我正在为学生创建一个页面,他们可以通过三个不同的选项搜索他们的结果。我有问题。请指导我在哪里做错了
<form action="do_search.php" method="post">
<table width="540" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td height="30"><strong>Search Criteria</strong></td>
<td></td>
<td><label for="criteria"></label>
<select name="criteria" id="criteria">
<option>Seach by Name</option>
<option>Search by Father Name</option>
<option>Search by Roll No.</option>
</select></td>
</tr>
<tr>
<td height="30"> </td>
<td></td>
<td> </td>
</tr>
<tr>
<td width="150" height="30"><strong>Enter Value:</strong></td>
<td width="20"></td>
<td width="370"><input name="value" type="text" id="value" size="40" /></td>
</tr>
<tr>
<td height="10" colspan="3"></td>
</tr>
<tr>
<td height="30"></td>
<td></td>
<td>
<input name="submit" type="submit" value="Submit" id="submit_btn"/>
<input name="reset" type="reset" value="Reset" id="reset_btn" /> </td>
</tr>
<tr>
<td colspan="3" height="10"></td>
</tr>
</table>
</form>
do.search.php
<?php
include 'authentication.php';
include 'includes/dbConnect.php';
?>
<?php
$criteria = $_POST['criteria'];
$value = $_POST['value'];
if ($value == '')
{
$myURL = 'error.php?eType=no_value';
header('Location: '.$myURL);
exit;
}
if ($criteria == "search by name")
{
$result = mysql_query( "SELECT * FROM students WHERE Name = '$value'" ) or die("SELECT Error: ".mysql_error());
$num_rows = mysql_num_rows($result);
}
elseif ($criteria == "search by father name")
{
$result = mysql_query( "SELECT * FROM students WHERE Father_Name = '$value'" ) or die("SELECT Error: ".mysql_error());
$num_rows = mysql_num_rows($result);
}
elseif ($criteria == "search by roll no.")
$result = mysql_query( "SELECT * FROM students WHERE Roll_No. = '$value'" ) or die("SELECT Error: ".mysql_error());
$num_rows = mysql_num_rows($result);
?>
请指导我在哪里做错了。
答案 0 :(得分:2)
您的下拉值永远不会匹配,因为<option>Seach by Name</option>永远不会与$criteria == "search by name"匹配。
在您的表单中,我建议您执行以下操作:
<select name="criteria" id="criteria">
<option value="1">Seach by Name</option>
<option value="2">Search by Father Name</option>
<option value="3">Search by Roll No.</option>
</select>
然后在PHP中,通常比较它们是否阻塞或切换。
switch($criteria) {
case '1':
// do something
break;
case '2':
// do something
break;
case '3':
// do something
break;
}
旁注:我强烈建议切换到改进的版本API,即mysqli或使用PDO,并使用预准备语句。
粗略的例子(未经测试):
if(isset($_POST['criteria'], $_POST['value'])) {
$columns = array(1 => 'Name', 2, 'Father_Name', 3, 'Rol_No.');
$db = new mysqli('localhost', 'username', 'password', 'database');
$criteria = $_POST['criteria'];
if(!isset($columns[$criteria])) {
// column not found
exit;
}
$column_selected = $columns[$criteria];
$value = '%' . $_POST['value'] . '%';
$select = $db->prepare("SELECT * FROM students WHERE $column_selected LIKE ? ");
$select->bind_param('s', $value);
$select->execute();
if($select->num_rows > 0) {
// found
} else {
// none found
}
}
答案 1 :(得分:0)
首先,兄弟$_POST['criteria']获取空值无论何时编写搜索查询,请始终使用LIKE子句。
这是解决方案Rizwan sahib:
<select name="criteria" id="criteria">
<option name="name">Seach by Name</option>
<option name="father">Search by Father Name</option>
<option name"roll">Search by Roll No.</option>
</select>
<?php
$result = '';
if ($criteria == "name")
{
$result = mysql_query( "SELECT * FROM students WHERE Name LIKE '%$value'%" ) or die("SELECT Error: ".mysql_error());
$num_rows = mysql_num_rows($result);
}
elseif ($criteria == "father")
{
$result = mysql_query( "SELECT * FROM students WHERE Father_Name LIKE '%$value%'" ) or die("SELECT Error: ".mysql_error());
$num_rows = mysql_num_rows($result);
}
elseif ($criteria == "roll"){
$result = mysql_query( "SELECT * FROM students WHERE Roll_No. LIKE '%$value%'" ) or die("SELECT Error: ".mysql_error());
$num_rows = mysql_num_rows($result);
}
$row = mysql_fetch_array($result);
?>
“%”符号用于在模式之前和之后定义通配符(缺少字母)。
希望您找到解决方案