I'm fairly new to MySQL and PHP and have been reading books and watching tutorials and trying examples but I'm stuck on getting this search query to work. I have a simple search form:
我是MySQL和PHP的新手,一直在阅读书籍,观看教程和尝试示例,但我仍然坚持让这个搜索查询工作。我有一个简单的搜索表单:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<title>Untitled 5</title>
</head>
<body>
<h2>Search</h2>
<form name="search" method="post" action="process_search.php">
Seach for: <input type="text" name="find" />
<input type="submit" name="submit" value="search"/>
</form>
</body>
</html>
and here is the part of the php form that processes the search request that I'm having issues with
这是php表单的一部分,用于处理我遇到问题的搜索请求
$db_path ="localhost"; //---Host name or path to database
$db_username ="root"; //-----------------------------MySQL database username
$db_password = "password"; //----------------------------MySQL database password
$db_name = "database"; //--------------------------------MySQL database name
$tbl_name = "stuff"; //---------------------------------MySQL database table
// Connect to server and select databse
mysql_connect("$db_path", "$db_username", "$db_password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
//filtering input for xss and sql injection
$input = @$_GET['find'];
$input = strip_tags( $input );
$input = mysql_real_escape_string( $input );
$input = trim( $input );
$sql = mysql_query("select * from $tbl_name WHERE first_name = '". $input . "'");
while ($rows = mysql_fetch_array($sql)){
I'm following the example given but the query doesn't return any results, it will display the table headers as it should but nothing in the tables, I added mysql_error(); to my code and it reports no errors. What am I doing wrong?
我正在按照给出的示例但查询没有返回任何结果,它将显示表头,因为它应该但表中没有任何内容,我添加了mysql_error();到我的代码,它报告没有错误。我究竟做错了什么?
2 个解决方案
#1
0
You wanna change your query to...
你想把你的查询改为......
$sql = mysql_query("select * from $tbl_name WHERE first_name LIKE '%". $input . "%'");
But you really shouldn't be using mysql_*, its deprecated, you should use PDO to connect to the database
但是你真的不应该使用mysql_ *,不推荐使用它,你应该使用PDO来连接数据库
EDIT...
Your form has a method of "post" so you should have this instead...
你的表单有一个“发布”的方法,所以你应该有这个...
$input = $_POST['find'];
I believe that will solve your problem! :)
我相信这会解决你的问题! :)
EDIT 2...
Ok you need to find out why your form isnt posting the variable... So just have this on the page...
好的,你需要找出你的表单没有发布变量的原因...所以只需在页面上显示...
<form name="search" method="post" action="process_search.php">
Seach for: <input type="text" name="find" />
<input type="submit" name="submit" value="search"/>
</form>
and on your php page have nothing but...
并在你的PHP页面上只有......
<?php var_dump($_REQUEST);?>
Tell me what you get.... I would chat with you but you don't have enough rep points to chat, so hence multiple edits.
告诉我你得到了什么....我会和你聊天,但你没有足够的重复点来聊天,所以因此需要多次编辑。
#2
0
use this i belive this works if no result again you have another problem
使用这个我相信这是有效的,如果再没有结果你有另一个问题
$db_path ="localhost"; //---Host name or path to database
$db_username ="root"; //-----------------------------MySQL database username
$db_password = "password"; //----------------------------MySQL database password
$db_name = "database"; //--------------------------------MySQL database name
// Connect to server and select databse
mysql_connect("$db_path", "$db_username", "$db_password") or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
//filtering input for xss and sql injection
$input = mysql_real_escape_string(strip_tags(trim($_REQUEST['find'])));
$sql = mysql_query("SELECT * FROM stuff WHERE first_name='$input'");
while ($rows = mysql_fetch_array($sql)){
#1
0
You wanna change your query to...
你想把你的查询改为......
$sql = mysql_query("select * from $tbl_name WHERE first_name LIKE '%". $input . "%'");
But you really shouldn't be using mysql_*, its deprecated, you should use PDO to connect to the database
但是你真的不应该使用mysql_ *,不推荐使用它,你应该使用PDO来连接数据库
EDIT...
Your form has a method of "post" so you should have this instead...
你的表单有一个“发布”的方法,所以你应该有这个...
$input = $_POST['find'];
I believe that will solve your problem! :)
我相信这会解决你的问题! :)
EDIT 2...
Ok you need to find out why your form isnt posting the variable... So just have this on the page...
好的,你需要找出你的表单没有发布变量的原因...所以只需在页面上显示...
<form name="search" method="post" action="process_search.php">
Seach for: <input type="text" name="find" />
<input type="submit" name="submit" value="search"/>
</form>
and on your php page have nothing but...
并在你的PHP页面上只有......
<?php var_dump($_REQUEST);?>
Tell me what you get.... I would chat with you but you don't have enough rep points to chat, so hence multiple edits.
告诉我你得到了什么....我会和你聊天,但你没有足够的重复点来聊天,所以因此需要多次编辑。
#2
0
use this i belive this works if no result again you have another problem
使用这个我相信这是有效的,如果再没有结果你有另一个问题
$db_path ="localhost"; //---Host name or path to database
$db_username ="root"; //-----------------------------MySQL database username
$db_password = "password"; //----------------------------MySQL database password
$db_name = "database"; //--------------------------------MySQL database name
// Connect to server and select databse
mysql_connect("$db_path", "$db_username", "$db_password") or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
//filtering input for xss and sql injection
$input = mysql_real_escape_string(strip_tags(trim($_REQUEST['find'])));
$sql = mysql_query("SELECT * FROM stuff WHERE first_name='$input'");
while ($rows = mysql_fetch_array($sql)){