PHP数据库搜索SQL麻烦

时间:2014-12-14 20:34:35

标签: php mysql sql search join

我的数据库中有三个表; ACTOR_DETAIL,MOVIE_ACTOR和MOVIE_TITLE。每个表的条目包括:

对于ACTOR_DETAIL(4个字段=演员序列号,姓名,生日,性别):

  

(ACTOR_SEQUENCE_NB)(NAME)(BIRTHDAY)(性别)

     

001 John 1/1/1964男

     

002 Dave 2/2/1980男

     

003 Jane 3/3/1975女性

对于MOVIE_TITLE(3个字段= MOVIE_SEQUENCE_NB,MOVIE TITLE,YEAR)

  

SSN名称城市

     

001 MovieTitleA 1987

     

002 MovieTitleB 2008

     

003 MovieTitleC 2014

和最后一个表MOVIE_ACTOR将两者结合在一起(3个字段= MOVIE_SEQUENCE_NB,ACTOR_SEQUENCE_NB,CHARACTER_PLAYED)

  

WSN SSN支付

     <00> 001 003主角(约翰,曾在MovieTitleC扮演主角)

     

003 001反对者(Jane,曾在MovieTitleA扮演反对者)

     <00> 002 003反英雄(Dave,曾参演过MovieTitleC,扮演反英雄)

我目前正在制作一个搜索表单,允许用户输入Worker的名称。然后搜索表单将获取输入名称,将其与相应的WSN匹配,获取WSN并将其与相应的SSN匹配,获取SSN,然后将其与相应的Store Name和City匹配,然后输出该信息(The Store) STORE_NAME表中的名称和城市。)

在我的标题为:searchform.html的文档中,这是制作表单的代码段:

<html> <head> 

<title>Search</title>
</head>
<body bgcolor=#ffffff>

<h2>Search</h2>

<form name="search" method="post" action="searchform.php">  

Name of Actor: <input type="text" name="find1" />

<input type="submit" name="search" value="Search" /> 

</form>

</body>

</html>

这是我的php文档:

<?php

include "config.php";

echo "<h2>Search Results:</h2><p>";

if(isset($_POST['search']))            
{
$find1 =$_POST['find1'];
$find2 =$_POST['find2'];
$field =$_POST['field'];
}

// We perform a bit of filtering
$find1 = strtoupper($find1);
$find1 = strip_tags($find1);
$find1 = trim ($find1);

$find2 = strtoupper($find2);
$find2 = strip_tags($find2);
$find2 = trim ($find2);

//Now we search for our search term, in the field the user specified
$iname = mysql_query("select ACTOR_DETAIL.ACTOR_SEQUENCE_NB, MOVIE_SEQUENCE_NB.MOVIE_TITLE, MOVIE_SEQUENCE_NB.YEAR_FILMED
from MOVIE_ACTOR join
     ACTOR_DETAIL 
     on MOVIE_ACTOR.ACTOR_SEQUENCE_NB = ACTOR_DETAIL.ACTOR_SEQUENCE_NB join
     MOVIE_TITLE 
     on MOVIE_ACTOR.MOVIE_SEQUENCE_NB = MOVIE_TITLE.MOVIE_SEQUENCE_NB
where ACTOR_DETAIL.NAME = "$find1")

or die(mysql_error());

//And we display the results
while($result = mysql_fetch_array($iname ))
{
echo "<b>Movie Name:</b> " .$result['MOVIE_TITLE'];
echo "<br> ";
echo "<b>Year:</b> ".$result['YEAR_FILMED'];
echo "<br>";
echo "<br>";
}

$anymatches = mysql_num_rows($iname);
if ($anymatches == 0)
{
echo "Sorry, but there aren't any movies with that combination of actors!<br><br>";
}

?>

我已经省略了数据库连接,但我已经确认它有效。我的错误似乎与SQL语句有关,但我不太确定它是什么。有人可以帮忙吗?

1 个答案:

答案 0 :(得分:0)

您没有在查询中转义您的值。其中一项更正应该是.. 

$iname = mysql_query('select ACTOR_DETAIL.ACTOR_SEQUENCE_NB, MOVIE_SEQUENCE_NB.MOVIE_TITLE, MOVIE_SEQUENCE_NB.YEAR_FILMED
from MOVIE_ACTOR join
     ACTOR_DETAIL 
     on MOVIE_ACTOR.ACTOR_SEQUENCE_NB = ACTOR_DETAIL.ACTOR_SEQUENCE_NB join
     MOVIE_TITLE 
     on MOVIE_ACTOR.MOVIE_SEQUENCE_NB = MOVIE_TITLE.MOVIE_SEQUENCE_NB
where ACTOR_DETAIL.NAME = "'.$find1.'"');

此外,有人不太可能使用与存储在数据库中的EXACT相同的Actor名称进行搜索。可能值得使用%LIKE%或MATCH。

相关问题
最新问题