Php 搜索数据库列时出现未知列“Where子句中的Bloomsbury”错误
从下拉列表中选择后 创建下拉列表的PHP代码Php 搜索数据库列时出现未知列“Where子句中的Bloomsbury”错误,php,mysql,sql,database,Php,Mysql,Sql,Database,从下拉列表中选择后 创建下拉列表的PHP代码 function getPublishers (){ $sql = "SELECT DISTINCT bookid, publisher FROM book GROUP BY publisher ORDER BY publisher ASC"; $rs = mysql_query($sql) or die(mysql_error()); $rows = mysql_fetch_assoc($rs); $tot
function getPublishers (){
$sql = "SELECT DISTINCT bookid, publisher FROM book GROUP BY publisher ORDER BY
publisher ASC";
$rs = mysql_query($sql) or die(mysql_error());
$rows = mysql_fetch_assoc($rs);
$tot_rows = mysql_num_rows($rs);
if($tot_rows>0){
echo "<select name=\"srch_publisher\" id=\"srch_publisher\">\n";
echo "<option value=\"\">Any Publisher…</option>\n";
do{
echo "<option value=\"".$rows['bookid']."\"";
getSticky(2, 'srch_publisher', $rows['bookid']);
echo ">".$rows['publisher']."</option>";
} while($rows = mysql_fetch_assoc($rs));
echo "</select>";
}
mysql_free_result($rs);
}
基于选择执行查询的PHP代码
$sql = "SELECT DISTINCT bk.title AS Title, bk.year AS Year, bk.publisher AS Publisher, aut.authorname AS Author
FROM book bk
JOIN book_category bk_cat
ON bk_cat.book_id = bk.bookid
JOIN categories cat
ON cat.id = bk_cat.category_id
JOIN books_authors bk_aut
ON bk_aut.book_id = bk.bookid
JOIN authors aut
ON aut.id = bk_aut.author_id";
if(isset($_GET['searchInput'])){
$input = $_GET['searchInput'];
$input = preg_replace('/[^A-Za-z0-9]/', '', $input);
}
if (isset($input)){
$getters = array();
$queries = array();
foreach ($_GET as $key => $value) {
$temp = is_array($value) ? $value : trim($value);
if (!empty($temp)){
if (!in_array($key, $getters)){
$getters[$key] = $value;
}
}
}
if (!empty($getters)) {
foreach($getters as $key => $value){
${$key} = $value;
switch ($key) {
case 'searchInput':
array_push($queries,"(bk.title LIKE '%$searchInput%'
|| bk.description LIKE '%$searchInput%' || bk.isbn LIKE '%$searchInput%'
|| bk.keywords LIKE '%$searchInput%' || aut.authorname LIKE '%$searchInput%')");
break;
case 'srch_publisher':
array_push($queries, "(bk.bookid = $srch_publisher)");
break;
case 'srch_author':
array_push($queries, "(bk_aut.author_id = $srch_author)");
break;
}
}
}
if(!empty($queries)){
$sql .= " WHERE ";
$i = 1;
foreach ($queries as $query) {
if($i < count($queries)){
$sql .= $query." AND ";
} else {
$sql .= $query;
}
$i++;
}
}
$sql .= " GROUP BY bk.title ORDER BY bk.title ASC";
}else{
$sql .= " GROUP BY bk.title ORDER BY bk.title ASC";
}
当我与出版商Bloomsbury或任何其他出版商一起搜索书籍时,我会在Where子句中找到未知列“Bloomsbury”,即使我正在搜索出版商的列
array_push($queries, "(bk.bookid = $srch_publisher)"
应该是
array_push($queries, "(bk.bookid = '$srch_publisher')"
…如果要搜索字符串,需要在字符串周围加引号
但是-您不应该以这种方式引入参数,mysql_*函数已被弃用。请查看mysqli或PDO和参数绑定。显示您发送到查询函数调用的实际查询。您可能容易受到SQL注入攻击和/或忘记引用某些内容,因此您的位置为publisher=Bloo姆斯伯里