PHP,sql动态查询可能LIKE和OR和AND一起工作不正常

时间:2015-07-21 23:10:32

标签: php mysql search operators combinations

我有一个搜索表单(搜索属性,不动产):

HTML: 标签已被忽略  

 <input type="text" name="keywords" placeholder="keywords"/>

<select name="status" id="select-property-status" class="search-select">
    <option value="" selected="selected">Tous</option>
    <option value="1">Sale</option>
    <option value="0">Rent</option>
</select>

<select name="type" id="select-property-type" class="search-select">
    <option value="" selected="selected">Tous</option>
    <option value="appartement">Appartement</option>
    <option value="duplex">Duplex</option>
    <option value="studio">Studio</option>
    <option value="villa">Villa</option>
</select>

<select name="emplacement" id="select-property-emplacement" class="search-select">
    <option value="" selected="selected">Tous</option>
    <option value="La Goulette">La Goulette</option>
    <option value="Gammarth">Gammarth</option>
    <option value="La Marsa">La Marsa</option>
    <option value="El Mourouj">El Mourouj</option>
</select>

  <input name="surface_min" type="text" placeholder="min" value=""  />
  <input name="surface_max" type="text" placeholder="max" value=""  />

  <input name="rooms_min" type="text" placeholder="min" value=""  />
  <input name="rooms_max" type="text" placeholder="max" value=""  />

  <input name="price_min" type="text" placeholder="Prix min" value=""  />
  <input name="price_max" type="text" placeholder="Prix max" value=""  />

  <input type="hidden" name="search_form" value="True" required="required"/>
  <input type="submit" name="submit" value="Search"  class="search-button" />

现在 search-results.php: 

    // Saving search terms in variables 
    $keyword = strtolower(htmlspecialchars($_POST['keywords'])); // string from text field
    $status = htmlspecialchars($_POST['status']); // 0 or 1
    $type = htmlspecialchars($_POST['type']); // string value from option
    $emplacement = htmlspecialchars($_POST['emplacement']); // string value from option
    $surface_min = htmlspecialchars($_POST['surface_min']); // integer from text field
    $surface_max = htmlspecialchars($_POST['surface_max']);// integer from text field
    $chambres_min = htmlspecialchars($_POST['rooms_min']);// integer from text field
    $chambres_max = htmlspecialchars($_POST['rooms_max']);// integer from text field
    $prix_min = htmlspecialchars($_POST['price_min']);// integer from text field
    $prix_max = htmlspecialchars($_POST['price_max']);// integer from text field

    // create an empty array
    $where_array = array();

    // if user type in or choose an option in the search form 
    // > create a string with its value and put it in $where_array
    if($keyword != '') $where_array[] = ' LOWER(prop_title) LIKE "%'.$keyword.'%" OR LOWER(prop_desc) LIKE "%'.$keyword.'%"';
    if($status != '') $where_array[] = 'prop_status = '.$status.'';
    if($type != '') $where_array[] = 'prop_type = "'.$type.'"';
    if($emplacement != '') $where_array[] = 'prop_place = "'.$emplacement.'"';
    if($surface_min != '') $where_array[] = 'prop_surface >= '.$surface_min.'';
    if($surface_max != '') $where_array[] = 'prop_surface <= '.$surface_max.'';
    if($rooms_min != '') $where_array[] = 'prop_rooms >= '.$rooms_min.'';
    if($rooms_max != '') $where_array[] = 'prop_rooms <= '.$rooms_max.'';
    if($price_min != '') $where_array[] = 'prop_price >= '.$price_min.'';
    if($price_max != '') $where_array[] = 'prop_price <= '.$price_max.'';

    // join all the array elements (the strings) saved in $where_array by the string : AND 
    $where_string = implode(" AND ", $where_array);

   // the sql query        
    $search = "SELECT * FROM proprietes WHERE $where_string";
    $search = $db->query($search);

    // if the query exists 
    if($search)
    {
        // loop through all the properies that matches the WHERE conditions
        foreach($search as $search_result)
        {
            // echo the title of the property
            echo htmlspecialchars($search_result['prop_title']);
        }
    }
    else
    {
        // which one is right ?
        echo 'Error occured !';
        echo 'No property found !';
    }

问题

单独选择时,所有搜索字段都可以正常工作,所有组合都可以正常工作,除了:
关键字AND状态字段,从proprietes表返回的数据不应该:我在文本字段中输入单词“villa”然后在选择框中选择“For Sale”(sale = 1,rent = 0)但结果给出了我所有的别墅出售和出租!我使用$search->debugDumpParams();来回应这个:

SELECT * FROM proprietes WHERE LOWER(prop_title) LIKE "%villa%" OR LOWER(prop_desc) LIKE "%villa%" AND prop_status = 1

我认为这是我的逻辑和语法错误!有什么帮助吗?

谢谢。

2 个答案:

答案 0 :(得分:1)

这里有很多,但您的输出查询显示了问题。

未正确使用未指定的布尔条件(ANDOR)。应该更像这样

SELECT * FROM proprietes 
WHERE prop_status = 1
AND (LOWER(prop_title) LIKE "%villa%" OR LOWER(prop_desc) LIKE "%villa%")

您需要更改阵列中的逻辑,使其更像这样。换句话说,在查询中有OR的任何地方,它都应该括在括号中

答案 1 :(得分:1)

我想如果你把这行代码更改为

if($keyword != '') 
   $where_array[] = ' (LOWER(prop_title) LIKE "%'.$keyword.'%" OR LOWER(prop_desc) LIKE "%'.$keyword.'%")';

它会纠正您的查询。

如果您使用双引号,那么它也可能更具可读性,那么您不需要所有.连接,并且代码变得更容易阅读。

if($keyword != '') 
    $where_array[] = " (LOWER(prop_title) LIKE '%$keyword%' OR LOWER(prop_desc) LIKE '%$keyword%')";
相关问题
最新问题