use test_db : " . mysqli_error($link));
  }
// checks to see if $_POST['find'] is actually set.
if ( array_key_exists('find',$_POST) )
{
    $searchKeyword = $_POST['find']; // Sanitize this value first !!

   // sanitize $searchKeyword here

}

// checks to see if $searchKeyword has no value, or just contains empty space
if ( empty(trim($searchKeyword)) )
{
    echo "You must enter a search term";
} 
else
{
   $sql=mysqli_query($link, "Select * FROM Locations WHERE `Animal_Type` LIKE '%$searchKeyword%' ");

  if ($sql == FALSE)
  {
    die($sql." Error on query: ".mysqli_error($link)); 
  }

  while($result = mysqli_fetch_array($sql))
  {
    echo  $result ['Animal_Type'];
    echo "<br>";
    echo $result ['Latitude'];
    echo "<br> ";
    echo $result ['Longitude'];
    echo " <br>";
    echo $result ['Seen'];
    echo " <br> ";
    echo $result ['Time'];
    echo "<br> ";
    echo "<br> ";
  }
}
?>

答案 1 :(得分:0)

尝试从查询中$ searchKeyword的后面或前面删除&#34;%&#34; ,我猜它应该完成这项工作。 &#34;的&#34;匹配全部或不匹配时使用。因此,如果您发送一个空字符串,它将返回整个数据库。

相关问题
最新问题