当前位置: 动力学知识库 > 问答 > 编程问答 >

php - issue with meta search query

问题描述:

I am using fckeditor class in my php code.

Ok , when I search or enter p in search box it will print all the records included in specific table('p' is the problem of fckeditor).

I have one chapter combo and one text box.before when i search any keyword,it did work but not now. Yesterday I posted this question, I got an answer but problem is what when I search any keyword, it is unable to show record related to that question. it only shows chapter related question after entering that chapter field.

To further explain, if I enter in text field 'p' and 1 in dropdown then it will print all questions in chapter number 1, but when I enter any keyword it did not work.

My code is:

<?php

if (isset($_POST['submit'])) {

if (empty($_POST['fname'])) {

die ("<script type='text/javascript' > alert('PLEASE ENTER KEYWORD...!!!');</script>");

} else {

?>..................................

<?php

include("conn.php");

$name = $_POST['fname'];

$name2 = $_POST['chapter'];

/*This query searches all records with duplicate entry....*/

//$sql="SELECT * FROM $user WHERE question like '%".$name."%' and

//Chapter like'%".$name2."%' ";

/*This query searches all records without duplicate entry....*/

$sql = "SELECT * FROM $user WHERE question like '%" . $name . "%' and

Chapter like '$name2'";

$result = mysql_query($sql) or die(mysql_error());

while ($row = mysql_fetch_array($result)) {

?>

I have again one problem in it.When i write my 1 st query commented on duplicate entry, if I enter chapter no 1 then it will print 1,11,21 chapters records,it will work for every task.i mean this query is able to search keyword wise record or 'p' for all records but one 1,11,21,12 is a problem.and in my second query ,it will only print chapter-wise record as i said earlier.So please help me for this question.

网友答案:

I'm really struggling to understand your question so I'll start with some general advice that you should have heard here before:

  • Please try to use mysqli or PDO
  • Your code is wide open to sql injection attacks. You should use prepared statements or at the very least use mysqli_real_escape_string on all user input.
  • There is no need to reassign your posted variables to $name or $name2.
  • don't forget that mysql table names are case sensitive. It may be wise to keep your case usage consistent as it will help future code writing.

Your sql query, translated into English says:

Find all the columns from the table named in the variable $user in which BOTH the column chapter is exactly equal to the variable $name2 and the column question has the text of $name1 as a continuous string, case insenstive, somewhere in its text.

If that is what you want, that is what you will get.

I wonder if your problem is the lack of % either side of your chapter query?

Consider:

$sql="SELECT * FROM $user WHERE question LIKE '%$name%' AND Chapter LIKE '%$name2%'";

or

 $sql="SELECT * FROM $user WHERE question LIKE '%$name%' AND Chapter = '$name2'";

If that achieves the desired result then you can move on and remove the sql injection vulnerabilities.

If you provide some sample data, perhaps a fiddle and some examples of desired outputs, I am sure the community here will be happy to help. Those work well in any language.

分享给朋友:
您可能感兴趣的文章:
随机阅读: