PHP PDO如何在查询中搜索2个或更多值?

时间:2019-03-31 09:10:31

标签: php search pdo

假设我有一个搜索表单,并且我想按名称或电子邮件进行搜索,我只能设法按一个值进行搜索,否则,我将收到一个SQL错误。

我浏览了该网站,但没有找到解决我问题的方法。

此代码有效:

    if (isset($_POST['search'])) {
    $search = $_POST['search'];

    $sql = "SELECT * FROM `users` WHERE `name` LIKE ?";

    $stmt = $pdo->prepare($sql);

    $stmt->execute(array($search));

当我这样尝试时结束,但没有:

    if (isset($_POST['search'])) {

    $search = $_POST['search'];

    $sql = "SELECT * FROM `users` WHERE `name` LIKE ? OR `email` LIKE ?";

    $stmt = $pdo->prepare($sql);

    $stmt->execute(array($search));

如何通过姓名或电子邮件进行搜索?

编辑: 这是错误:

未捕获的PDOException:SQLSTATE [HY093]:无效的参数号

EDIT2:

这是可行的解决方案:

    $search = $_POST['search'];

    if (isset($search)) {

        $sql = "SELECT * FROM `users` WHERE `name` LIKE ? OR `email` LIKE 
    ?";

        $stmt = $pdo->prepare($sql);

        $stmt->execute(["%$search%", "%$search%"]);
    }

1 个答案:

答案 0 :(得分:1)

我认为问题在于$search变量仅包含一个元素。试试这个:

$search = $_POST['search'];

if (isset($search)) {

    $sql = "SELECT * FROM `users` WHERE `name` LIKE ? OR `email` LIKE ?";

    $stmt = $pdo->prepare($sql);

    $stmt->execute([$search, $search]);
}

另一种解决方案是将PDO::ATTR_EMULATE_PREPARES连接选项设置为TRUE。这样,您可以使用多个具有相同名称的命名标记(此处为:search),并为它们分配单个变量的值(此处为组成的字符串'%' . $search . '%')。

请注意:当使用百分之一或百分之二的字符(%)时,查询将返回包含提供的搜索值的所有 值。而在完全省略%个字符的情况下,查询将返回所有 exact 值,并且LIKE可以替换为=。由您决定使用哪种替代方法。

这是一个完整的示例:

connection.php: 

<?php

/*
 * This page contains the code for creating a PDO connection instance.
 */

// Db configs.
define('HOST', 'localhost');
define('PORT', 3306);
define('DATABASE', 'tests');
define('USERNAME', 'abc');
define('PASSWORD', 'def');
define('CHARSET', 'utf8');

// Error reporting.
error_reporting(E_ALL);
ini_set('display_errors', 1); /* SET IT TO 0 ON A LIVE SERVER! */

// Create a PDO instance as db connection to db.
$connection = new PDO(
        sprintf('mysql:host=%s;port=%s;dbname=%s;charset=%s', HOST, PORT, DATABASE, CHARSET)
        , USERNAME
        , PASSWORD
        , [
    PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
    PDO::ATTR_EMULATE_PREPARES => TRUE, /* This is the option of interest */
    PDO::ATTR_PERSISTENT => FALSE,
    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
        ]
);

test.php: 

<?php

require 'connection.php';

// Hardcoded value, for testing. Should be read from $_POST array.
$search = 'joe';

$sql = 'SELECT * FROM users WHERE name LIKE :search OR email LIKE :search';

$bindings = [
    ':search' => '%' . $search . '%',
];

$statement = $connection->prepare($sql);
$statement->execute($bindings);

$fetchedData = $statement->fetchAll(PDO::FETCH_ASSOC);

// Display fetched data.
if ($fetchedData) {
    echo '<pre>' . print_r($fetchedData, TRUE) . '</pre>';
} else {
    echo 'No data found.';
}

结果: 

Array
(
    [0] => Array
        (
            [id] => 1
            [name] => j.r.
            [email] => joey@example.com
        )

    [1] => Array
        (
            [id] => 3
            [name] => joe
            [email] => joe@example.com
        )

)

表定义: 

CREATE TABLE tests.users (
    id BIGINT NOT NULL AUTO_INCREMENT,
    name varchar(100) NULL,
    email varchar(100) NULL,
    CONSTRAINT users_PK PRIMARY KEY (id)
)
ENGINE=InnoDB
DEFAULT CHARSET=utf8
COLLATE=utf8_general_ci;

使用的数据: 

id|name   |email              |
--|-------|-------------------|
 1|j.r.   |joey@example.com   |
 2|michael|michael@example.com|
 3|joe    |joe@example.com    |

资源:

相关问题
最新问题