当我从显示的表单中查询两个值之间的价格时:
请求“无法执行SQL查询”SELECT * FROM data WHERE id> 0SELECT * FROM data WHERE price> ='100'AND price< ='150'
表格代码(仅限价格代码):
<form action="searchhotel/results.php" target="_self">
<label>Price($)</label>
<select name="pricefrom">
<option value="">--</option>
<option value="100">100</option>
</select>
<label>Price TO($)</label>
<select name="priceto">
<option value="">--</option>
<option value="150">150</option>
</select>
<button type="submit">Search</button>
</form>
PHP代码(results.php)除了$ search_price
之外,所有其他代码都运行良好<?php
if ($_REQUEST["string"]<>'') {
$search_string = " AND (hotel LIKE '%".mysql_real_escape_string($_REQUEST["string"])."%' OR email LIKE '%".mysql_real_escape_string($_REQUEST["string"])."%')";
}
if ($_REQUEST["city"]<>'') {
$search_city = " AND city='".mysql_real_escape_string($_REQUEST["city"])."'";
}
if ($_REQUEST["star"]<>'') {
$search_star = " AND star='".mysql_real_escape_string($_REQUEST["star"])."'";
}
if ($_REQUEST["pricefrom"]<>'' and $_REQUEST["priceto"]<>'') {
$search_price = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE price >= '".mysql_real_escape_string($_REQUEST["pricefrom"])."' AND price <= '".mysql_real_escape_string($_REQUEST["priceto"])."'";
}
if ($_REQUEST["from"]<>'' and $_REQUEST["to"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE from_date >= '".mysql_real_escape_string($_REQUEST["from"])."' AND to_date <= '".mysql_real_escape_string($_REQUEST["to"])."'".$search_string.$search_city.$search_string.$search_star.$search_price;
} else if ($_REQUEST["from"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE from_date >= '".mysql_real_escape_string($_REQUEST["from"])."'".$search_string.$search_city.$ search_string.$search_star.$search_price;
} else if ($_REQUEST["to"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE to_date <= '".mysql_real_escape_string($_REQUEST["to"])."'".$search_string.$search_city.$search_string.$search_sta.$search_pricer;
} else {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE id>0".$search_string.$search_city.$search_string.$search_star.$search_price;
}
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
if (mysql_num_rows($sql_result)>0) {
while ($row = mysql_fetch_assoc($sql_result)) {
?>
一切正常,SQL数据库已成功连接,它通过PHP回显所有值。我想错误地在SQL数据库中声明了“price”的数据类型,如下所示:
CREATE TABLE IF NOT EXISTS `data` (
`id` int(11) NOT NULL auto_increment,
`from_date` date NOT NULL,
`to_date` date NOT NULL,
`hotel` varchar(250) NOT NULL,
`city` varchar(250) NOT NULL,
`star` varchar(250) NOT NULL,
`links` varchar(250) NOT NULL,
`images` varchar(250) NOT NULL,
`price` varchar(250) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=11 ;
答案 0 :(得分:0)
此处脚本中的错误.$search_string.$search_city.$search_string.$search_star.$search_price中的$search_price是另一个查询,而不是来自db或get / post的值,并且您将查询放入查询中。
您整理此查询字符串
if ($_REQUEST["pricefrom"]<>'' and $_REQUEST["priceto"]<>'') {
$search_price = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE price >= '".mysql_real_escape_string($_REQUEST["pricefrom"])."' AND price <= '".mysql_real_escape_string($_REQUEST["priceto"])."'";
}
使用
} else {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE id>0".$search_string.$search_city.$search_string.$search_star.$search_price;
}
获取错误查询
$search_price = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE price >= '".mysql_real_escape_string($_REQUEST["pricefrom"])."' AND price <= '".mysql_real_escape_string($_REQUEST["priceto"])."'"." SELECT * FROM ".$SETTINGS["data_table"]." WHERE id>0".$search_string.$search_city.$search_string.$search_star.$search_price;
}
SELECT * FROM data WHERE id&gt; 0SELECT * FROM data WHERE price&gt; =&#39; 100&#39;和价格&lt; =&#39; 150&#39;
或者使用;或更正条件if进行separe 2 queryse,或者在不需要的情况下添加其他需要执行2个查询的地方