我这里有我的代码,并且我有这个错误:
警告:mysql_query() 期望参数 1 为字符串,资源在 C:''xampp''htdocs''xampp''elev8log''pages''tables''task.php 第 396 行给出
这是我的代码:
<?php
$sql = mysql_query('select * from taskview where dept_id=(select deptid from users where username="'.$_SESSION['username'].'")');
//where empname="'.$_SESSION['username'].'" and req_dateapprove IS NULL');
//where req_approveuser="'.$_SESSION['username'].'" and req_dateapprove IS NULL'
if(isset($_POST['search'])) {
$search_term = mysql_real_escape_string($_POST['search_box']);
$search_term=mysql_real_escape_string($_POST['search_box']);
$sql.="WHERE req_code LIKE '%{$search_term} %'";
$sql.="OR req_date LIKE '%{$search_term} %'";
$sql.="OR req_status LIKE '%{$search_term} %'";
$sql.="OR req_dateneeded LIKE '%{$search_term} %'";
$sql.="OR req_approveuser LIKE '%{$search_term} %'";
$sql.="OR req_noteuser LIKE '%{$search_term} %'";
$sql.="OR req_datenote LIKE '%{$search_term} %'";
$sql.="OR form_name LIKE '%{$search_term} %'";
$sql.="OR itrf_type LIKE '%{$search_term} %'";
$sql.="OR username LIKE '%{$search_term} %'";
$sql.="OR itrf_details LIKE '%{$search_term} %'";
$sql.="OR itrf_date LIKE '%{$search_term} %'";
$sql.="OR comp_name LIKE '%{$search_term} %'";
$sql.="OR dept_name LIKE '%{$search_term} %'";
$sql.="OR dept_code LIKE '%{$search_term} %'";
$sql.="OR dept_id LIKE '%{$search_term} %'";
// $sql.="OR descriptionsql LIKE '%{$search_term}%'";
}
//THIS IS THE LINE 396------->>>>>>$query = mysql_query($sql) or die(mysql_error());
?>
<!-- Main content -->
<section class="content">
<div class="row">
<div class="col-xs-12">
<div class="box">
<div class="box-header">
<h3 class="box-title">List of Pending Task</h3>
</div><!-- /.box-header -->
<div class="box-body">
<table id="example2" class="table table-bordered table-hover">
<label><input type="radio" name="all" value="all" checked> All </label>
<label><input type="radio" name="all" value="wait"> Waiting for Feedback </label><thead>
<label><input type="radio" name="all" value="closed"> Closed</label><thead>
<form name="search_form" method="POST" action="task.php">
Search: <input type="text" name="search_box" value="" />
<input type="submit" name="search" value="search....">
</form>
<tr>
<th>Date of Request</th>
<th>Requestor Name</th>
<th>Form Type</th>
<th>Request Type</th>
<th>Date Needed</th>
<th>Status</th>
<th>Action</th>
</tr>
</thead>
<?php
// if(isset($_GET['req_code'])){
// }
while($row = mysql_fetch_array($query))
{
?>
<tr>
<td><?php echo date($row['req_date']); ?></td>
<td class="left"><?php echo htmlentities($row['username'], ENT_QUOTES, 'UTF-8'); ?></a></td>
<td><?php echo htmlentities($row['form_name'], ENT_QUOTES, 'UTF-8'); ?></td>
<td> <?php echo ($row['itrf_type']);?></td>
<td> <?php echo ($row['req_dateneeded']);?></td>
<td> <?php echo ($row['req_status']);?></td>
<td class="left"><a href="#proceed-<?php echo $row['req_code'];?>" data-toggle="modal"><button type="submit" class="btn btn-primary" name="approved">Manage Task</button></a>
</tr>
您的 sql 格式不正确。使用这个
$sql = "SELECT * FROM taskview WHERE dept_id=(SELECT deptid FROM users WHERE username='".$_SESSION['username']."') ";
if (isset($_POST['search']))
$search_term = mysql_real_escape_string($_POST['search_box']);
$sql .= "AND (req_code LIKE '%{$search_term}%' ";
$sql .= "OR req_date LIKE '%{$search_term}%' ";
$sql .= "OR req_status LIKE '%{$search_term}%' ";
$sql .= "OR req_dateneeded LIKE '%{$search_term}%' ";
$sql .= "OR req_approveuser LIKE '%{$search_term}%' ";
$sql .= "OR req_noteuser LIKE '%{$search_term}%' ";
$sql .= "OR req_datenote LIKE '%{$search_term}%' ";
$sql .= "OR form_name LIKE '%{$search_term}%' ";
$sql .= "OR itrf_type LIKE '%{$search_term}%' ";
$sql .= "OR username LIKE '%{$search_term}%' ";
$sql .= "OR itrf_details LIKE '%{$search_term}%' ";
$sql .= "OR itrf_date LIKE '%{$search_term}%' ";
$sql .= "OR comp_name LIKE '%{$search_term}%' ";
$sql .= "OR dept_name LIKE '%{$search_term}%' ";
$sql .= "OR dept_code LIKE '%{$search_term}%' ";
$sql .= "OR dept_id LIKE '%{$search_term}%')";
}
在你的一千个 OR 的 LOL 之后使用它
$query = mysql_query($sql) OR die();
您使用了两个 WHERE,并且 SQL 中也没有间距。尝试我提供的确切代码。
但是请弃用mysql尝试使用mysqli或PDO。
您缺少应该从中进行查询的表,其次不要使用 mysql 使用 PDO 或 mysqli。
<?php
$sql = mysql_query('select * from taskview where dept_id=(select deptid from users where username="' . $_SESSION['username'] . '")');
if (isset($_POST['search'])) {
$search_term = mysql_real_escape_string($_POST['search_box']);
$sql = "select from `table` "; //add this which table
$sql.="WHERE req_code LIKE '%{$search_term} %'";
$sql.="OR req_date LIKE '%{$search_term} %'";
$sql.="OR req_status LIKE '%{$search_term} %'";
$sql.="OR req_dateneeded LIKE '%{$search_term} %'";
$sql.="OR req_approveuser LIKE '%{$search_term} %'";
$sql.="OR req_noteuser LIKE '%{$search_term} %'";
$sql.="OR req_datenote LIKE '%{$search_term} %'";
$sql.="OR form_name LIKE '%{$search_term} %'";
$sql.="OR itrf_type LIKE '%{$search_term} %'";
$sql.="OR username LIKE '%{$search_term} %'";
$sql.="OR itrf_details LIKE '%{$search_term} %'";
$sql.="OR itrf_date LIKE '%{$search_term} %'";
$sql.="OR comp_name LIKE '%{$search_term} %'";
$sql.="OR dept_name LIKE '%{$search_term} %'";
$sql.="OR dept_code LIKE '%{$search_term} %'";
$sql.="OR dept_id LIKE '%{$search_term} %'";
// $sql.="OR descriptionsql LIKE '%{$search_term}%'";
}