小贝子编程

从SQL数据库中搜索信息



我创建了一个SQL数据库。我成功地将数据完全插入数据库,但我想从数据库中搜索。

HTML

<body>
INSERT AREA
<br>
<form action="demo.php" method="post"/>
    <p>imei: <input type="text" name="input1"/> </p>
<select name="input2">
   <option value="1">1</option>
    <option value="2">2</option>
     <option value="3">3</option>
        <option value="4">4</option>
</select>
<br>
  <br>
  <input type="submit" src="submit.png" alt="Submit Form" />
</form>
Search AREA 
<br>
<form action="form.php" method="post"> 
 Search: <input type="text" name="term" /><br /> 
 <input type="submit" value="Submit" /> 
  </form> 
 </body>

demo.php

<?php
define('DB_NAME', '#');
define('DB_USER', '#');
define('DB_PASSWORD', 'mypass');
define('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected) {
die('Can't use ' . DB_NAME . ': ' . mysql_error());
}
$value = $_POST['input1'];
$value2 = $_POST['input2'];
$sql = "INSERT INTO demo (input1, input2) VALUES ('$value', '$value2')";
if (!mysql_query($sql)) {
die('Error: ' . mysql_error());
 }
mysql_close();
?>

所以所有这些工作都很完美,我很好地将数据插入SQL数据库,但检查下一个php代码进行搜索,不返回任何信息,只是打开时没有返回值*我已经删除了数据库信息。数据库名称:demo
主机名:localhost

form.php

<?php
$db_hostname = 'localhost';
$db_username = 'my username';
$db_password = 'my pass';
$db_database = 'demo';
// Database Connection String
$con = mysql_connect($db_hostname,$db_username,$db_password);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db($db_database, $con);
?>
 <!DOCTYPE html>
  <html lang="en">
  <head>
    <meta charset="utf-8" />
    <title></title>
   </head>
   <body>
   <form action="demo.php" method="post"/>
   <p>imei: <input type="text" name="input1"/> </p>
 <select name="input2">
   <option value="1">111111111111111111111</option>
    <option value="2">222222222222222222</option>
     <option value="3">33333333333333333</option>
        <option value="4">4444444444444444</option>
   </select>
  <br>
  <br>
<input type="image" src="submit.png" alt="Submit Form" />
</form>
<br>
<form action="form.php" method="post"> 
<input type="text" name="term" /><br /> 
<input type="submit" value="Submit" /> 
</form> 
<?php
if (!empty($_REQUEST['term'])) {
$term = mysql_real_escape_string($_REQUEST['term']);     
$sql = "SELECT * FROM demeo WHERE Description LIKE '%".$term."%'"; 
$r_query = mysql_query($sql); 
while ($row = mysql_fetch_array($r_query)){  
echo 'Primary key: ' .$row['PRIMARYKEY'];  
echo '<br /> Code: ' .$row['input1'];  
echo '<br /> Description: '.$row['input2'];  
}  
}
?>
</body>
</html>

通过查看第一个示例,在第二个示例中,表和列名似乎不正确。

替换您当前的查询:

SELECT * FROM demeo WHERE Description LIKE '%".$term."%'

使用此查询:

SELECT * FROM demo WHERE input2 LIKE '%".$term."%'}

还要考虑其他用户的建议,以避免sql注入。

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium