我正在尝试从MySQLi预处理语句中获取数据,但希望获取在表单顶部使用日期选择器选择的日期范围的数据。这很完美,直到我尝试添加日期范围部分。这是我的表单页面的代码:
<?php
include_once 'includes/db_connect.php';
include_once 'includes/functions.php';
sec_session_start();
?>
<!doctype html>
<html class="no-js" lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<title>Welcome | Mountain and Alpine Loan Centers</title>
<meta name="description" content="Mountain and Alpine Loan Centers">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="apple-touch-icon" href="apple-touch-icon.png">
<!-- Place favicon.ico in the root directory -->
<link rel="stylesheet" href="css/normalize.css">
<link rel="stylesheet" href="css/main.css">
<script src="js/vendor/modernizr-2.8.3.min.js"></script>
<script type="text/JavaScript" src="js/sha512.js"></script>
<script type="text/JavaScript" src="js/forms.js"></script>
<style type="text/css">
cal {
display: none;
}
cal.main {
width: 100%;
}
cal.main td {
border-width: 1px 1px 1px 1px;
padding: 1px 1px 1px 1px;
font-family: verdana,arial, helvetica, sans-serif;
font-size: 11px;
}
cal.main th {
border-width: 1px 1px 1px 1px;
padding: 0px 0px 0px 0px;
}
cal.main a{TEXT-DECORATION: none;}
</style>
<script language="javascript" src="js/date-picker6.js"></script>
</head>
<body>
<!--[if lt IE 8]>
<p class="browserupgrade">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience.</p>
<![endif]-->
<!-- Add your site or application content here -->
<div align="center">
<img src="../img/Logo4_Black_Red.jpg" height="126" width="266">
<nav id="nav01"></nav></div>
<div align="center"><br><br><br>
<form action="../includes/test.inc.php" method="get">
<table border="0" cellspacing="1">
<tr>
<table id="cal.main">
<div id="cal">
Dates:<br>
From: <input type="text" name="t1" id="t1">
<img src="calendar.jpg" onClick="start_cal('t1','calendar1');";>
<div id="calendar1" style="position: relative;top: 40px;left: -220px;z-index:1;"></div>
To: <input type="text" id="t2" name="t2">
<img src="calendar.jpg" onClick="start_cal('t2','calendar2');";>
<div id="calendar2" style="position: relative; top: 40px;left: 220px;z-index:1;"></div>
</div></table>
</br></br>
Date Set: <input type="text" name="set_date" id="set_date" /><br>
Result: <input type="text" name="result" id="result" /><br>
Employee: <input type="text" name="employee" id="employee" /><br>
Project: <input type="text" name="project" id="project" /><br>
Source: <input type="text" name="source" id="source" /><br>
Appointment Date: <input type="text" name="appt_date" id="appt_date" /><br>
Branch: <input type="text" name="branch" id="branch" /><br>
First Name: <input type="text" name="fname" id="fname" /><br>
Last Name: <input type="text" name="lname" id="lname" /><br>
Last Four: <input type="text" name="last_four" id="last_four" /><br>
Phone: <input type="text" name="phone" id="phone" /><br>
City: <input type="text" name="city" id="city" /><br>
State: <input type="text" name="state" id="state" /><br>
Zip: <input type="text" name="zip" id="zip" /><br>
<input type="submit" value="submit" />
</tr>
</table>
</form>
</div>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script>window.jQuery || document.write('<script src="js/vendor/jquery-1.11.3.min.js"><\/script>')</script>
<script src="js/plugins.js"></script>
<script src="js/main.js"></script>
<script src="../js/script.js"></script>
<!-- Google Analytics: change UA-XXXXX-X to be your site's ID. -->
<script>
(function(b,o,i,l,e,r){b.GoogleAnalyticsObject=l;b[l]||(b[l]=
function(){(b[l].q=b[l].q||[]).push(arguments)});b[l].l=+new Date;
e=o.createElement(i);r=o.getElementsByTagName(i)[0];
e.src='https://www.google-analytics.com/analytics.js';
r.parentNode.insertBefore(e,r)}(window,document,'script','ga'));
