我正在尝试通过HTML表单使用PHP显示数据库中的结果。用户单击提交按钮后,根据他们在每个字段中输入的内容,应相应地显示结果。
例如,如果我在下拉菜单中单击"房间",并且当我在文本字段中为价格和其他字段指定特定价格时,应该显示与我搜索的内容相关的任何内容。
我能够为下拉菜单执行此操作,但我不知道如何输入多个值,当我单击提交时,它会相应地生成数据。
这是我到目前为止所做的:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<form action="dropdown2.php" method="POST">
<select name="testing" type="text">
<option value="Choose">Choose type of stay</option>
<option value="Flat">Flat</option>
<option value="Room">Room</option>
<option value="Apartment">Apartment</option>
<option value="Villa">Villa</option>
</select>
<p></p>
<table>
<tr>
<td width="14%" class="label">Minimum Price MYR</td>
<td width="42%"><input type="text" name="textfield4" id="textfield4" class="text" /></td>
<td class="label">Maximum Price MYR</td>
<td><input type="text" name="textfield2" id="textfield2" class="text" /></td>
</tr>
<tr>
<td class="label">Bed Rooms</td>
<td>
<label>
<input type="text" name="search" id="textfield5" class="text smalltextarea" />
</label>
</td>
<td class="label">Bathrooms</td>
<td><input type="text" name="textfield3" id="textfield3" class="text" /></td>
</tr>
</table>
<p></p>
<input type="submit" value="Submit" name="submit">
</form>
<?php
mysql_connect("localhost", "root", "") or die("Error connecting to database: ".mysql_error());
mysql_select_db("test") or die(mysql_error());
if(isset($_POST['testing'])){
$query = $_POST['testing'];
$min_length = 3;
if(strlen($query) >= $min_length){
$query = htmlspecialchars($query);
$query = mysql_real_escape_string($query);
$raw_results = mysql_query("SELECT * FROM rooms
WHERE (`name` LIKE '%".$query."%') OR (`price` LIKE '%".$query."%') OR (`description` LIKE '%".$query."%')") or die(mysql_error());
if(mysql_num_rows($raw_results) > 0){
while($results = mysql_fetch_array($raw_results)){
echo "<p><h3>".$results['name']."</h3>"."RM " .$results['price']."</p>"."<p>".$results['description']."</p>";
}
}
else{
echo "No results";
}
}
else{
echo "Minimum length is ".$min_length;
}
}
?>
</body>
</html>
我是PHP和MySQL的新手...任何帮助不胜感激!
第一个id说将名称更改为更易于协调的名称 此外,您缺少一个名称或描述字段,不确定是哪一个(因为名称与数据库字段不同)
将 MySQL 替换为 PDO 或 MySQLli 我在此示例中使用了 PDO 因为如果您升级到 PHP 7,MySQL 函数将被删除(如上面的评论中所建议的那样)
代替MySQL真实转义等,您可以使用预准备语句
此外,您在查询中缺少的是其他帖子字段,例如评论中建议的,例如浴室数量,最低价格,最高价格等(这些字段由用户发布,但不在查询中使用) 您在查询中对所有这些值使用相同的 postfield
现在根据您的字段,我假设例如,如果有人填写 minprice = 12 和 descr = flat,则结果都必须具有 12 的最低价格和类似 flat 的描述,因此您需要根据填写的字段更改您在查询中使用的 AND 的 OR。
这里有一个关于如何去做的例子:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<form action="" method="POST">
<select name="description" type="text">
<option value="Choose">Choose type of stay</option>
<option value="Flat">Flat</option>
<option value="Room">Room</option>
<option value="Apartment">Apartment</option>
<option value="Villa">Villa</option>
</select>
<p></p>
<table>
<tr>
<td width="14%" class="label">Minimum Price MYR</td>
<td width="42%"><input type="text" name="minprice" id="textfield4" class="text" /></td>
<td class="label">Maximum Price MYR</td>
<td><input type="text" name="maxprice" id="textfield2" class="text" /></td>
</tr>
<tr>
<td class="label">Bed Rooms</td>
<td>
<label>
<input type="text" name="bedrooms" id="textfield5" class="text smalltextarea" />
</label>
</td>
<td class="label">Bathrooms</td>
<td><input type="text" name="bathrooms" id="textfield3" class="text" /></td>
</tr>
</table>
<p></p>
<input type="submit" value="Submit" name="submit">
</form>
<?php
$minDescriptionLength = 3;
if(isset($_POST['description'])) {
$descr = $_POST['description'];
if(strlen($descr) >= $minDescriptionLength) {
$connectionConfigArr = array('host' => 'localhost', 'dbname' => 'test', 'user' => 'root', 'password' => '');
// here we are making the database connection,
// first param = connection string, second param = user, third param = password
$dbh = new PDO(
'mysql:host=' . $connectionConfigArr['host'] . ';dbname=' . $connectionConfigArr['dbname'],
$connectionConfigArr['user'],
$connectionConfigArr['password']
);
$bindParamArr = array();
//since we check this one in the start i assumed it's required so we can use it in the base for the query
$query = 'SELECT * FROM rooms WHERE `description` LIKE :descr ';
//here for each extra field that is filled in we basicaly are going to add it to the query string
//and we push the value to the bindParamArray which will after we added the query add the values safely to the query
if(isset($_POST['minprice']) && $_POST['minprice']) {
$query .= 'AND `price` > :minprice ';
array_push($bindParamArr, array('field' => ':minprice', 'value' => $_POST['minprice'], 'type' => PDO::PARAM_INT));
}
if(isset($_POST['maxprice']) && $_POST['maxprice']) {
$query .= 'AND `price` < :maxprice ';
array_push($bindParamArr, array('field' => ':maxprice', 'value' => $_POST['maxprice'], 'type' => PDO::PARAM_INT));
}
if(isset($_POST['bathrooms']) && $_POST['bathrooms']) {
$query .= 'AND `bathrooms` = :bathrooms ';
array_push($bindParamArr, array('field' => ':bathrooms', 'value' => $_POST['bathrooms'], 'type' => PDO::PARAM_INT));
}
if(isset($_POST['bedrooms']) && $_POST['bedrooms']) {
$query .= 'AND `bedrooms` = :bedrooms ';
array_push($bindParamArr, array('field' => ':bedrooms', 'value' => $_POST['bedrooms'], 'type' => PDO::PARAM_INT));
}
//we still need to push the description to the array
array_push($bindParamArr, array('field' => ':descr', 'value' => '%' . $descr . '%', 'type' => PDO::PARAM_STR));
//here we prepare the query
$stmt = $dbh->prepare($query);
//here we bind the params safely
foreach($bindParamArr as $bParam) {
$stmt->bindParam($bParam['field'], $bParam['value'], $bParam['type']);
}
$stmt->execute();
//use this to get the amount of rows the query returned
$rowCount = $stmt->rowCount();
if($rowCount > 0) {
//we loop through the stmt fetch function which will iterate through the resultset
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo "<p><h3>".$row['name']."</h3>"."RM " .$row['price']."</p>"."<p>".$row['description']."</p>";
}
}
else {
echo "No results";
}
}
else {
echo "Minimum length is ".$minDescriptionLength;
}
}
?>
</body>
</html>