Php 如何使用日期和协调人名称筛选数据?
我是PHP的新手。我正在尝试使用日期间(日期选择器)和协调器名称筛选数据,但无法获得正确的结果。我希望你能帮我做这件事 index.phpPhp 如何使用日期和协调人名称筛选数据?,php,mysql,Php,Mysql,我是PHP的新手。我正在尝试使用日期间(日期选择器)和协调器名称筛选数据,但无法获得正确的结果。我希望你能帮我做这件事 index.php <?php $connect = mysqli_connect("localhost", "root", "", "filter"); $query = " SELECT * FROM delivery_summary a , suppliers b where a.ds_supid = b.sup_seri
<?php
$connect = mysqli_connect("localhost", "root", "", "filter");
$query = "
SELECT *
FROM delivery_summary a
, suppliers b
where a.ds_supid = b.sup_serial
ORDER
BY ds_date
";
$result = mysqli_query($connect, $query);
?>
<!DOCTYPE html>
<html>
<head>
<title>Ajax PHP MySQL Date Range Search using jQuery DatePicker</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />
<script src="http://code.jquery.com/ui/1.10.3/jquery-ui.js"></script>
<link rel="stylesheet" href="http://code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css">
</head>
<body>
<br /><br />
<div class="container" style="width:900px;">
<h2 align="center">Ajax PHP MySQL Date Range Search using jQuery DatePicker</h2>
<h3 align="center">Delivery Summary</h3><br />
<div class="col-md-3">
<input type="text" name="from_date" id="from_date" class="form-control" placeholder="From Date" />
</div>
<div class="col-md-3">
<input type="text" name="to_date" id="to_date" class="form-control" placeholder="To Date" />
</div>
<div class="col-md-5">
<input type="text" name="coord_name" id="coord_name" class="form-control" placeholder="Coordinator" />
</div>
<div class="col-md-9">
<input type="button" name="filter" id="filter" value="Search" class="btn btn-info" />
</div>
<td></td>
</div>
<div style="clear:both"></div>
<br />
<div id="summary_table">
<table class="table table-bordered">
<tr>
<th width="10%">Last Name</th>
<th width="10%">First Name</th>
<th width="10%">DR Number</th>
<th width="10%">DR Date</th>
<th width="10%">Amount</th>
<th width="10%">Balance</th>
<th width="10%">Coordinator</th>
</tr>
<?php
while($row = mysqli_fetch_array($result))
{
?>
<tr>
<td><?php echo $row["sup_lastname"]; ?></td>
<td><?php echo $row["sup_firstname"]; ?></td>
<td><?php echo $row["ds_drnumber"]; ?></td>
<td><?php echo $row["ds_date"]; ?></td>
<td><?php echo $row["ds_amount"]; ?></td>
<td><?php echo $row["ds_balance"]; ?></td>
<td><?php echo $row["coordinator"]; ?></td>
</tr>
<?php
}
?>
</table>
</div>
</div>
</body>
</html>
<script>
$(document).ready(function(){
$.datepicker.setDefaults({
dateFormat: 'yy-mm-dd'
});
$(function(){
$("#from_date").datepicker();
$("#to_date").datepicker();
});
$('#filter').click(function(){
var from_date = $('#from_date').val();
var to_date = $('#to_date').val();
if(from_date != '' && to_date != '')
{
$.ajax({
url:"filter_summary.php",
method:"POST",
data:{from_date:from_date, to_date:to_date},
success:function(data)
{
$('#summary_table').html(data);
}
});
}
else
{
alert("Please Select Date");
}
});
});
</script>
使用jQuery DatePicker进行Ajax PHP MySQL日期范围搜索
使用jQuery DatePicker进行Ajax PHP MySQL日期范围搜索
交付摘要
姓
名字
博士编号
Date博士
数量
平衡
协调员
$(文档).ready(函数(){
$.datepicker.setDefaults({
日期格式:“yy-mm-dd”
});
$(函数(){
$(“#自#日期”).datepicker();
$(“#截止日期”).datepicker();
});
$(“#过滤器”)。单击(函数(){
var from_date=$(“#from_date”).val();
var to_date=$(“#to_date”).val();
如果(从日期!=''到日期!='')
{
$.ajax({
url:“filter_summary.php”,
方法:“张贴”,
数据:{from_date:from_date,to_date:to_date},
成功:功能(数据)
{
$('汇总表').html(数据);
}
});
}
其他的
{
警报(“请选择日期”);
}
});
});
filter_summary.php
<?php
//filter_summary.php
if(isset($_POST["from_date"], $_POST["to_date"], $_POST["coord_name"]))
{
$connect = mysqli_connect("localhost", "root", "", "filter");
$output = '';
$query = "
SELECT *
FROM delivery_summary a
, suppliers b
where a.ds_supid = b.sup_serial
AND coord_name '".$_POST["coord_name"]."'
AND ds_date BETWEEN '".$_POST["from_date"]."' AND '".$_POST["to_date"]."'
";
$result = mysqli_query($connect, $query);
$output .= '
<table class="table table-bordered">
<tr>
<th width="15%">Last Name</th>
<th width="15%">First Name</th>
<th width="15%">DR Number</th>
<th width="15%">DR Date</th>
<th width="15%">Amount</th>
<th width="15%">Balance</th>
<th width="15%">Coordinator</th>
</tr>
';
if(mysqli_num_rows($result) > 0)
{
while($row = mysqli_fetch_array($result))
{
$output .= '
<tr>
<td>'. $row["sup_lastname"] .'</td>
<td>'. $row["sup_firstname"] .'</td>
<td>'. $row["ds_drnumber"] .'</td>
<td>'. $row["ds_date"] .'</td>
<td>'. $row["ds_amount"] .'</td>
<td>'. $row["ds_balance"] .'</td>
<td>'. $row["coordinator"] .'</td>
</tr>
';
}
}
else
{
$output .= '
<tr>
<td colspan="5">Records Found!!!</td>
</tr>
';
}
$output .= '</table>';
echo $output;
}
?>
和coord_name'.$\u POST[“coord_name”]”和
看起来像是语法错误和SQL注入漏洞。使用错误报告。您应该使用参数化查询。谢谢我会检查链接。。。