1. 首页
  2. 问答
  3. SQL查询搜索不返回任何结果

SQL查询搜索不返回任何结果

2015-10-17 131 views
0

我有一个SQL表,并在那里大约5000行。我编写了一个用于搜索主键并使用WHERE-IN子句显示结果的php代码。当我只搜索一个主键时,它给了我想要的结果,但是如果我搜索多个主键,它不会给出任何结果。附上我的代码。我是这个领域的初学者。任何人都可以帮我解决.. ??SQL查询搜索不返回任何结果

<!DOCTYPE html> 
    <meta charset="utf-8"> 
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> 
    <meta name="description" content="Demo project"> 
    <meta name="viewport" content="width=device-width, initial-scale=1"> 
    <link rel="stylesheet" href="bootstrap.css"> 

</head> 
    <?php 
     $servername = "localhost"; 
     $username = "root"; 
     $password = ""; 
     $dbname = "site_info"; 
     $conn = mysql_connect($servername, $username, $password); 
     mysql_select_db("site_info"); 

     $siteid= $_GET['search1']; 

     $sql = "SELECT * FROM total_database WHERE primary_key IN ('$siteid')"; 
     $result = mysql_query($sql); 
      if(!$result){die(mysql_error());} 


    ?> 
    <body> 
    <div class="container"> 



<table class="table table-hover"> 
     <tr> 
     <th>column 1</th> 
     <th>column 2</th> 
     <th>column 3</th> 
     <th>column 4</th> 
     <th>column 5</th> 

     </tr> 
     <?php 


     if (mysql_num_rows($result) > 0) { 
      while($row = mysql_fetch_array($result)) { 
       echo "<form action=info.php method=GET>"; 
       echo"<tr>"; 
       echo "<td>" .$row["column1"]. "</td>"; 
       echo "<td>" .$row["column2"]. "</td>"; 
       echo "<td>" .$row["column3"]. "</td>"; 
       echo "<td>" .$row["column4"]. "</td>"; 
       echo "<td>" .$row["column5"]. "</td>"; 

       echo "<input type=hidden name=site_id value=".$row["primary_key"]."></input>"; 
       echo "<td>" ."<input class=btn type=submit value=select". "></td>"; 

       echo"</tr>"; 
       echo "</form>"; 


      } 
     } 

     ?> 


    </table> 
    </div> 
</body> 
<script type="text/javascript"></script>

来源

2015-10-17 Akshay

+0

警告!你的代码容易受到[SQL注入攻击](https://en.wikipedia.org/wiki/SQL_injection) – dotnetom

+0

你检查过'$ siteid'的值吗? –

+0

是的,我已经回应并检查。它显示正确的值。 – Akshay

回答

1

正如你说你$siteid值显示正确。 假设$siteid = '1,5,6'

现在看看你的查询:

$sql = "SELECT * FROM total_database WHERE primary_key IN ('$siteid')"; 
                  ^here

传递$siteid后查询你会得到什么?

$sql = "SELECT * FROM total_database WHERE primary_key IN ('1,5,6')"; 
                  ^here

所以你想找一个primary_key与价值'1,5,6'。你确定你有这样的主键吗?

你需要做的是用逗号分解$siteid。然后爆值一个新的字符串,所以你的查询应该是这样的:

$sql = "SELECT * FROM total_database WHERE primary_key IN ('1','5','6')"; 
                  ^here

来源

2015-10-17 10:20:47

+0

谢谢,我明白我做错了什么。有没有其他的方式,以便我可以在搜索框中找到所有已搜索到的行.. ?? – Akshay

+0

你是什么意思 - 其他方式? –

+0

我明白了,谢谢 – Akshay

0

我会改变

$siteid= $_GET['search1']; 
$sql = "SELECT * FROM total_database WHERE primary_key IN ('$siteid')";

到这样的事情

$siteid= $_GET['search1']; 
// if there is a , then re-format it instead of '1,2,3' to be '1','2','3' 
if (strpos(",", $siteid) > -1){ 
    $t = explode(",", $siteid); 
    $siteid = implode("','", $t); 
} 
    $sql = "SELECT * FROM total_database WHERE primary_key IN ('$siteid')";

来源

2015-10-17 10:23:59 Neo

相关问题

 相关问题