Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/255.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php 需要多个参数的高级搜索_Php_Mysql - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php 需要多个参数的高级搜索

Php 需要多个参数的高级搜索

php mysql

Php 需要多个参数的高级搜索,php,mysql,Php,Mysql,我正在开发一个高级搜索功能,但无法让它返回任何值 mysql_select_db($database_Audiologiska, $Audiologiska); $where = array(); if (isset($_POST['Personnummer_search'])) { $searchword = $_POST['Personnummer_search']; $where[] = "vanster_implantat.patv LIKE '%".$sear

我正在开发一个高级搜索功能,但无法让它返回任何值

mysql_select_db($database_Audiologiska, $Audiologiska);
$where = array();
if (isset($_POST['Personnummer_search'])) 
{   
    $searchword = $_POST['Personnummer_search'];
    $where[] =  "vanster_implantat.patv LIKE '%".$searchword."%'";
}
if(isset($_POST['Namn_search']))
{
    $name = $_POST['Namn_search'];
    $where[] =  "person.Namn LIKE '%".$name."%'";

}
if(isset($_POST['Efternamn_search']))
{
    $surname = $_POST['Efternamn_search'];
    $where[] =  "person.Efternamn LIKE '%".$surname."%'";

}
if(count($where))
{
   $query_SokvansterImp = "SELECT * FROM patient left join person on person.Personnummer = patient.Patient
    left join vanster_implantat on vanster_implantat.Patv = patient.Patient
     WHERE ".implode(" AND ",$where);
}
else//Visa all data
{

    $query_SokvansterImp = "select * from patient left join person on person.Personnummer = patient.Patient left join vanster_implantat on vanster_implantat.patv = patient.Patient";

}
$SokvansterImp = mysql_query($query_SokvansterImp, $Audiologiska) or die(mysql_error());
$row_SokvansterImp = mysql_fetch_assoc($SokvansterImp);
$totalRows_SokvansterImp = mysql_num_rows($SokvansterImp);
除了不是mysqli而是mysql之外,你能看到这段代码是否有任何错误吗?

你是否尝试过手动运行该查询;e、 g.使用mysql命令行工具或phpMyAdmin

如果你这样做了,那么你应该得到关于任何潜在错误、打字错误等的反馈

另外,为了清楚起见,您是否确实对查询字符串执行了mysql\u查询,以及mysql\u fetch\u array/fetch\u row/fetch\u assoc? 应该是这样的:

    $result = mysql_query($query_SokvansterImp) or die(mysql_error());
    // die(mysql_error()); will cause the script to stop executing on error, 
    //and display the error message - you can leave it out but it's useful for debugging...

    while ($row = mysql_fetch_assoc($result)) {
        // Do stuff with the returned data - can be referenced by result column name
    }
在评论3之后编辑:
尝试用if$value!=替换if语句条件中的isset。可能是设置了这些值,导致isset返回true,即使那里没有真实文本…

echo$query\u sokvanterimp并将输出放在这里。这是在我填写Personnummer时,但没有填写其他字段:SELECT*FROM patient left join person on person.Personnummer=patient.patient left join vanster\u implantat onvanster_implantat.Patv=patient.patient WHERE vanster_implantat.Patv像“%19920506%”和person.Namn像“%”和person.Efternamn像“%”这段代码有SQL注入漏洞-若要查看如何防范此漏洞,请查看您之前非常类似的问题。我没有显示所有代码,只是连接到数据库的代码。我用的是phpmyAdmin和Dreamwewaver。我将更新我的回答如果在phpMyAdmin中运行查询,查询是否会产生正确的预期结果?如果是这样的话,我会尝试添加'或死亡'的地方,它可能会失败mysql\u连接,mysql\u选择\u数据库等。。。看看能走多远…不。它对phpmyadmin也不起作用。问题是和person.Namn类似于“%”和person.Efternamn类似于“%”它必须在某种程度上绕过它。你的意思是这样吗?如果$value!='Personnummer\u search'不,更像是if$\u POST['Personnummer\u search']=