我的代码在这里,并且我有这个错误:
警告:mysql_query()要求参数1为字符串,资源在第396行的C:\ xampp \ htdocs \ xampp \ elev8log \ pages \ tables \ task.php中给出
这是我的代码:
<?php
$sql = mysql_query('select * from taskview where dept_id=(select deptid from users where username="'.$_SESSION['username'].'")');
//where empname="'.$_SESSION['username'].'" and req_dateapprove IS NULL');
//where req_approveuser="'.$_SESSION['username'].'" and req_dateapprove IS NULL'
if(isset($_POST['search'])) {
$search_term = mysql_real_escape_string($_POST['search_box']);
$search_term=mysql_real_escape_string($_POST['search_box']);
$sql.="WHERE req_code LIKE '%{$search_term} %'";
$sql.="OR req_date LIKE '%{$search_term} %'";
$sql.="OR req_status LIKE '%{$search_term} %'";
$sql.="OR req_dateneeded LIKE '%{$search_term} %'";
$sql.="OR req_approveuser LIKE '%{$search_term} %'";
$sql.="OR req_noteuser LIKE '%{$search_term} %'";
$sql.="OR req_datenote LIKE '%{$search_term} %'";
$sql.="OR form_name LIKE '%{$search_term} %'";
$sql.="OR itrf_type LIKE '%{$search_term} %'";
$sql.="OR username LIKE '%{$search_term} %'";
$sql.="OR itrf_details LIKE '%{$search_term} %'";
$sql.="OR itrf_date LIKE '%{$search_term} %'";
$sql.="OR comp_name LIKE '%{$search_term} %'";
$sql.="OR dept_name LIKE '%{$search_term} %'";
$sql.="OR dept_code LIKE '%{$search_term} %'";
$sql.="OR dept_id LIKE '%{$search_term} %'";
// $sql.="OR descriptionsql LIKE '%{$search_term}%'";
}
//THIS IS THE LINE 396------->>>>>>$query = mysql_query($sql) or die(mysql_error());
?>
<!-- Main content -->
<section class="content">
<div class="row">
<div class="col-xs-12">
<div class="box">
<div class="box-header">
<h3 class="box-title">List of Pending Task</h3>
</div><!-- /.box-header -->
<div class="box-body">
<table id="example2" class="table table-bordered table-hover">
<label><input type="radio" name="all" value="all" checked> All </label>
<label><input type="radio" name="all" value="wait"> Waiting for Feedback </label><thead>
<label><input type="radio" name="all" value="closed"> Closed</label><thead>
<form name="search_form" method="POST" action="task.php">
Search: <input type="text" name="search_box" value="" />
<input type="submit" name="search" value="search....">
</form>
<tr>
<th>Date of Request</th>
<th>Requestor Name</th>
<th>Form Type</th>
<th>Request Type</th>
<th>Date Needed</th>
<th>Status</th>
<th>Action</th>
</tr>
</thead>
<?php
// if(isset($_GET['req_code'])){
// }
while($row = mysql_fetch_array($query))
{
?>
<tr>
<td><?php echo date($row['req_date']); ?></td>
<td class="left"><?php echo htmlentities($row['username'], ENT_QUOTES, 'UTF-8'); ?></a></td>
<td><?php echo htmlentities($row['form_name'], ENT_QUOTES, 'UTF-8'); ?></td>
<td> <?php echo ($row['itrf_type']);?></td>
<td> <?php echo ($row['req_dateneeded']);?></td>
<td> <?php echo ($row['req_status']);?></td>
<td class="left"><a href="#proceed-<?php echo $row['req_code'];?>" data-toggle="modal"><button type="submit" class="btn btn-primary" name="approved">Manage Task</button></a>
</tr>
答案 0 :(得分:0)
您缺少应该进行查询的表,其次不使用mysql使用PDO或mysqli。
<?php
$sql = mysql_query('select * from taskview where dept_id=(select deptid from users where username="' . $_SESSION['username'] . '")');
if (isset($_POST['search'])) {
$search_term = mysql_real_escape_string($_POST['search_box']);
$sql = "select from `table` "; //add this which table
$sql.="WHERE req_code LIKE '%{$search_term} %'";
$sql.="OR req_date LIKE '%{$search_term} %'";
$sql.="OR req_status LIKE '%{$search_term} %'";
$sql.="OR req_dateneeded LIKE '%{$search_term} %'";
$sql.="OR req_approveuser LIKE '%{$search_term} %'";
$sql.="OR req_noteuser LIKE '%{$search_term} %'";
$sql.="OR req_datenote LIKE '%{$search_term} %'";
$sql.="OR form_name LIKE '%{$search_term} %'";
$sql.="OR itrf_type LIKE '%{$search_term} %'";
$sql.="OR username LIKE '%{$search_term} %'";
$sql.="OR itrf_details LIKE '%{$search_term} %'";
$sql.="OR itrf_date LIKE '%{$search_term} %'";
$sql.="OR comp_name LIKE '%{$search_term} %'";
$sql.="OR dept_name LIKE '%{$search_term} %'";
$sql.="OR dept_code LIKE '%{$search_term} %'";
$sql.="OR dept_id LIKE '%{$search_term} %'";
// $sql.="OR descriptionsql LIKE '%{$search_term}%'";
}
答案 1 :(得分:0)
您的sql格式不正确。使用此
$sql = "SELECT * FROM taskview WHERE dept_id=(SELECT deptid FROM users WHERE username='".$_SESSION['username']."') ";
if (isset($_POST['search']))
$search_term = mysql_real_escape_string($_POST['search_box']);
$sql .= "AND (req_code LIKE '%{$search_term}%' ";
$sql .= "OR req_date LIKE '%{$search_term}%' ";
$sql .= "OR req_status LIKE '%{$search_term}%' ";
$sql .= "OR req_dateneeded LIKE '%{$search_term}%' ";
$sql .= "OR req_approveuser LIKE '%{$search_term}%' ";
$sql .= "OR req_noteuser LIKE '%{$search_term}%' ";
$sql .= "OR req_datenote LIKE '%{$search_term}%' ";
$sql .= "OR form_name LIKE '%{$search_term}%' ";
$sql .= "OR itrf_type LIKE '%{$search_term}%' ";
$sql .= "OR username LIKE '%{$search_term}%' ";
$sql .= "OR itrf_details LIKE '%{$search_term}%' ";
$sql .= "OR itrf_date LIKE '%{$search_term}%' ";
$sql .= "OR comp_name LIKE '%{$search_term}%' ";
$sql .= "OR dept_name LIKE '%{$search_term}%' ";
$sql .= "OR dept_code LIKE '%{$search_term}%' ";
$sql .= "OR dept_id LIKE '%{$search_term}%')";
}
在你的一千个OR之后使用这个
$query = mysql_query($sql) OR die();
您使用了两个WHERE,并且SQL中没有间距。试试我提供的确切代码。
但请不要使用mysql尝试使用mysqli或PDO。