我是PHP新手,并且正在运行from this tutorial,这是一个搜索脚本,可以从db中搜索和查找并返回数据。但是,我有点陷入困境。
本教程基于1个字段表单进行搜索,但是我的字段包含4个字段,这些字段都需要填充,并且在传递结果之前都需要匹配,但我坚持使用表单进行PHP /类通信。
这就是我所拥有的:
的index.php
<?php
//Check if search data was submitted
if ( isset( $_GET['search_form'] ) ) {
// Include the search class
require_once( dirname( __FILE__ ) . '/class.search.php' );
// Instantiate a new instance of the search class
$search = new search();
// Store search term into a variable
$search_first_name = htmlspecialchars($_GET['first_name'], ENT_QUOTES);
$search_last_name = htmlspecialchars($_GET['last_name'], ENT_QUOTES);
$search_postcode = htmlspecialchars($_GET['postcode'], ENT_QUOTES);
$search_reg = htmlspecialchars($_GET['reg'], ENT_QUOTES);
// Send the search term to our search class and store the result
$search_results = $search->search($search_first_name, $search_last_name, $search_postcode, $search_reg);
}
?>
<!doctype html>
<html class="no-js" lang="en">
<head>
<meta charset="utf-8" />
<meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>search customer</title>
<link rel="stylesheet" href="css/foundation.css" />
<link rel="stylesheet" href="css/app.css" />
</head>
<body>
<div class="row">
<div class="large-12 columns center">
<h3>search form</h3>
</div>
</div>
<?php if ( $search_results ) : ?>
<div class="results-count">
<p><?php echo $search_results['count']; ?> results found</p>
</div>
<div class="results-table">
<?php foreach ( $search_results['results'] as $search_result ) : ?>
<div class="result">
<p><?php echo $search_result->title; ?></p>
</div>
<?php endforeach; ?>
</div>
<div class="search-raw">
<pre><?php print_r($search_results); ?></pre>
</div>
<?php endif; ?>
<div class="row">
<div class="medium-6 medium-centered large-4 large-centered columns">
<form action="" method="get" class="search-form">
<input type="hidden" name="search_form" id="search_form">
<div class="row">
<h4 class="text-center">Search for a customer</h4>
<div class="small-6 columns">
<label id="first_name">First Name
<input name="first_name" type="text" placeholder="Joe" value="<?php echo $search_first_name; ?>">
</label>
</div>
<div class="small-6 columns">
<label id="last_name">Last Name
<input name="last_name" type="text" placeholder="Bloggs" value="<?php echo $search_last_name; ?>">
</label>
</div>
</div>
<div class="row">
<div class="small-6 columns">
<label id="postcode">Postcode
<input name="postcode" type="text" placeholder="Ex: E2 8AA" value="<?php echo $search_postcode; ?>">
</label>
</div>
<div class="small-6 columns">
<label id="reg">Registration:
<input name="reg" type="text" placeholder="CV58 CVZ" value="<?php echo $search_reg; ?>">
</label>
</div>
</div>
<div class="row">
<button type="submit" class="button expanded">Search</button>
</div>
</form>
</div>
</div>
<script src="js/vendor/jquery.min.js"></script>
<script src="js/vendor/what-input.min.js"></script>
<script src="js/foundation.min.js"></script>
<script src="js/app.js"></script>
</body>
</html>
class.search.php
<?php
include('config.php');
/**
* Performs a search
*
* This class is used to perform search functions in a MySQL database
*
* @version 1.0
* @author James Brandon
*/
class search {
/**
* MySQLi connection
* @access private
* @var object
*/
private $mysqli;
/**
* Constructor
*
* This sets up the class
*/
public function __construct() {
// Connect to our database and store in $mysqli property
$this->connect();
}
/**
* Database connection
*
* This connects to our database
*/
private function connect() {
$this->mysqli = new mysqli(DB_HOST, DB_NAME, DB_USER, DB_PASS);
}
/**
* Search routine
*
* Performs a search
*
* @param string $search_term The search term
*
* @return array/boolen $search_results Array of search results or false
*/
public function search($first_name, $last_name, $postcode, $reg) {
// Sanitize the search term to prevent injection attacks
$first_name = $this->mysqli->real_escape_string($first_name);
$last_name = $this->mysqli->real_escape_string($last_name);
$postcode = $this->mysqli->real_escape_string($postcode);
$reg = $this->mysqli->real_escape_string($reg);
// Run the query
$query = $this->mysqli->query("
SELECT id
FROM customers
WHERE first_name = '%{$first_name}%'
AND last_name = '%{$last_name}%'
AND postcode = '%{$postcode}%'
AND reg = '%{$reg}%'
");
// Check results
if ( ! $query->num_rows ) {
return false;
}
// Loop and fetch objects
while( $row = $query->fetch_object() ) {
$rows[] = $row;
}
// Build our return result
$search_results = array(
'count' => $query->num_rows,
'results' => $rows,
);
return $search_results;
}
}
DB:
Table: customers
Structure: id | first_name | last_name | postcode | reg
所以我需要将输入到表单中的所有内容与数据库进行匹配,但我认为我已经尽可能地更改了该教程中的代码。
答案 0 :(得分:0)
将您的查询更改为
$query = $this->mysqli->query("
SELECT id
FROM customers
WHERE first_name LIKE '%{$first_name}%'
or last_name LIKE '%{$last_name}%'
or postcode LIKE '%{$postcode}%'
or reg LIME '%{$reg}%'
");