ga('create','UA-XXXXX-X','auto');ga('send','pageview');
</script>
</body>
</html>
以下是我的表单处理页面的代码:
<?php
include_once 'db_connect.php';
include_once 'psl-config.php';
session_start();
$error_msg = "";
if (isset($_POST['t1']))
$from = $_POST['t1'];
if (isset($_POST['t2']))
$to = $_POST['t2'];
if (isset($_GET['subject']))
$subject = $_GET['subject'];
if (isset($_GET['set_date']))
$set_date = $_GET['set_date'];
if (isset($_GET['set_time']))
$set_time = $_GET['set_time'];
if (isset($_GET['result']))
$result = $_GET['result'];
if (isset($_GET['employee']))
$employee = $_GET['employee'];
if (isset($_GET['project']))
$employee = $_GET['project'];
if (isset($_GET['source']))
$source = $_GET['source'];
if (isset($_GET['appt_date']))
$appt_date = $_GET['appt_date'];
if (isset($_GET['branch']))
$branch = $_GET['branch'];
if (isset($_GET['fname']))
$fname = $_GET['fname'];
if (isset($_GET['lname']))
$lname = $_GET['lname'];
if (isset($_GET['last_four']))
$last_four = $_GET['last_four'];
if (isset($_GET['phone']))
$phone = $_GET['phone'];
if (isset($_GET['city']))
$city = $_GET['city'];
if (isset($_GET['state']))
$state = $_GET['state'];
if (isset($_GET['zip']))
$zip = $_GET['zip'];
if (isset($_GET['monthly_net']))
$monthly_net = $_GET['monthly_net'];
if (isset($_GET['job_time']))
$job_time = $_GET['job_time'];
$query = $mysqli->prepare("
SELECT subject, set_date, set_time, result, employee, project, source,
appt_date, branch, fname, lname, last_four, phone, city, state, zip,
monthly_net, job_time
FROM appointments
WHERE
set_date LIKE CONCAT('%', ?, '%')
AND result LIKE CONCAT('%', ?, '%')
AND employee LIKE CONCAT('%', ?, '%')
AND project LIKE CONCAT('%', ?, '%')
AND source LIKE CONCAT('%', ?, '%')
AND appt_date LIKE CONCAT('%', ?, '%')
AND branch LIKE CONCAT('%', ?, '%')
AND fname LIKE CONCAT('%', ?, '%')
AND lname LIKE CONCAT('%', ?, '%')
AND last_four LIKE CONCAT('%', ?, '%')
AND phone LIKE CONCAT('%', ?, '%')
AND city LIKE CONCAT('%', ?, '%')
AND state LIKE CONCAT('%', ?, '%')
AND zip LIKE CONCAT('%', ?, '%')
AND set_date BETWEEN '".$from."' AND '".$to ."'
ORDER BY employee");
$query->bind_param('ssssssssssssss', $_GET['set_date'], $_GET['result'],
$_GET['employee'], $_GET['project'], $_GET['source'],
$_GET['appt_date'], $_GET['branch'], $_GET['fname'], $_GET['lname'],
$_GET['last_four'], $_GET['phone'], $_GET['city'], $_GET['state'],
$_GET['zip']);
$query->execute();
$query->store_result();
$query->bind_result($subject, $set_date, $set_time, $result, $employee, $project, $source, $appt_date, $branch, $fname, $lname, $last_four, $phone, $city, $state, $zip, $monthly_net, $job_time);
$rows = $query->num_rows;
$results = array();
while($row = $query->fetch()) {
$results[] = array(
'rows' => $rows,
'subject' => $subject,
'set_date' => $set_date,
'set_time' => $set_time,
'result' => $result,
'employee' => $employee,
'project' => $project,
'source' => $source,
'appt_date' => $appt_date,
'branch' => $branch,
'fname' => $fname,
'lname' => $lname,
'last_four' => $last_four,
'phone' => $phone,
'city' => $city,
'state' => $state,
'zip' => $zip,
'monthly_net' => $monthly_net,
'job_time' => $job_time
);
}
$_SESSION['results'] = $results;
if($results) {
header('Location: ../test_page.php');
}else{
header('Location: ../test.php?error=1');
}
$query->free_result();
$mysqli->close();
?>
答案 0 :(得分:0)
您的表单使用method="get",但您从POST数据中检索日期值,该数据不可用:
if (isset($_POST['t1']))
$from = $_POST['t1'];
if (isset($_POST['t2']))
$to = $_POST['t2'];
因此,查询的日期条件具有空值并失败:
AND set_date BETWEEN '' AND ''
您应该使用:
if (isset($_GET['t1']))
$from = $_GET['t1'];
if (isset($_GET['t2']))
$to = $_GET['t2'];
返回:
AND set_date BETWEEN '2015-7-2' AND '2015-7-15'
很明显我完全错过了它。并且不要忘记在预准备语句中绑定值以避免sql注入。