Trying to do a search using (LIKE CONCAT('%', ?, '%') AND ) rather than (LIKE CONCAT('%', ?, '%') OR ) using mysqli prepared statements Not sure if i have to use 'call_user_func_array' instead but doing it this way although it works, it only returns records if either of the words in the broken up search string is contained in the title, i need it to return only titles where all the words are contained in the title .
<?php
$searchstr = $_POST['inputsearch']; //Input string from form
$searchwords = split(" ",$searchstr); //Breaking the string to array of words
$totalwords = count($searchwords); //Total words to search for
$ind = 1;
while(list($key,$val)=each($searchwords))
{
if(trim($val) !="" && strlen($val) > 0){ // check good words
$bindingstring[$ind] = $val; // create new array of words
$ind++;
}
}
$callsqli = $conn->prepare("SELECT mytitle,myad_id FROM classifieds WHERE mytitle like CONCAT('%', ?, '%')"); //prepare with wildcards
if(!$callsqli) {
echo 'Wrong SQL: Error: ' . $conn->error, E_USER_ERROR; // oops
return 0;
}
for($i=1; $i<=$totalwords; $i++){
$callsqli->bind_param('s',$bindingstring[$i]); // bind each value
$callsqli->execute();
}
$callsqli->store_result();
$callsqli->bind_result($mytitle,$myadid); // get each title and advert id
while($callsqli->fetch()){ // fetch each result and display
echo "<a href='http://www.somesite.com/someview.php?&someitem=".$myadid."'>".$mytitle."</a><br />";
}
$callsqli->free_result();
$callsqli->close();
?>
答案 0 :(得分:0)
我认为除了sql部分之外,所有代码都能正常工作,因此需要生成包含通配符绑定的sql字符串。您可以通过迭代单词数组并将其附加到查询字符串来完成此操作。生成查询后,将执行该查询并获取结果:
$searchstr = $_POST['inputsearch']; //Input string from form
$searchwords = preg_split('/\s+/', $searchstr); //preg_split with whitespaces and tabs !!!
$bindingstring = array();
foreach($searchwords as $key => $val){
$temp = strval(trim($val));
if($temp != "" && strlen($temp) > 0){
$bindingstring[] = $temp;
}
}
$sql = "SELECT mytitle,myad_id FROM classifieds WHERE ";
foreach($bindingstring as $key => $value){// generate the SQL
if($key > 0){
$sql .= "AND ";//dont include AND in the first iteration
}
$sql .= "mytitle LIKE CONCAT('%', ?, '%') ";
}
echo $sql;
$callsqli = $conn->prepare($sql); //prepare the query
if(!$callsqli) {
echo 'Wrong SQL: Error: ' . $conn->error, E_USER_ERROR; // oops
return 0;
}
foreach($bindingstring as $key => $value){
$callsqli->bind_param('s',$value); // bind each value
}
$callsqli->execute();
$callsqli->store_result();
$callsqli->bind_result($mytitle,$myadid); // get each title and advert id
while($callsqli->fetch()){// fetch each result and display
echo "<a href='http://www.somesite.com/someview.php?&someitem=".$myadid."'>".$mytitle."</a><br />";
}
$callsqli->free_result();
$callsqli->close();
编辑:我编辑了使用preg_split通过空格或制表符分隔单词以获得更一致的行为的答案,还清理了单词的评估并修剪为更易于阅读的