我正在使用数据表,并且正在尝试创建自定义 WHERE 子句。我有以下代码:
$sWhere = "WHERE office=".$varOffice;
if ( isset($_GET['sSearch']) && $_GET['sSearch'] != "" )
{
$sWhere = "WHERE (";
for ( $i=0 ; $i<count($aColumns) ; $i++ )
{
if ( isset($_GET['bSearchable_'.$i]) && $_GET['bSearchable_'.$i] == "true" )
{
$sWhere .= "`".$aColumns[$i]."` LIKE '%".mysql_real_escape_string( $_GET['sSearch'] )."%' OR ";
}
}
$sWhere = substr_replace( $sWhere, "", -3 );
$sWhere .= ') AND office='.$varOffice;
}
调试后,我发现 MySQL 报错了。错误 1605。
我决定回应$sQuery
这里的发现:
$sQuery = "
SELECT SQL_CALC_FOUND_ROWS `".str_replace(" , ", " ", implode("`, `", $aColumns))."`
FROM $sTable
$sWhere
$sOrder
$sLimit
";
然后我发现错误是因为 WHERE 子句没有引号,如下所示:
SELECT SQL_CALC_FOUND_ROWS `amount_due_owed`, `amount_paid`, `amount_remaining`, `reference_number` FROM accounting WHERE office=Office 1
它应该是:
WHERE office='Office 1'
我一直在尝试,但我无法弄清楚。我应该如何在变量周围加上单引号?