我知道这个问题之前已被问过几次,但我无法找到我的方法的错误。
问题:mysql_num_rows在
时返回错误结果$sql = "SELECT * FROM $topic WHERE $names LIKE '%$q%'";
但是如果我用以下任何一个替换$ sql,它将返回true。
$sql = "SELECT * FROM $topic WHERE $names LIKE '%j%'";
$sql = "SELECT * FROM $topic WHERE $names ='Jack'";
$sql = "SELECT * FROM $topic WHERE $names = '$q' ";
var_dump的结果
string(8) "Cust_Reg" string(5) "fName" string(2) "j "
resource(8) of type (mysql result)
string(46) "SELECT * FROM Cust_Reg WHERE fName LIKE '%j %'"
如果我更改$ sql =“SELECT * FROM $ topic WHERE $ names LIKE'%j%'”;
$ row ['ID']的var_dump将显示
"SELECT * FROM Cust_Reg WHERE fName LIKE '%j%'" string(4) "NjA="
string(4) "NjE=" string(4) "NjQ=" string(4) "NjY=" string(4) "ODI="
如果你能纠正我的错误,我会推荐它。
$q = mysql_real_escape_string($_GET['search']);
$q = strtolower($q);
$topic = mysql_real_escape_string($_GET['test']);
$names = mysql_real_escape_string($_GET['name']);
// SELECT * from Account_Reg where Account_Name LIKE '%$q%'
$table = "<table style='width:400px; padding:10; display:block;'><tbody>
<tr><td>ID</td><td>Account</td><td>First Name</td><td>Email</td></tr>";
$sql = "SELECT * FROM $topic WHERE $names LIKE '%{$q}%'";
$result = mysql_query($sql) or die (mysql_error());
var_dump($topic);
var_dump($names);
var_dump($q);
var_dump($result);
var_dump($sql);
if(is_resource($result) && mysql_num_rows($result) > 0){
while($row = mysql_fetch_array($result)) {
$table .= "<tr><td>".$row['ID']."</td>";
$cryt = base64_encode($row['ID']);
$row['ID'] = htmlspecialchars($cryt);
$link = "profile.cust.update.php?id=". urlencode($row['ID']);
$link = htmlentities($link);
if($names == "fName"){
$name = $row['fName'];
}elseif($names == "Account_Name"){
$name = $row['Account_Name'];
$row['email_add'] = "";
}
$table .="<td></td><td><a href='" .$link ."'</a>" .$name."</td><td>".$row['email_add']."</td></a> </tr>";
}$table .="</tbody</table";
}else{$table = "No row is selected"; }
答案 0 :(得分:4)
尝试使用:
$sql = "SELECT * FROM $topic WHERE $names LIKE '%{$q}%'";
或
$sql = "SELECT * FROM $topic WHERE $names LIKE '%" . $q . "%'";
并且对于debug,尝试在执行前输出$ sql,以查看变量是如何被替换的
echo $sql; die();
来自文档的@AdamWaite:
http://dev.mysql.com/doc/refman/5.0/en/pattern-matching.html
MySQL提供标准的SQL模式匹配以及基于类似于Unix实用程序(如vi,grep和sed)使用的扩展正则表达式的模式匹配形式。
SQL模式匹配使您可以使用“_”匹配任何单个字符,使用“%”匹配任意数量的字符(包括零个字符)。在MySQL中,SQL模式默认情况下不区分大小写。这里显示了一些例子。你不使用=或&lt;&gt;当你使用SQL模式时;改为使用LIKE或NOT LIKE比较运算符。
答案 1 :(得分:1)
问题是在$ q "j "
中尾随空格。当然
"SELECT * FROM $topic WHERE $names LIKE '%$q%'"
转换为:
"SELECT * FROM $topic WHERE $names LIKE '%j %'"
返回不同的结果:
"SELECT * FROM $topic WHERE $names LIKE '%j%'"