1. 首頁
  2. 問答
  3. 查詢 - 運營商之間的PHP ADODB

查詢 - 運營商之間的PHP ADODB

2016-11-07 88 views
1


我有兩個datepicker(dd/mm/yyyy)的窗體。
代碼:查詢 - 運營商之間的PHP ADODB

<label for="from">From Date:</label> 
<input type="text" id="from" name="from"> 
<label for="to">to Date:</label> 
<input type="text" id="to" name="to">

,我要儘量選擇該範圍內的PHP數據。 但有一個錯誤。

Fatal error: Uncaught exception 'com_exception' with message 'Source: Microsoft OLE DB Provider for ODBC Drivers
Description: [Microsoft][Driver ODBC Microsoft Access] Tipi di dati non corrispondenti nell'espressione criterio.' in C:\Program Files (x86)\EasyPHP-Devserver-16.1\eds-www\DinamicoWeb\index.php:43 Stack trace: #0 C:\Program Files (x86)\EasyPHP-Devserver-16.1\eds-www\DinamicoWeb\index.php(43): com->execute('SELECT [Id Ord]...') #1 {main} thrown in C:\Program Files (x86)\EasyPHP-Devserver-16.1\eds-www\DinamicoWeb\index.php on line 43

所以這是我的PHP文件(工作完全沒有日期):

$input=$_POST['input']; 
$id=$_POST['id']; 
$tipo=$_POST['tipo']; 
$numero1=$_POST['numero1']; 
$numero2=$_POST['numero2']; 
$data1=$_POST['from']; 
$data2=$_POST['to']; 

if (empty($input)) { 
    $sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo' OR [Data Ord] BETWEEN '$data1' AND '$data2'"; 
} else { 
    $sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Indirizzo] LIKE '%$input%' OR [Ragione Sociale] LIKE '%$input%' OR [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo'" OR [Data Ord] BETWEEN '$data1' AND '$data2'"; 
}

線43:

$rs = $con->execute($sql);

表:(未計算數字從1到100)
enter image description here

來源

2016-11-07 Marco Bagiacchi

回答

1

首先您的代碼是對SQL注入的公開邀請。您應該使用參數化查詢。

然後,如果數據庫是MS Access和[Data Ord]日期類型,在SQL你應該圍繞你的日期與#,而不是',並還適當地格式化如下:MM/DD/YYYY

東西這個。

$input=$_POST['input']; 
$id=$_POST['id']; 
$tipo=$_POST['tipo']; 
$numero1=$_POST['numero1']; 
$numero2=$_POST['numero2']; 
$data1=date('m/d/Y', strtotime($_POST['from']));; 
$data2=date('m/d/Y', strtotime($_POST['to']));; 

if (empty($input)) { 
    $sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo' OR [Data Ord] BETWEEN #$data1# AND #$data2#"; 
} else { 
    $sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Indirizzo] LIKE '%$input%' OR [Ragione Sociale] LIKE '%$input%' OR [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo'" OR [Data Ord] BETWEEN #$data1# AND #$data2#"; 
}

我不知道你的POST數據是如何格式化,所以你可能需要更改我格式化日期

來源

2016-11-07 12:09:31

+0

感謝的方式!這是正確的,我只改變'$ data1 = date('d/m/Y',strtotime($ _ POST ['from']));;'因爲我的日期格式是DD/MM/YYYY。 而且,要在這兩個數字之間進行操作,我必須將數字格式的數字1和數字1進行轉換?所以:'$ numero2 = int($ _ POST ['numero2']);'? :) –

相關問題

 相關問題