0

我正在尝试创建一个脚本,该脚本通过给定的术语和城市选择给定 MySQL 列中的所有用户。城市将特定于会员,但每个会员可以有 3 或 4 个不同的职位(调酒师、服务员、主持人等)。我尝试使用的代码如下,但是,它给了我一个错误。如果您需要更多信息,请与我们联系。谢谢!

Could not find staff: Unknown column 'Bartender' in 'where clause'

 

<?php

    $perpage = 15;
    $city = $_GET['city'];
    $type = $_GET['type'];

    if(isset($_GET["page"]))
    {
        $page = intval($_GET["page"]);
    }
    else
    {
        $page = 1;
    }

    $calc = $perpage * $page;
    $start = $calc - $perpage;
    $result = mysql_query("SELECT * FROM staff WHERE titles LIKE $type AND city=$city LIMIT $start, $perpage");
    $rows = mysql_num_rows($result);
    if($rows)
    {
        $i = 0;
        while($post = mysql_fetch_array($result))
        {
?>
            <tr style="background-color: #cccccc;">
                <td style="font-weight: bold;font-family: arial;"><?php echo $post["staffnum"]; ?> >> <?php echo $post["titles"]; ?></td>
            </tr>
            <tr>
                <td style="font-family: arial;padding-left: 20px;"><?php echo $post["abt1"]; ?></td>
            </tr>
<?php
        }
    } else {
          die('Could not find staff: ' . mysql_error());
    }
?>
4

2 回答 2

4

为了随心所欲地使用LIKE,您需要将其括在引号中并使用适当的%字符。

$type = mysql_real_escape_string($_GET['type']);
// do the same with $city and any other user input

$result = mysql_query("SELECT * FROM staff WHERE titles LIKE '%" . $type . "%' AND city='" . $city . "' LIMIT $start, $perpage");
于 2012-11-23T17:37:39.453 回答
0

尝试

$type = mysql_real_escape_string($_GET['type']);
$city = mysql_real_escape_string($_GET['city']);

$result = mysql_query("SELECT * FROM staff WHERE titles LIKE '%$type%' AND city='$city' LIMIT $start, $perpage");
于 2012-11-23T18:07:01.000 回答