1

我试图弄清楚如何搜索可能在 Field1、Field2 或 Field3 中的 Value1。我知道我的语法是错误的,因为它显然不起作用,但这是我的破解:

$query = "SELECT *
   FROM table1
  WHERE city = '$city'
    AND state = '$state'
    AND location = '$location'
    AND (field1 = '$field1U' OR field1 = '$field2U' OR field1 = '$field3U')
  ORDER BY date_created LIMIT 5";
$data = mysqli_query($dbc, $query);

我想也许我可以使用 where field1 in (1,2,3) 但我无法让它工作。任何帮助将不胜感激。

4

2 回答 2

0

代替

AND (field1 = '$field1U' OR field1 = '$field2U' OR field1 = '$field3U')


AND (field1 = '$search' OR field2 = '$search' OR field3 = '$search')

(请注意,我正在搜索 field1、field2 或 field3)但是请,请,请(!!)转义那些 $search 字符串!例如:

$search = mysqli_real_escape_string($link, $search)

$link 是在哪里设置的

$link = mysqli_connect(...)

请参考http://php.net/manual/de/mysqli.real-escape-string.php 这是用来防止 SQL 注入的(https://en.wikipedia.org/wiki/SQL_injection)

哦,尝试将文本与变量分开,我个人认为这是更安全、更好的编码风格。对于您的用例:

AND (field1 = '" . $search . "' OR field2 = '" . $search . "' OR field3 = '" . $search . "')
于 2012-05-01T12:20:25.337 回答
0

如果要查找所有记录,其中:

field1 = someValue

或者field2 = someValue

或者field3 = someValue

那么你可以使用这个:

  $query = "SELECT * FROM table1 WHERE city = '$city' AND state = '$state' AND    location = '$location' AND (field1 = '$Value1' OR field2 = '$Value1' OR field3 = '$Value1') ORDER BY date_created LIMIT 5";
    $data = mysqli_query($dbc, $query);
于 2012-04-30T21:01:28.317 回答