好的,所以这个问题非常简单,基本上当你提出例如" W"它应该输出包含该字符的酒店名称和客人的姓氏。这并不是酒店的名字,但无论我放什么,它都不会给我一个客人的输出。对于客人来说,有几个匹配应该出现,但我什么都没得到。我的代码无法看到任何错误......帮助。
<!DOCTYPE html>
<html>
<head>
<title>Database</title>
<link href="style.css" rel="stylesheet" type="text/css"> <!-- This is linking style sheet (css)into this HTML page-->
<link href='https://fonts.googleapis.com/css?family=PT+Serif:400italic' rel='stylesheet' type='text/css'>
</head>
<body>
<div class="navigation">
<form action="index.php" method="get">
<input type="submit" name="mainpage" value="Main Page" class="submitbut" id="but1" />
</form>
</div>
<form action="index.php" method="post">
<input type="text" name="search" id="searching" />
<input type="submit" name="data_submit" value="Search" id="scan" />
</form>
<?php
if( isset( $_GET['mainpage'] ) ) exit( header( "Location: mainpage.php" ) );
if ( isset( $_POST["data_submit"] ) ){
$search_term = strip_tags( trim( $_POST['search'] ) );
$conn = new PDO( 'mysql:host=localhost;dbname=u1358595', 'root' );
$stmt = $conn->prepare("SELECT * FROM `hotel` h
INNER JOIN `booking` b ON h.`hotel_id`=b.`hotel_id`
INNER JOIN `guest` g ON g.`guest_id`=b.`guest_id`
WHERE `name` LIKE :search_term;");
$stmt->bindValue(':search_term','%' . $search_term . '%');
$stmt->execute();
echo "
<table>
<tr>
<th>Hotels Matched</th>
</tr>";
while($hotel = $stmt->fetch()) {
echo "
<tr>
<td><a href='details.php?name=".$hotel['name']."'>".$hotel['name']."</a></td>
</tr>";
}
echo "</table>";
$stmt = $conn->prepare("SELECT * FROM `guest` g
INNER JOIN `booking` b ON g.`guest_id`=b.`guest_id`
INNER JOIN hotel ON b.`hotel_id`=h.`hotel_id`
WHERE g.`last_name` LIKE :search_term;");
$stmt->bindValue(':search_term', '%' . $search_term . '%');
$stmt->execute();
echo "
<table>
<tr>
<th>Guests Matched</th>
</tr>";
while($hotel = $stmt->fetch()) {
echo "
<tr>
<td><a href='details.php?name=".$hotel['first_name']."'>".$hotel['last_name']."</a></td>
</tr>";
}
echo "</table>";
$conn = NULL;
}
?>
</body>
</html>
答案 0 :(得分:1)
使用带有LIKE的PDO Prepared语句首先准备FULL文字。参见PDO Wiki 即
$name = "%$name%";
我使用一个查询简化了您的代码。我在2个表上测试了它,你需要加入其他表
<!DOCTYPE html>
<html>
<head>
<title>Database</title>
</head>
<body>
<form action="index.php" method="post">
<input type="text" name="search" id="searching" />
<input type="submit" name="data_submit" value="Search" id="scan" />
</form>
<?php
$host= "localhost";
$username="XXXX";
$password="XXXX";
$database="XXXX";
function writeTable($host,$database, $username, $password,$search_term) {
//Create query
$sql = "SELECT hotel.name AS hotel, guest.name AS guest
FROM `hotel`
LEFT JOIN `guest` ON hotel.guest = guest.id
WHERE hotel.name LIKE ?
OR guest.name LIKE ?
";
$html = '<table cellpadding="1" cellspacing="1">'. "\n";
//array for column names
$columnNames = array("hotel","guest");
//table header
$html .= '<tr>';
foreach ($columnNames as $value){
$html .= '<th>' . $value . '</th>';
}
$html .= '</tr>'. "\n";
// connect to the database
$db = new PDO("mysql:host=$host;dbname=$database", $hotelname, $password);
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
//Prepare and execute query
$stmt = $db->prepare($sql);
$stmt->execute(array($search_term,$search_term));
// setting the fetch mode
$stmt->setFetchMode(PDO::FETCH_ASSOC);
//Add content
while($row = $stmt->fetch()) {
$html .= '<tr>';
$html .= '<td>' . $row['hotel'] . '</td>';
$html .= '<td>' . $row['guest'] . '</td>';
$html .= '</tr>'. "\n";
}
$html .= '</table>';
echo $html;
// close the connection
$dbh = null;
}
$search = strip_tags(trim($_POST['search'] ) );
if(isset($search) ){
if ($search != ''){
$search_term = '%'.$search.'%';
}else{
$search_term ='';
}
}
writeTable($host,$database, $hotelname, $password,$search_term);
?>
你应该可以修改以适应。