使用数组创建一个动态MySQL查询 - PHP的

Question

我想运行一个MySQL查询wherey部分正在使用LIKE查找。

表结构：TableExample

id name  piece 
0  jon  piece0 
1  james piece3 
2  sarah piece6 

将剪掉我到目前为止有：

$pieces = "piece0 piece1"; //variable 
$piecearrayexplode = explode(" ", $pieces); 
$piece0 = $piecearrayexplode[0]; 
$piece1 = $piecearrayexplode[1]; 

$sql = "SELECT * FROM TableExample WHERE piece LIKE '%$piece0%' OR pieces LIKE '%$piece1%'"; 

我的问题是，$件是一个变量，我需要$ SQL是动态的，自动具有正确数量的LIKE语句。

E.g.如果$ pieces =“piece0 piece1 piece2”，我希望$ sql是：

$sql = "SELECT * FROM TableExample WHERE piece LIKE '%$piecearrayexplode[0]%' OR pieces LIKE '%$piecearrayexplode[1]%' OR pieces LIKE '%$piecearrayexplode[2]%'"; 

注意：$ pieces总是以空格分隔。

我可以做一个字数。

$count = str_word_count($pieces); 

我不知道该从哪里去。

我没有看这个Create a dynamic mysql query using php variables

它似乎没有什么我要找的，因为喜欢是连续的，而不是像1 WHERE单个语句。我在这里错过了什么吗？

Answer 1

所以构建查询动态太：

$foo = '... list of pieces ...'; 
$parts = explode(' ', $foo); 

$likes = array(); 
foreach($parts as $part) { 
    $likes[] = "piece LIKE '%$part%'"; 
} 

$sql = "SELECT ... WHERE " . implode(' or ', $likes); 

但是请注意，这是容易sql injection attacks。

Answer 2

你可以感觉抛出数组并逐个添加件来查询。 （它不是测试）

$pieces = "piece0 piece1 piece2"; 
$piecesArr = explode(" ", $pieces); 

$sql = "SELECT * FROM TableExample WHERE piece LIKE"; 

$first = true; 
foreach ($piecesArr as $PA) { 
    if ($first) { 
    $sql .= " '%$PA%'"; 
    $first = !$first; 
    } 
    else $sql .= " OR pieces LIKE '%$PA%'"`; 
} 

Answer 3

我基本上都被动态地生成从视图我的结果。然后填充视图中具有列名称值的下拉列表，然后将这些变量传递给视图中的select语句。

<?php 

error_reporting(0); 
# FileName="Connection_php_mysql.htm" 
# Type="MYSQL" 
# HTTP="true" 
$hostname_connection = "localhost"; 
$database_connection = "xxx"; 
$username_connection = "root"; 
$password_connection = ""; 
$connect = mysql_pconnect($hostname_connection, $username_connection, $password_connection) or trigger_error(mysql_error(),E_USER_ERROR); 
mysql_select_db($database_connection,$connect); 

$col1=$_POST['col1']; 
$col2=$_POST['col2']; 
$col3=$_POST['col3']; 

$result = mysql_query("SELECT $col1 as column1,$col2 as column2,$col3 as colmun3 FROM variety_view"); 

if(!$result){ 
echo "failed"; 
} else { 
echo "Perfecto"; 

} 

echo "<table>"; // start a table tag in the HTML 

while($row = mysql_fetch_array($result)){ //Creates a loop to loop through results 
echo "<tr> 
<td>" . $row['column1'] . "</td> 
<td>" . $row['column2'] . "</td> 
<td>" . $row['colmun3'] . "</td> 
</tr>"; //$row['index'] the index here is a field name 
} 

echo "</table>"; //Close the table in HTML 

?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> 
<title>Untitled Document</title> 
</head> 

<body> 

<form method="Post" action=""> 
<select name="col1"> 
<option value="official_name">Variety Name</option> 
<option value="localname">Local name</option> 
<option value="country">Country</option> 
<option value="pedigree">Pedigree</option> 
</select> &nbsp; 
<select name="col2"> 
<option value="official_name">Variety Name</option> 
<option value="localname">Local name</option> 
<option value="country">Country</option> 
<option value="pedigree">Pedigree</option> 
</select> &nbsp; &nbsp; 
<select name="col3"> 
<option value="official_name">Variety Name</option> 
<option value="localname">Local name</option> 
<option value="country">Country</option> 
<option value="pedigree">Pedigree</option> 
</select> <br /> 

<input type="submit" value="Search" /> 

</form> 
</body> 
</html>