我正在尝试创建一个html表单,该表单将使用3个文本字段和一个提交按钮接受3种不同类型的查询请求。当人员在其中一个字段中输入数据并单击提交按钮时,它将根据输入查询数据库。我可以用一个文本框来做,但我不知道如何用三个文本框。此外,用户一次只能选择只查询一个文本字段。
字段1是student_id字段2是last_name字段3是exam_date。
人员可以输入student_id,且只能输入student_id,或last_name,且只能键入姓氏,或examDate,且只能填入考试日期。
我遇到的问题之一是如何将3种不同类型的数据传递给PHP并在select语句中进行查询。我似乎必须创建3个不同的选择查询语句,但我如何创建代码来识别要运行的查询?
以下是我目前所拥有的:
<!DOCTYPE html>
<div id="form_wrap"><!-- start form wrap -->
<div id="form_header">
</div>
<div id="form_body">
<p>Search for a certification request (Enter one of the following):</p>
<form action="search.php" method="post" name="information" id="information"
onsubmit="return(validate())">
<div class="field">
<label for = "Student_id"> Student ID:</label>
<input type="text" name="search" id="search" />
</div>
<div class="field">
<label for = "last_name"> Last Name:</label>
<input type="text" name="last" id="last" />
</div>
<div class="field">
<label for = "examDate"> Exam Date:</label>
<input type="text" name="date" id="mm/dd/yyyy" />
<input type="submit" value="Search" />
</form>
</div>
</div>
这是php代码
<?php
require 'security.php';
error_reporting(E_ALL);
ini_set('display_errors', '1');
// Otherwise we connect to our Database
$db = new mysqli('localhost', 'root', '', 'corpmis_ddempsey');
//check connection
if($db->connect_errno) {
die('sorry, we are having some problems');
}else {
echo 'connected';
}
$search = $_REQUEST['search'];
//If they did not enter a search term we give them an error
if ($search == "")
{
echo "<p>You forgot to enter a search term!!!";
exit;
}
// We perform a bit of filtering
//$search = strtoupper($search);
$search = strip_tags($search);
$search = trim ($search);
//Now we search for our search term, in the field the user specified
//$result = $db->query("SELECT * FROM records WHERE student_id LIKE '$search'");
/*
");
*/
//And we display the results
if($result = $db->query("SELECT * FROM records WHERE student_id LIKE '$search'" )){
if($result->num_rows){
while($row = $result->fetch_object()){
$records[] = $row;
}
$result->free();
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Sample</title>
</head>
<body>
<h3>People</h3>
<?php
if(!count($records)) {
echo 'No records';
} else {
?>
<table>
<thead>
<tr>
<th>student_id</th>
<th>First name</th>
<th>Last name</th>
<th>email</th>
<th>Major</th>
<th>Exam Name</th>
<th>Taken class</th>
<th>Prepare</th>
<th>MeasureUp Key</th>
<th>Exam Date</th>
<th>Request Made On</th>
</tr>
</thead>
<tbody>
<?php
foreach($records as $r){
?>
<tr>
<td><?php echo $r->student_id; ?></td>
<td><?php echo $r->first_name; ?></td>
<td><?php echo $r->last_name; ?></td>
<td><?php echo $r->email; ?></td>
<td><?php echo $r->major; ?></td>
<td><?php echo $r->examName?></td>
<td><?php echo $r->taken_class; ?></td>
<td><?php echo $r->prepare; ?></td>
<td><?php echo $r->MeasureUpKey; ?></td>
<td><?php echo $r->examDate; ?></td>
<td><?php echo $r->request_made; ?></td>
</tr>
<?php
}
?>
</tbody>
</table>
<?php
}
?>
实际上你做不到。您可以识别哪个输入框具有值,并根据该值创建查询。但是,可以填写多个输入并提交表单,所以这是不可行的。一种选择是使用下拉列表,让用户选择要填写的输入。例如:
<select name="type">
<option value="student_id">Student ID</option>
<option value="last_name">Last name</option>
<option value="date">Exam date</option>
</select>
<input name="typeValue" value="" />
现在您知道了用户要查询的字段。你可以通过例如:捕捉到这一点
<?php
//Note that you should add checks using e.g. isset()
$value = $_POST['typeValue'];
if($_POST['type'] == "student_id")
{
//Query with $value on student_id
}
elseif($_POST['type'] == "last_name")
{
//Query with $value on last_name
}
elseif($_POST['type'] == "date")
{
//Query with $value on date
}
?>
或者,如果它在同一个表中,并且option值与表中的列名相同:
<?php
//Note that you should add checks using e.g. isset()
//Also note this is vulnerable for SQL injection, using prepared statements will solve that.
