使用php中的一列搜索多个字段

时间:2018-04-01 14:10:10

标签: php mysql

是否可以使用一列中的多个字段搜索数据?例如,列名称为“作业标题”,在第一个字段中,我键入“HR”,第二个字段I键入“人力资源”。点击搜索按钮后,它将从“职位名称”栏中搜索“人力资源”和“人力资源”。以下是我的代码,

        <form action="process/searchprocess.php" method="GET">
        <tr>
           <th>
                <br><br>Job Title<br><input type="text" name="Designation"  />
            </th>
            <th>
                <br><br>Business Nature / Company Name<br><input type="text" name="BusinessNature"  />
            </th>
        <th valign="center">
                <br><br>Email<select name="Email" >

                    <option value="" >All</option>
                    <option value="Yes">Yes</option>
                    <option value="Nil">No</option>
                </select>

            </th>
        </tr>

这是我的PHP代码,

                            <?php
                            session_start();

                            // Create connection
                            $conn = new mysqli($servername, $username, $password , $db);

                            // Check connection
                            if ($conn->connect_error) {
                                die("Connection failed: " . $conn->connect_error);
                            }




                            set_time_limit(0);
                            $query1 = $_GET['Designation'];
                            $query2 = $_GET['BusinessNature'];
                            $query3 = $_GET['State'];
                            $query4 = $_GET['Designation2'];
                            $query5 = $_GET['Designation3'];
                            $query6 = $_GET['Designation4'];
                            $query7 = $_GET['Designation5'];
                            $query8 = $_GET['Designation6'];
                            $query9 = $_GET['Designation7'];
                            $query10 = $_GET['Designation8'];
                            $query11 = $_GET['Designation9'];
                            $query12 = $_GET['Designation10'];
                            $query13 = $_GET['BusinessNature2'];
                            $query14 = $_GET['BusinessNature3'];
                            $query15 = $_GET['BusinessNature4'];
                            $query16 = $_GET['BusinessNature5'];
                            $query17 = $_GET['BusinessNature6'];
                            $query18 = $_GET['BusinessNature7'];
                            $query19 = $_GET['BusinessNature8'];
                            $query20 = $_GET['BusinessNature9'];
                            $query21 = $_GET['BusinessNature10'];
                            $Email = $_GET['Email'];

                            ?>

                            <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
                            <html xmlns="http://www.w3.org/1999/xhtml">
                            <head>                                                        

                            </head>
                            <body>
                            <div id=headerbg>
                            <div id=headerwrap>
                                <div id=header>
                                    <div style="margin-right: 100px;">
                                    <BRANDING:DefaultProductLogo>
                                        <div id=logo> <a href="../adminpage.php"> <img style="border: none;" src="http://www.xendmailer.com/emv2/system/data/templates/enhanced_english/media/images/logo.png" width="203" height="21" /></a></div><!--End for id=logo-->
                                    </BRANDING:DefaultProductLogo>



                                    </div>    
                                </div><!--End for id=header-->
                            </div><!--End for id=headerwrap-->
                            </div><!--End for id=bg-->
                            <div id=spacer></div><!--End for id=spacer-->

                            <div id=contentwrap>
                                <form action="export.php" method="GET">
                                    <tr>
                                        <th>
                                            <!-- <br><input type="submit" value="Export" align="center" /> -->
                                            <button class="button button">Export</button>
                                        </th>
                                        <th>
                                            <input type="hidden" name="query1" value="<?php echo $query1; ?>">
                                        </th>
                                        <th>
                                            <input type="hidden" name="query2" value="<?php echo $query2; ?>">
                                        </th>
                                        <th>
                                            <input type="hidden" name="query3" value="<?php echo $query3; ?>">
                                        </th>
                                        <th>
                                            <input type="hidden" name="Email" value="<?php echo $Email; ?>">
                                        </th>

                                    </tr>
                                </form>

                            <?php
                                // $query = $_GET['client_name'];   

                                if ( $query1 == null && $query2 == null && $query3 == null && $query4 == null && $query5 == null)
                                {
                                    // echo "Please at least insert one the value";
                                    echo "<script language = 'Javascript'>";
                                    echo "alert('Please insert at least  one value to search!');";
                                    echo "location.href = '../adminpage.php';</script>";
                                }

