使用LIKE语句进行查询

时间:2015-05-13 16:11:57

标签: mysql mariadb sql-like

语言是PHP,数据库ORM是RedBean 

limitTo

查询 

if(isset($get['last']) || isset($get['first'])){        
    $query = '';
    $search_params = [];
    if(isset($get['first']) && !isset($get['last'])){
        //search only with first name
        $query .= ' AND name LIKE :first ';
        $search_params[':first'] = '%'.$get['first'].'%';
        $args['first'] = $get['first'];
    }
    else if(!isset($get['first']) && isset($get['last'])){
        //search only with last name
        $query .= ' AND name LIKE :last ';
        $search_params[':last'] = '%'.$get['last'].'%';
        $args['last'] = $get['last'];
    }
    else{
        //search with both first and last name
        $query = ' AND (name LIKE :first OR name LIKE :last) ';
        $search_params[':first'] = '%'.$get['first'].'%';
        $search_params[':last']  = '%'.$get['last'].'%';
        $args['first'] = $get['first'];
        $args['last'] = $get['last'];
    }   
    if($args['admin']){
        //if the user is the admin of the account they can see all transactions
        $args['transaction'] = admin_example($id, $query, $search_params);
    }else{
        //if the user is a member of the account and was involved in the transaction 
        $args['transaction'] = member_example($id,$user->email,$query,$search_params);
    }
}else{
    $args['transaction'] = false;
}

//get archived transaction the user was involved in matching search parameters
function admin_example($account_id,$query_segment,$search_params)
{
    $params = array_merge([':id'=>$account_id],$search_params);
    return R::getAll('SELECT name,tx_id,otp,property_type,property,ins_documents,active FROM transaction WHERE account_id=:id AND active="0" '.$query_segment.' ORDER BY name ASC',
        $params
    );
}

//get archived transaction the user was involved in for the current account and matching search parameters
function member_example($account_id,$email,$query_segment,$search_params)
{
    //gets transactions the account member is able to view.
    $params = array_merge([':account'=>$account_id,':email'=>$email],$search_params);
    return R::getAll('SELECT name,tx_id,otp,property,property_type,ins_documents,active FROM 
    transaction WHERE account_id=:account AND (primary_email=:email OR secondary_email=:email) AND active="0" '.$query_segment.' ORDER BY name ASC',
        $params
    );
}

假设以下内容:

  1. 我在输入的第一个名字输入“ABC”,在姓氏输入中输入“DEF”。
  2. 该表有1行,其中满足SELECT name,tx_id,otp,property_type,property,ins_documents,active FROM transaction WHERE account_id='1' AND active='0' AND (name LIKE '%ABC%' OR name LIKE '%DEF%') ORDER BY name ASC 条件。
  3. 所述行的名称列包含姓氏和名字,以逗号分隔,即active="0"

    4. 似乎无论在输入框中输入什么内容,记录总是被检索,当它不应该与LIKE语句中的任何一个匹配时。我不知道为什么,我想知道是否有我还能做什么?我已经在Flip, Tre列中添加了一个索引但没有骰子。我也尝试使用REGEXP但是我无法检索到这样的东西。

1 个答案:

答案 0 :(得分:2)

根据您的代码和显示问题的评论,看起来当表单上的lastfirst为空时,它们仍会传递给脚本。

这意味着传递isset()检查,但它们没有值(即空字符串,即'')。将此添加到您的or子句后,它会添加'%%',这显然会匹配任何值。

在将这些变量包含在查询中之前,您还需要检查并确保这些变量未设置为空字符串。您可以通过调用变量上的isempty()或针对空字符串''检查不等式来执行此操作。

相关问题
最新问题