Question

我有一个自动完成表，使用我的index.php页面中的$ request对idno，surname，reference和transno字段进行过滤。

Raceid也从索引页面传递到fetch.php来过滤记录（原来是在index.php页面上的url。

我的sql查询没有过滤。它显示了所有记录。当我只使用＆＃34; WHERE＆＃39; $ raceid＆＃39; = raceid＆＃34; ＆＃34;部分，然后它过滤100％。

我无法将其与下面的代码结合起来以获得结果。

如何在同一个sql查询中使用两个＆＃34; WHERE来过滤表？

Fetch.php

    <?php

$raceid = $_POST['raceid'];
if(isset($_POST["query"]))
{
 $connect = mysqli_connect("localhost", "root", "", "registerdb");
 $request = mysqli_real_escape_string($connect, $_POST["query"]);


  $query = "
  SELECT * FROM tblentries 
  WHERE '$raceid' = raceid
  AND WHERE idno LIKE '%".$request."%' 
  OR surname LIKE '%".$request."%' 
  OR reference LIKE '%".$request."%' 
  OR transno LIKE '%".$request."%'
  ";

 $result = mysqli_query($connect, $query);
 $data =array();
 $html = '';
 $html .= '
  <table class="table table-bordered table-striped">
   <tr>
     <th>No</th>
    <th>Id No</th>
    <th>Surnameame</th>
    <th>Firstname</th>
    <th>Time</th>
    <th>Reference</th>
    <th>Transact No</th>
    <th>Total Fees</th>
    <th>Amount Pd</th>
    <th>Distance</th>
   </tr>
  ';
 if(mysqli_num_rows($result) > 0)
 {
  while($row = mysqli_fetch_array($result))
  {
    $data[] = $row["raceid"];  
   $data[] = $row["idno"];
   $data[] = $row["surname"];
   $data[] = $row["firstname"];
   $data[] = $row["process"];
   $data[] = $row["reference"];
   $data[] = $row["transno"];
   $data[] = $row["total_fee"];
   $data[] = $row["amountpaid"];
   $data[] = $row["distance"];
   $html .= '
   <tr>
    <td>'.$row["raceid"].'</td>
    <td>'.$row["idno"].'</td>
    <td>'.$row["surname"].'</td>
    <td>'.$row["firstname"].'</td>
    <td>'.$row["process"].'</td>
    <td>'.$row["reference"].'</td>
    <td>'.$row["transno"].'</td>
    <td>'.$row["total_fee"].'</td>
    <td>'.$row["amountpaid"].'</td>
    <td>'.$row["distance"].'</td>
   </tr>
   ';
  }
 }
 else
 {
  $data = 'No Data Found';
  $html .= '
   <tr>
    <td colspan="3">No Data Found</td>
   </tr>
   ';
 }
 $html .= '</table>';
 if(isset($_POST['typehead_search']))
 {
  echo $html;
 }
 else
 {
  $data = array_unique($data);
  echo json_encode($data);
 }
}

    ?>

Answer 1

您不应重新声明 WHERE。事实上，你不能重新声明它。

在您的以下查询中：

$query = "
  SELECT * FROM tblentries 
  WHERE '$raceid' = raceid
  AND WHERE idno LIKE '%".$request."%' 
  OR surname LIKE '%".$request."%' 
  OR reference LIKE '%".$request."%' 
  OR transno LIKE '%".$request."%'
  ";

只需删除第二个WHERE：

$query = "
  SELECT * FROM tblentries 
  WHERE '$raceid' = raceid
  AND idno LIKE '%".$request."%' 
  OR surname LIKE '%".$request."%' 
  OR reference LIKE '%".$request."%' 
  OR transno LIKE '%".$request."%'
  ";

但是，请记住上述查询的“逻辑”;就目前而言，种族ID需要等于raceid AND idno需要等于请求... OR 任何一个其他值需要匹配。也就是说，如果您的OR条件触发，则raceid不需要！您可能希望使用括号来解决此问题。

我将这些行分开了一点，以便在以下示例中清楚地说明这一点：

 $query = "
  SELECT * FROM tblentries 
  WHERE '$raceid' = raceid
  AND 
  (
  idno LIKE '%".$request."%' 
  OR surname LIKE '%".$request."%' 
  OR reference LIKE '%".$request."%' 
  OR transno LIKE '%".$request."%'
  )
  ";

希望这有帮助！：）

Answer 2

你只需要包装你的＆＃34; OR＆＃34;括号中的值，以使其与raceid检查分开。

$query = "
SELECT * FROM tblentries 
WHERE 
    '$raceid' = raceid
    AND 
    (
        idno LIKE '%".$request."%' 
        OR surname LIKE '%".$request."%' 
        OR reference LIKE '%".$request."%' 
        OR transno LIKE '%".$request."%'
    )
";

确保您使用预备语句！直接在您的查询中注入$ _POST [＆＃39; raceid＆＃39;]将导致您遇到问题。

Answer 3

我认为您的查询中存在两个错误：

您正在传递$radeid错误的

它应该是raceid = '".$raceid."'例如：

 $query = "
  SELECT * FROM tblentries 
  WHERE  raceid = ".$raceid."
  AND WHERE idno LIKE '%".$request."%' 
  OR surname LIKE '%".$request."%' 
  OR reference LIKE '%".$request."%' 
  OR transno LIKE '%".$request."%'
  ";

您正在使用两次，删除一个，即

$query = "
  SELECT * FROM tblentries 
  WHERE  raceid = ".$raceid."
  AND idno LIKE '%".$request."%' 
  OR surname LIKE '%".$request."%' 
  OR reference LIKE '%".$request."%' 
  OR transno LIKE '%".$request."%'
  ";

最终查询将是

 $query = "
          SELECT * FROM tblentries 
          WHERE  raceid = ".$raceid."
          AND (idno LIKE '%".$request."%' 
          OR surname LIKE '%".$request."%' 
          OR reference LIKE '%".$request."%' 
          OR transno LIKE '%".$request."%')
          ";

PHP sql查询和多个WHERE＆＃39;

3 个答案: