1

我现在有了 :

$inhoud = $_POST['inhoud'];
if($inhoud == "") {
    echo $inhoud;
    $inhoud = NULL;
    echo $inhoud;
}

$sql = 'SELECT DISTINCT bestanden.id AS id,
               bestanden.uploader AS uploader,
               bestanden.name AS name,
               bestanden.mime AS mime,
               bestanden.size AS size,
               bestanden.created AS created,
               zoeken.open_id AS open_id,
               zoeken.woord AS woord
        FROM bestanden
        LEFT JOIN zoeken ON bestanden.id = zoeken.open_id 
        WHERE zoeken.woord = "' . $inhoud . '" AND
              bestanden.name LIKE "%' . $_POST['naam'] . '%" AND
              bestanden.mime LIKE "%' . $_POST['formaat'] . '%"
              AND bestanden.created LIKE "%' . $_POST['datum'] . '%";';
$result = mysql_query($sql);

但是当我搜索并且 $inhoud 为空时,我没有得到任何结果,因为它们那里没有空的(“”)(inhoud)空间。是否可以在我的 mysql_query 中使用 if 或其他内容?

4

5 回答 5

0
    $sql = 'SELECT DISTINCT bestanden.id AS id, bestanden.uploader AS uploader, bestanden.name AS name, bestanden.mime AS mime, bestanden.size AS size, bestanden.created AS created, zoeken.open_id AS open_id, zoeken.woord AS woord FROM bestanden LEFT JOIN zoeken ON bestanden.id = zoeken.open_id 
    WHERE 1=1';
if(!empty($inhoud))
    $sql.=' AND zoeken.woord="' . $inhoud . '"';
$sql.=' AND bestanden.name LIKE "%' . $_POST['naam'] . '%" AND bestanden.mime LIKE "%' . $_POST['formaat'] . '%" AND bestanden.created LIKE "%' . $_POST['datum'] . '%"';
$result = mysql_query($sql);
于 2012-12-07T13:52:13.080 回答
0

使用空函数

empty($inhound);

看这里: http: //php.net/manual/en/function.empty.php

于 2012-12-07T13:52:41.430 回答
0

也许 strlen() ?

if(strlen($inhoud)>0){
    $sql.=' AND zoeken.woord="' . $inhoud . '"';
    $sql.=' AND bestanden.name LIKE "%' . $_POST['naam'] . '%" AND
    bestanden.mime LIKE "%' .         $_POST['formaat'] . '%" AND 
    bestanden.created LIKE "%' . $_POST['datum'] . '%"';
    $result = mysql_query($sql);
 }else{
    //error fill in search term
 }
于 2012-12-07T13:56:39.773 回答
0

请不要mysql_*在新代码中使用函数。它们不再被维护,并且已经开始弃用过程。看到红框了吗?改为了解准备好的语句,并使用PDOMySQLi -本文将帮助您决定使用哪个。如果您选择 PDO,这里有一个很好的教程

您可以尝试:

$inhoud = $_POST['inhoud'];
if ($inhoud == "") {
    echo $inhoud;
    $inhoud = NULL;
    echo $inhoud;
}

$sql = 'SELECT DISTINCT bestanden.id AS id,
               bestanden.uploader AS uploader,
               bestanden.name AS name,
               bestanden.mime AS mime,
               bestanden.size AS size,
               bestanden.created AS created,
               zoeken.open_id AS open_id,
               zoeken.woord AS woord
        FROM bestanden
        LEFT JOIN zoeken ON bestanden.id = zoeken.open_id 
        WHERE ';
if(!empty($inhoud)) {
    $sql .= 'zoeken.woord = "' . $inhoud . '" AND';
}
$sql .= 'bestanden.name LIKE "%' . $_POST['naam'] . '%" AND
         bestanden.mime LIKE "%' . $_POST['formaat'] . '%"
         AND bestanden.created LIKE "%' . $_POST['datum'] . '%";';

$result = mysql_query($sql);
于 2012-12-07T14:00:54.517 回答
0

首先,您不应该假设$_POST[...]在任何情况下都已设置(除非您已经检查过它是否已设置)。正确的用法是:

$inhoud = null:
if( isset( $_POST['inhound'])){
    $inhound = trim( $_POST['inhound']); // Trim to prevent strings like "    "
    if( strlen( $inhound) < 1){
        $inhound = null;
    }
}

另请注意,mysql_*家庭已被弃用,因此请使用mysqli_*or ,PDO具有 PDO 示例(使用PDO::Prepare()和 ):PDOStatement::bindParam()PDOStatement::Execute()

$sql = 'SELECT DISTINCT bestanden.id AS id, bestanden.uploader AS uploader,
            bestanden.name AS name, bestanden.mime AS mime,
            bestanden.size AS size, bestanden.created AS created,
            zoeken.open_id AS open_id, zoeken.woord AS woord
       FROM bestanden
       LEFT JOIN zoeken ON bestanden.id = zoeken.open_id 
       WHERE zoeken.woord=:inhound
           AND bestanden.name LIKE :naam
           AND bestanden.mime LIKE :formaat
           AND bestanden.created LIKE :date';

$sth = $dbh->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));

$sth->bindParam(':naam', isset( $_POST['naam']) ? '%' . $_POST['naam'] . '%', '%');
$sth->bindParam(':formaat', isset( $_POST['formaat']) ? '%'.$_POST['formaat'].'%', '%');
$sth->bindParam(':naam', isset( $_POST['date']) ? '%' . $_POST['date'] . '%', '%');
$sth->bindParam(':inhound', is_null( $inhound) ? '%' . $inhound . '%', '%');

$sth->execute();
$sth->fetchAll();
于 2012-12-07T14:08:01.220 回答