                                else
                                {     
                                    $query1 = htmlspecialchars($query1); 
                                    $query2 = htmlspecialchars($query2); 
                                    $query3 = htmlspecialchars($query3); 
                                    $query4 = htmlspecialchars($query4);
                                    $query5 = htmlspecialchars($query5);
                                    $query6 = htmlspecialchars($query6);
                                    $query7 = htmlspecialchars($query7); 
                                    $query8 = htmlspecialchars($query8); 
                                    $query9 = htmlspecialchars($query9); 
                                    $query10 = htmlspecialchars($query10);
                                    $query11 = htmlspecialchars($query11);
                                    $query12 = htmlspecialchars($query12);
                                    $query13 = htmlspecialchars($query13); 
                                    $query14 = htmlspecialchars($query14); 
                                    $query15 = htmlspecialchars($query15); 
                                    $query16 = htmlspecialchars($query16);
                                    $query17 = htmlspecialchars($query17);
                                    $query18 = htmlspecialchars($query18);  
                                    $query19 = htmlspecialchars($query19);  
                                    $query20 = htmlspecialchars($query20);  
                                    $query21 = htmlspecialchars($query21);
                                    $Email = htmlspecialchars($Email);  
                                    // changes characters used in html to their equivalents, for example: < to &gt;

                                    $query1 = mysqli_real_escape_string($conn, $query1);
                                    $query2 = mysqli_real_escape_string($conn, $query2);
                                    $query3 = mysqli_real_escape_string($conn, $query3);
                                    $query4 = mysqli_real_escape_string($conn, $query4);
                                    $query5 = mysqli_real_escape_string($conn, $query5);
                                    $query6 = mysqli_real_escape_string($conn, $query6);
                                    $query7 = mysqli_real_escape_string($conn, $query7);
                                    $query8 = mysqli_real_escape_string($conn, $query8);
                                    $query9 = mysqli_real_escape_string($conn, $query9);
                                    $query10 = mysqli_real_escape_string($conn, $query10);
                                    $query11 = mysqli_real_escape_string($conn, $query11);
                                    $query12 = mysqli_real_escape_string($conn, $query12);
                                    $query13 = mysqli_real_escape_string($conn, $query13);
                                    $query14 = mysqli_real_escape_string($conn, $query14);
                                    $query15 = mysqli_real_escape_string($conn, $query15);
                                    $query16 = mysqli_real_escape_string($conn, $query16);
                                    $query17 = mysqli_real_escape_string($conn, $query17);
                                    $query18 = mysqli_real_escape_string($conn, $query18);
                                    $query19 = mysqli_real_escape_string($conn, $query19);
                                    $query20 = mysqli_real_escape_string($conn, $query20);
                                    $query21 = mysqli_real_escape_string($conn, $query21);
                                    $Email = mysqli_real_escape_string($conn, $Email);
                                    // makes sure nobody uses SQL injection




                                            <?php




                                            // $query = "SELECT * FROM user_info " . $where . " order by ID";
                                            // $raw_results = mysqli_query($conn, $query) or die (mysqli_error());


                                    if ($query1 == 0)
                                    {

                                            $where = "";
                                            $whereConditions = array();
                                            if(strlen($query1) > 0) {
                                              $whereConditions[] = "Designation LIKE '%" . $query1 . "%'";
                                            }
                                            if(strlen($query4) > 0) {
                                              $whereConditions[] = "Designation LIKE '%" . $query4 . "%'";
                                            }
                                            if(strlen($query5) > 0) {
                                              $whereConditions[] = "Designation LIKE '%" . $query5 . "%'";
                                            }
                                             if(strlen($query6) > 0) {
                                              $whereConditions[] = "Designation LIKE '%" . $query6 . "%'";
                                            }
                                             if(strlen($query7) > 0) {
                                              $whereConditions[] = "Designation LIKE '%" . $query7 . "%'";
                                            }
                                             if(strlen($query8) > 0) {
                                              $whereConditions[] = "Designation LIKE '%" . $query8 . "%'";
                                            }
                                             if(strlen($query9) > 0) {
                                              $whereConditions[] = "Designation LIKE '%" . $query9 . "%'";
                                            }
                                             if(strlen($query10) > 0) {
                                              $whereConditions[] = "Designation LIKE '%" . $query10 . "%'";
                                            }
                                             if(strlen($query11) > 0) {
                                              $whereConditions[] = "Designation LIKE '%" . $query11 . "%'";
                                            }
                                             if(strlen($query12) > 0) {
                                              $whereConditions[] = "Designation LIKE '%" . $query12 . "%'";
                                            }
                                            if(count($whereConditions) > 0) {
                                              $where = " (" . implode(" OR ", $whereConditions) . ")";
                                            }

