使用PHP/MYSQL的搜索函数

您必须将变量传递给此查询：

$term = mysql_real_escape_string($_GET['term']);
mysql_query("SELECT * FROM entries WHERE Title LIKE '%" . $term . "%'");

您的PHP代码不正确，您将"term"用作字符串，而不是PHP值，您需要将其转换为$_GET["name"]，使其看起来像这个

$sql = mysql_query("SELECT * FROM entries WHERE Title LIKE '%". $_GET["term"] ."%'") or die (mysql_error());

！！！然而这是非常不安全的，因为它会允许某人对您的应用程序进行SQL注入。所以不要这样使用它。过滤提供的"term"值，只保留A-Za-z0-9（或类似值），使用正则表达式删除其余值。

index.php

<!DOCTYPE html>
<head>
<title>Untitled Document</title>
</head>
<body>
<form action="search.php" method="post">
Search: <input type="text" name="term" /><br />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>

search.php

<html>
<head>
<title>Search Query</title>
</head>
<body>
<?php
if($_POST['term']){
    $term = mysql_real_escape_string($_POST['term']);
$con = mysql_connect ("localhost", "root", "");
mysql_select_db ("music", $con);
if (!$con)
{ 
die ("Could not connect: " . mysql_error());
} 
$sql = mysql_query("SELECT * FROM entries WHERE Title LIKE '%" . $term . "%'") or die (mysql_error());
while ($row = mysql_fetch_array($sql, MYSQL_ASSOC)){
echo 'Title: ' .$row['Title'];
echo '<br /> Artist: ' .$row['Artist'];
echo '<br /> Album: '.$row['Album'];
echo '<br /> Location: '.$row['Location'];
echo '<br /> Media: '.$row['Media']; 
}
mysql_close($con);
}else{
    echo 'No search term found';
}
?>
</body>
</html>

将两个页面放在同一文件夹中。

$term = mysql_real_escape_string($_POST['term']);
if ($stmt = $mysqli->prepare("select *
                               . "  from entries"
                               . " where Title like ?")) 
    {
       $stmt->bind_param("i", "%$term%");
       $stmt->execute();
       //then fetch value
    } else {
      /* handle SQL error */
    }