我的帖子过滤有问题。我正在一个房地产网站上工作,我希望用户能够按位置进行搜索。但问题是某些位置有撇号(Bishop's Stortford)并导致页面无法加载。
编辑:
我的帖子设置了自定义帖子类型和高级自定义字段。城镇,县和邮政编码是包含地址值的帖子上的acf文本字段。
我该如何解决这个问题?我可以让城镇接受撇号吗?继承我的代码;
<form action="<?php the_permalink(); ?>" method="get">
<label>Min:</label>
<input type="number" name="min_price" id="min_price">
<label>Max:</label>
<input type="number" name="max_price" id="max_price">
<label>Bedrooms:</label><br>
<select name="min_beds">
<option value="1">One</option>
<option value="2">Two</option>
<option value="3">Three</option>
<option value="4">Four</option>
<option value="5">Five</option>
<option value="6+">Six+</option>
</select>
<select name="max_beds">
<option value="1">One</option>
<option value="2">Two</option>
<option value="3">Three</option>
<option value="4">Four</option>
<option value="5">Five</option>
<option value="6+">Six+</option>
</select>
<label>Location</label><br>
<input type="text" name="location">
<input type="submit">
<?php
if($_GET['min_price'] && !empty($_GET['min_price'])){
$min_price = $_GET['min_price'];
}else{
$min_price = 0;
}
if($_GET['max_price'] && !empty($_GET['max_price'])){
$max_price = $_GET['max_price'];
}else{
$max_price = 10000000;
}
if($_GET['min_beds'] && !empty($_GET['min_beds'])){
$min_beds = $_GET['min_beds'];
}else{
$min_beds = '1';
}
if($_GET['max_beds'] && !empty($_GET['max_beds'])){
$max_beds = $_GET['max_beds'];
}else{
$max_beds = '6+';
}
if($_GET['location'] && !empty($_GET['location'])){
$location = $_GET['location'];
}
$posts = get_posts(array(
'posts_per_page' => -1,
'post_type' => 'property',
'orderby' => 'date',
'meta_query' => array(
'relation' => 'AND',
array(
'key' => 'property_status',
'value' => 'For Sale'
),
array(
'key' => 'property_price',
'type' => 'NUMERIC',
'value' => array($min_price, $max_price),
'compare' => 'BETWEEN'
),
array(
'key' => 'bedrooms',
'value' => array($min_beds, $max_beds),
'compare' => 'BETWEEN'
),
array(
'relation' => 'OR',
array(
'key' => 'town',
'value' => $location,
'compare' => 'LIKE'
),
array(
'key' => 'county',
'value' => $location,
'compare' => 'LIKE'
),
array(
'key' => 'postcode',
'value' => $location,
'compare' => 'LIKE'
)
),
)
));
?>
答案 0 :(得分:1)
使用mysqli_real_escape_string($conn, $request)
我猜这应该有用。请尝试留下反馈,以便我在必要时更新答案。
if($_GET['location'] && !empty($_GET['location'])){
$location = mysqli_real_escape_string($conn, $_GET['location']);
}