我的数据库中有三个表;ACTOR_DETAIL、MOVIE_ACTOR和MOVIE_TITLE。每个表中的条目包括:
对于ACTOR_DETAIL(4 个字段 = 演员序列号、姓名、生日、性别(:
(ACTOR_SEQUENCE_NB( (姓名( (生日( (性别(
001 约翰 1/1/1964 男
002 戴夫 2/2/1980 男
003 简 1975/3/3 女
对于MOVIE_TITLE(3 个字段 = MOVIE_SEQUENCE_NB、电影标题、年份(
SSN名称城市
001 电影片名A 1987
002 电影标题B 2008
003 电影名C 2014
最后一个表MOVIE_ACTOR将两者结合在一起(3 个字段 = MOVIE_SEQUENCE_NB、ACTOR_SEQUENCE_NB、CHARACTER_PLAYED(
WSN SSN 支付
001 003 主角(John,在MovieTitleC中饰演主角(
003 001 反派(在电影片名A中饰演反派的简(
002 003 反英雄(戴夫,在MovieTitleC中扮演反英雄(
我目前正在制作一个搜索表单,允许用户输入工人的姓名。然后,搜索表单将采用输入名称,将其与相应的 WSN 匹配,获取 WSN 并将其与相应的 SSN 匹配,获取 SSN,然后将其与相应的商店名称和城市匹配,然后输出该信息(STORE_NAME表中的商店名称和城市(。
在我的标题为:searchform.html的文档中,这是构成表单的代码片段:
<html>
<head>
<title>Search</title>
</head>
<body bgcolor=#ffffff>
<h2>Search</h2>
<form name="search" method="post" action="searchform.php">
Name of Actor: <input type="text" name="find1" />
<input type="submit" name="search" value="Search" />
</form>
</body>
</html>
这是我的PHP文档:
<?php
include "config.php";
echo "<h2>Search Results:</h2><p>";
if(isset($_POST['search']))
{
$find1 =$_POST['find1'];
$find2 =$_POST['find2'];
$field =$_POST['field'];
}
// We perform a bit of filtering
$find1 = strtoupper($find1);
$find1 = strip_tags($find1);
$find1 = trim ($find1);
$find2 = strtoupper($find2);
$find2 = strip_tags($find2);
$find2 = trim ($find2);
//Now we search for our search term, in the field the user specified
$iname = mysql_query("select ACTOR_DETAIL.ACTOR_SEQUENCE_NB, MOVIE_SEQUENCE_NB.MOVIE_TITLE, MOVIE_SEQUENCE_NB.YEAR_FILMED
from MOVIE_ACTOR join
ACTOR_DETAIL
on MOVIE_ACTOR.ACTOR_SEQUENCE_NB = ACTOR_DETAIL.ACTOR_SEQUENCE_NB join
MOVIE_TITLE
on MOVIE_ACTOR.MOVIE_SEQUENCE_NB = MOVIE_TITLE.MOVIE_SEQUENCE_NB
where ACTOR_DETAIL.NAME = "$find1")
or die(mysql_error());
//And we display the results
while($result = mysql_fetch_array($iname ))
{
echo "<b>Movie Name:</b> " .$result['MOVIE_TITLE'];
echo "<br> ";
echo "<b>Year:</b> ".$result['YEAR_FILMED'];
echo "<br>";
echo "<br>";
}
$anymatches = mysql_num_rows($iname);
if ($anymatches == 0)
{
echo "Sorry, but there aren't any movies with that combination of actors!<br><br>";
}
?>
我省略了数据库连接,但已确认它有效。我的错误似乎与SQL语句有关,但我不太确定它是什么。谁能帮忙?
您没有在查询中转义您的值。更正之一应该是..
$iname = mysql_query('select ACTOR_DETAIL.ACTOR_SEQUENCE_NB, MOVIE_SEQUENCE_NB.MOVIE_TITLE, MOVIE_SEQUENCE_NB.YEAR_FILMED
from MOVIE_ACTOR join
ACTOR_DETAIL
on MOVIE_ACTOR.ACTOR_SEQUENCE_NB = ACTOR_DETAIL.ACTOR_SEQUENCE_NB join
MOVIE_TITLE
on MOVIE_ACTOR.MOVIE_SEQUENCE_NB = MOVIE_TITLE.MOVIE_SEQUENCE_NB
where ACTOR_DETAIL.NAME = "'.$find1.'"');
此外,极不可能有人会搜索与您存储在数据库中完全相同的Actor名称。可能值得使用 %LIKE% 或 MATCH。