$query = $db->query("SELECT * FROM records WHERE ".$_POST['type']." LIKE '%".$_POST['typeValue']."%'" );
?>
您也可以使用Javascript修复此问题。javascript的一个选项是识别哪个输入字段是最后填充的,并根据最后填充的输入字段创建查询。
有很多方法可以实现这一点,但您可以在这里使用ajax请求。将ajax post请求发送到您的sql查询页面,并将用户输入的值作为post参数。
在查询页面上,您可以将post参数传递到sql查询的where子句中。然后填写ajax成功响应表。
我的html代码
[code]
<!-- start javascript -->
<script type="text/javascript">
/*<![CDATA[ */
function check(){
if(document.lastname.last.value == "" || document.lastname.last.value == null)
{
alert("no last name entered");
return false;
}
}
function checkdate() {
var date_regex = /^(0[1-9]|1[0-2])'/(0[1-9]|1'd|2'd|3[01])'/(19|20)'d{2}$/ ;
if(!(date_regex.test(testDate)))
{
return false;
}
}
function fieldSwap(image){
var sb = document.getElementById('sb');
if(sb.value == ""){
sb.style.background = "url(images/"+image+") no-repeat";
}
}
function buttonSwap(image){
var sb = document.getElementById('sb');
sb.src = "images/"+image;
}
function validate(){
var x = document.information.search.value;
if (x.length<10 || x.length>10){
alert("student id is incorrect");
return false;
}
}
/*]]> */
</script>
<!-- end javascript -->
</head>
<body>
<div id="form_wrap"><!-- start form wrap -->
<div id="form_header">
</div>
<div id="form_body">
<p>Search for a certification request (Enter one of the following):</p>
<form action="search.php" method="POST" name="information" id="information" onsubmit="return(validate())">
<div class="field">
<select name="type">
<option value="student_id">Student ID</option>
<option value="last_name">Last name</option>
<option value="examdate">Exam date</option>
</select>
<input name="typeValue" value="" />
<input type="submit" value="Search" />
</form>
</div>
</div>
</div><!-- end form wrap -->
</body>
</html>
[/code
php代码。。只测试student_id查询,看看我是否编码正确,然后会添加姓氏和考试日期的select查询。
[代码]
$records = array();
$typeValue = $_REQUEST['typeValue'];
echo $typeValue;
//If they did not enter a search term we give them an error
if ($typeValue == "")
{
echo "<p>You forgot to enter a search term!!!";
exit;
}
// We perform a bit of filtering
//$typevalue = strtoupper($search);
$typeValue = strip_tags($typeValue);
$typeValue = trim ($typeValue);
//Note that you should add checks using e.g. isset()
$value = $_POST['typeValue'];
if($_POST['type'] == "student_id")
{
//Query with $value on student_id
if($result = $db->query("SELECT * FROM records WHERE student_id LIKE '$typeValue'" )){
if($result->num_rows){
while($row = $result->fetch_object()){
}
$result->free();
}
}
}
elseif($_POST['type'] == "last_name")
{
//Query with $value on last_name
}
elseif($_POST['type'] == "date")
{
//Query with $value on date
}
/*}*/ echo "value of $value" .$value;
//This counts the number or results - and if there wasn't any it gives them a little message explaining that
$anymatches=$result;
if ($anymatches == 0 )
{
echo "Sorry, but we can not find an entry to match your query...<br><br>";
}
//And we remind them what they searched for
echo "<b>Results For:</b> " .$typeValue;
//}
?>
<!DOCTYPE html>
<html>
<head>
<title>Search Result</title>
</head>
<body>
<h3>Results</h3>
<?php
if(!count($records)) {
echo 'No records';
} else {
?>
<table>
<thead>
<tr>
<th>student_id</th>
<th>First name</th>
<th>Last name</th>
<th>email</th>
<th>Major</th>
<th>Exam Name</th>
<th>Taken class</th>
<th>Prepare</th>
<th>MeasureUp Key</th>
<th>Exam Date</th>
<th>Request Made On</th>
</tr>
</thead>
<tbody>
<?php
foreach($records as $r){
?>
<tr>
<td><?php echo $r->student_id; ?></td>
<td><?php echo $r->first_name; ?></td>
<td><?php echo $r->last_name; ?></td>
<td><?php echo $r->email; ?></td>
<td><?php echo $r->major; ?></td>
<td><?php echo $r->examName?></td>
<td><?php echo $r->taken_class; ?></td>
<td><?php echo $r->prepare; ?></td>
<td><?php echo $r->MeasureUpKey; ?></td>
<td><?php echo $r->examDate; ?></td>
<td><?php echo $r->request_made; ?></td>
</tr>
<?php
}
?>
</tbody>
</table>
<?php
}
?>
</html>
[/code]