最受欢迎

MYSQL搜索- PHP表单

MYSQL Search - PHP Form

本文关键字:表单 PHP 搜索 MYSQL | 更新日期: 2023-09-27
<div class="searchbox">
    <form action="Search.php" method="get">
       <fieldset>
          <input id="$search" placeholder="Search for a Product" type="text" />
          <input id="submit" type="hidden" />
       </fieldset>
    </form>
</div>
<div id="content">
<ul>        
<?php
$host = "xxx"; 
$user = "xxx"; 
$pass = "xxx"; 
$db = "xxx"; 
mysql_connect($host, $user, $pass); 
mysql_select_db($db); 
unset($host,$user,$pass,$db); 

//$query = "SELECT produkt FROM checklist WHERE id IS "1";  
$query = "SELECT produkt FROM checklist WHERE id LIKE '%$search%'";  
$result = mysql_query($query); 
  while ($row = mysql_fetch_array($result)) 
{ 
echo "<li><span class='name'><b>$row[produkt]</b><br /></span><span class='comment'><i>Tierische Stoffe: </i>$row[tierisch]</span><i> Alkohol: </i>$row[alkohol]</span></span></li>";
  }  
?>
我的搜索框好像出了点问题。目前,我只看到数据库中的所有项目,我想看到我正在搜索的项目。

就像这样?

<div class="searchbox">
    <form action="Search.php" method="get">
       <fieldset>
          <input id="search" placeholder="Search for a Product" type="text" />
          <input id="submit" type="hidden" />
       </fieldset>
    </form>
</div>
<div id="content">
<ul>        
<?php
$host = "xxx"; 
$user = "xxx"; 
$pass = "xxx"; 
$db = "xxx"; 
mysql_connect($host, $user, $pass); 
mysql_select_db($db); 
unset($host,$user,$pass,$db); 
$search = $_POST['search'];
$query = "SELECT produkt FROM checklist WHERE id LIKE '%".$_POST['search']."%'";
//$query = "SELECT produkt FROM checklist WHERE id LIKE '%$search%'";  
$result = mysql_query($query); 

<input id="$search" placeholder

这里需要$吗?它应该变成:

<input id="search" placeholder
要从搜索查询中访问GET变量,请使用$_GET数组,如下所示: 
$query = "SELECT produkt FROM checklist WHERE id LIKE '%{$_GET['search']}%'";

但是为了安全起见,避免mysql注入,你可能想这样做:

$search = mysql_real_escape_string($_GET['search']);
$query = "SELECT produkt FROM checklist WHERE id LIKE '%{$search}%'";

编辑:忘记输入name属性:

<input name="search" id="search" placeholder="Search for a Product" type="text" />

然后在你的php

$search = mysql_real_escape_string($_GET['search']);
$query = "SELECT produkt FROM checklist WHERE id LIKE '%{$search}%'";
$result = mysql_query($query); 
while ($row = mysql_fetch_array($result)){  
    echo "<li><span class='name'><b>{$row['produkt']}</b></span></li>";
}

This: 

 <input id="$search" placeholder="Search for a Product" type="text" />

应该是(没有$ in ID):

<input id="search" placeholder="Search for a Product" type="text" />

你的查询应该是:

$query = "SELECT produkt FROM checklist WHERE id LIKE '%".$_POST['search']."%'";

表单中的变量被传递给脚本(在本例中是同一个页面),因此您必须使用$_POST检索它们。

您没有设置$search的值。您需要更新表单以包含一个name="search"元素,并在查询之前添加一行PHP代码,如下所示:

$search = $_GET['search'];

您还需要转义输入以避免SQL注入。

相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习