我正在创建详细的产品搜索。我验证了这一点,我的变量发布正确,但查询没有找到任何内容。我的问题是:
这个查询中可能有什么错误,SQL中详细搜索的最佳解决方案是什么?
<?php
if (
isset($_POST["productName"]) || isset($_POST["searchCategory"]) ||
isset($_POST["searchManufacturer"]) || isset($_POST["costFrom"]) ||
isset($_POST["costTo"])
){
$stmt=$user_home->runQuery("SELECT* FROM Products
WHERE (productTitle='$_POST[productName]' OR '$_POST[productName]' IS NULL)
AND (category='$_POST[searchCategory]' OR '$_POST[searchCategory]' IS NULL)
AND (manufacturer='$_POST[searchManufacturer]' OR '$_POST[searchManufacturer]' IS NULL)
");
echo $stmt->rowCount();
}
尝试正确形成WHERE语句。您应该只为productTitle、category、manufacturer字段添加条件,然后为isset适当的POST字段添加条件。
试试这个代码:
<?php
if (
isset($_POST["productName"]) || isset($_POST["searchCategory"]) ||
isset($_POST["searchManufacturer"]) || isset($_POST["costFrom"]) ||
isset($_POST["costTo"])
){
$conditions = array();
if (isset($_POST['productName'])) {
$conditions[] = "(productTitle='".$_POST['productName']."')";
}
if (isset($_POST['category'])) {
$conditions[] = "(category='".$_POST['searchCategory']."')";
}
if (isset($_POST['searchManufacturer'])) {
$conditions[] = "(manufacturer='".$_POST['searchManufacturer']."')";
}
$where = implode(' AND ', $conditions);
if ($where) {
$where = 'WHERE '.$where;
} else {
$where = "";
}
$stmt=$user_home->runQuery("SELECT * FROM Products ". $where);
echo $stmt->rowCount();
}