                                            $where2 = "";
                                            $whereConditions2 = array();
                                            if(strlen($query2) > 0) {
                                              $whereConditions2[] = "BusinessNature LIKE '%" . $query2 . "%' or Company LIKE '%" . $query2 . "%'";
                                            }
                                            if(strlen($query13) > 0) {
                                              $whereConditions2[] = "BusinessNature LIKE '%" . $query13 . "%' or Company LIKE '%" . $query13 . "%'";
                                            }
                                            if(strlen($query14) > 0) {
                                              $whereConditions2[] = "BusinessNature LIKE '%" . $query14 . "%' or Company LIKE '%" . $query14 . "%'";
                                            }
                                            if(strlen($query15) > 0) {
                                              $whereConditions2[] = "BusinessNature LIKE '%" . $query15 . "%' or Company LIKE '%" . $query15 . "%'";
                                            }
                                            if(strlen($query16) > 0) {
                                              $whereConditions2[] = "BusinessNature LIKE '%" . $query16 . "%' or Company LIKE '%" . $query16 . "%'";
                                            }
                                            if(strlen($query17) > 0) {
                                              $whereConditions2[] = "BusinessNature LIKE '%" . $query17 . "%' or Company LIKE '%" . $query17 . "%'";
                                            }
                                            if(strlen($query18) > 0) {
                                              $whereConditions2[] = "BusinessNature LIKE '%" . $query18 . "%' or Company LIKE '%" . $query18 . "%'";
                                            }
                                            if(strlen($query19) > 0) {
                                              $whereConditions2[] = "BusinessNature LIKE '%" . $query19 . "%' or Company LIKE '%" . $query19 . "%'";
                                            }
                                            if(strlen($query20) > 0) {
                                              $whereConditions2[] = "BusinessNature LIKE '%" . $query20 . "%' or Company LIKE '%" . $query20 . "%'";
                                            }
                                            if(strlen($query21) > 0) {
                                              $whereConditions2[] = "BusinessNature LIKE '%" . $query21 . "%' or Company LIKE '%" . $query21 . "%'";
                                            }
                                            if(count($whereConditions2) > 0) {
                                              $where2 = " (" . implode(" OR ", $whereConditions2) . ")";
                                            }

                                            $raw_results = mysqli_query($conn, "SELECT * FROM user_info WHERE " . $where . " and " . $where2 . "  and (State LIKE '%".$query3."%') and (Email LIKE '%".$Email."%') order by ID") or die (mysqli_error());

                                            if(mysqli_num_rows($raw_results) > null){ // if one or more rows are returned do following
                                                ?>
                                                <table  width="100%" >
                                                        <tr align="center">
                                                            <th>ID</th>
                                                            <th>Tag</th>
                                                            <th>Company</th>
                                                            <th>Designation</th>
                                                            <th>Email</th>
                                                            <th>State</th>
                                                            <th>Business Nature</th>
                                                            <th>Data code</th>
                                                        </tr>

                                                <?php 
                                                while($results = mysqli_fetch_array($raw_results)){
                                                    ?>

                                                        <tr align="center" style="margin-left: 100px;">
                                                            <td valign="top"><?php echo $results["ID"]; ?></td>
                                                            <td  valign="middle"><?php echo $results["Tag"]; ?></td>
                                                            <td valign="middle"><?php echo $results["Company"]; ?></td>
                                                            <td valign="middle"><?php echo $results["Designation"]; ?></td>
                                                            <td valign="middle"><?php echo $results["Email"]; ?></td>
                                                            <td valign="middle"><?php echo $results["State"]; ?></td>
                                                            <td valign="middle"><?php echo $results["BusinessNature"]; ?></td>
                                                            <td valign="middle"><?php echo $results["Datacode"]; ?></td>
                                                        </tr>


                                                <?php
                                                }
                                                 ?></table><?php
                                            }



                                            else{ // if there is no matching rows do following
                                                // echo "No results";
                                                echo "<script language = 'Javascript'>";
                                                echo "alert('No Result!');";
                                                echo "location.href = '../adminpage.php';</script>";
                                            }




                                    }
                                }
                            ?>

                            </div><!--End for id=contentwrap-->



                            </body>
                            </html>

我有1个职位名称文本字段和1个公司文本字段。当我只键入公司文本字段时,它会显示此错误

  

您的SQL语法有错误;检查手册   对应于您的MariaDB服务器版本,以获得正确的语法   靠近'和(BusinessNature LIKE'%chemical%'或公司LIKE   '%化学%')

这意味着职位名称字段是必需的。我能知道这个错误是什么吗?

点击此处,

仅插入一个字段http://spaceforemail.com/1.PNG

结果http://spaceforemail.com/2.PNG

插入两个字段http://spaceforemail.com/3.PNG

结果http://spaceforemail.com/4.PNG

1 个答案:

答案 0 :(得分:0)

第一种方法:两个输入字段应具有可区分的名称,否则PHP将无法使用第一个值。

此外,您应该只使用包含某些内容的输入字段,如下所示:

$where = "";
$whereConditions = array();
if(strlen($query1) > 0) {
  $whereConditions[] = "Designation LIKE '%" . $query1 . "%'";
}
if(strlen($query2) > 0) {
  $whereConditions[] = "Designation LIKE '%" . $query2 . "%'";
}
if(count($whereConditions) > 0) {
  $where = "WHERE (" . implode(" OR ", $whereConditions) . ")";
}
$query = "SELECT * FROM user_info " . $where . " order by ID";
$raw_results = mysqli_query($conn, $query) or die (mysqli_error());