1. 首頁
  2. 問答
  3. SQL查詢搜索不返回任何結果

SQL查詢搜索不返回任何結果

2015-10-17 129 views
0

我有一個SQL表,並在那裏大約5000行。我編寫了一個用於搜索主鍵並使用WHERE-IN子句顯示結果的php代碼。當我只搜索一個主鍵時,它給了我想要的結果,但是如果我搜索多個主鍵,它不會給出任何結果。附上我的代碼。我是這個領域的初學者。任何人都可以幫我解決.. ??SQL查詢搜索不返回任何結果

<!DOCTYPE html> 
    <meta charset="utf-8"> 
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> 
    <meta name="description" content="Demo project"> 
    <meta name="viewport" content="width=device-width, initial-scale=1"> 
    <link rel="stylesheet" href="bootstrap.css"> 

</head> 
    <?php 
     $servername = "localhost"; 
     $username = "root"; 
     $password = ""; 
     $dbname = "site_info"; 
     $conn = mysql_connect($servername, $username, $password); 
     mysql_select_db("site_info"); 

     $siteid= $_GET['search1']; 

     $sql = "SELECT * FROM total_database WHERE primary_key IN ('$siteid')"; 
     $result = mysql_query($sql); 
      if(!$result){die(mysql_error());} 


    ?> 
    <body> 
    <div class="container"> 



<table class="table table-hover"> 
     <tr> 
     <th>column 1</th> 
     <th>column 2</th> 
     <th>column 3</th> 
     <th>column 4</th> 
     <th>column 5</th> 

     </tr> 
     <?php 


     if (mysql_num_rows($result) > 0) { 
      while($row = mysql_fetch_array($result)) { 
       echo "<form action=info.php method=GET>"; 
       echo"<tr>"; 
       echo "<td>" .$row["column1"]. "</td>"; 
       echo "<td>" .$row["column2"]. "</td>"; 
       echo "<td>" .$row["column3"]. "</td>"; 
       echo "<td>" .$row["column4"]. "</td>"; 
       echo "<td>" .$row["column5"]. "</td>"; 

       echo "<input type=hidden name=site_id value=".$row["primary_key"]."></input>"; 
       echo "<td>" ."<input class=btn type=submit value=select". "></td>"; 

       echo"</tr>"; 
       echo "</form>"; 


      } 
     } 

     ?> 


    </table> 
    </div> 
</body> 
<script type="text/javascript"></script>

來源

2015-10-17 Akshay

+0

警告!你的代碼容易受到[SQL注入攻擊](https://en.wikipedia.org/wiki/SQL_injection) – dotnetom

+0

你檢查過'$ siteid'的值嗎? –

+0

是的,我已經迴應並檢查。它顯示正確的值。 – Akshay

回答

1

正如你說你$siteid值顯示正確。 假設$siteid = '1,5,6'

現在看看你的查詢:

$sql = "SELECT * FROM total_database WHERE primary_key IN ('$siteid')"; 
                  ^here

傳遞$siteid後查詢你會得到什麼?

$sql = "SELECT * FROM total_database WHERE primary_key IN ('1,5,6')"; 
                  ^here

所以你想找一個primary_key與價值'1,5,6'。你確定你有這樣的主鍵嗎?

你需要做的是用逗號分解$siteid。然後爆值一個新的字符串,所以你的查詢應該是這樣的:

$sql = "SELECT * FROM total_database WHERE primary_key IN ('1','5','6')"; 
                  ^here

來源

2015-10-17 10:20:47

+0

謝謝,我明白我做錯了什麼。有沒有其他的方式,以便我可以在搜索框中找到所有已搜索到的行.. ?? – Akshay

+0

你是什麼意思 - 其他方式? –

+0

我明白了,謝謝 – Akshay

0

我會改變

$siteid= $_GET['search1']; 
$sql = "SELECT * FROM total_database WHERE primary_key IN ('$siteid')";

到這樣的事情

$siteid= $_GET['search1']; 
// if there is a , then re-format it instead of '1,2,3' to be '1','2','3' 
if (strpos(",", $siteid) > -1){ 
    $t = explode(",", $siteid); 
    $siteid = implode("','", $t); 
} 
    $sql = "SELECT * FROM total_database WHERE primary_key IN ('$siteid')";

來源

2015-10-17 10:23:59 Neo

相關問題

 相關問題