0

我试图弄清楚如何将搜索结果回显到新窗口中。

基本上,用户可以在搜索栏中输入位置、名称等,它会显示 5 个用户结果,即该结果存在多少用户。这是为了限制空间使用。然后,用户可以单击查看更多结果并被带到另一个页面,在该页面上进行查询,并且应该只回显那些在搜索中匹配查询的用户;即“伦敦”的那些用户。

但目前我所有的用户都在显示,我不知道这是为什么。有人可以告诉我哪里出错了。谢谢。

这是我的 search.php 页面,将搜索结果限制为 5:

<?php
//PHP CODE STARTS HERE

if(isset($_GET['submit'])){

// Change the fields below as per the requirements
$db_host="localhost";
$db_username="root";
$db_password="";
$db_name="";
$db_tb_atr_name="display_name";

//Now we are going to write a script that will do search task
// leave the below fields as it is except while loop, which will display results on screen

mysql_connect("$db_host","$db_username","$db_password");
mysql_select_db("$db_name");

$query=mysql_real_escape_string($_GET['query']);


$query_for_result=mysql_query("SELECT *
                        FROM ptb_stats
                        WHERE display_name like '%".$query."%' OR location LIKE '%".$query."%' OR age LIKE '%".$query."%' OR nationality LIKE '%".$query."%' OR ethnicity LIKE '%".$query."%' OR hobbies LIKE '%".$query."%' OR local_station LIKE '%".$query."%' LIMIT 5");
echo "<div class=\"search-results\">";
while($data_fetch=mysql_fetch_array($query_for_result))

{

    echo "<div class=\"text\"><a href=\"profile.php?id={$data_fetch['user_id']}\" class=\"search\">";
    echo "<div class=\"spacing\"><img width=35px height= 30px src=\"data/photos/{$data_fetch['user_id']}/_default.jpg\" class=\"boxgridsearch\"/> "; 
     echo substr($data_fetch[$db_tb_atr_name], 0,160);
    echo "</a></div></div>";

}
echo "<div class=\"morebutton-search\"><a href=\"search_results.php?to=%$query%\" target=\"_blank\" \">+ view more results</a></div>";


mysql_close();
}

?>

这是我的 more_search_results.php 页面,用于显示所有匹配查询的结果:

<?php
$db_host="localhost";
$db_username="root";
$db_password="";
$db_name="";
$db_tb_atr_name="display_name";

//Now we are going to write a script that will do search task
// leave the below fields as it is except while loop, which will display results on screen

mysql_connect("$db_host","$db_username","$db_password");
mysql_select_db("$db_name");

$query=mysql_real_escape_string($_GET['query']);


$query_for_result=mysql_query("SELECT *
                        FROM ptb_stats
                        WHERE display_name like '%".$query."%' OR location LIKE '%".$query."%' OR age LIKE '%".$query."%' OR nationality LIKE '%".$query."%' OR ethnicity LIKE '%".$query."%' OR hobbies LIKE '%".$query."%' OR local_station LIKE '%".$query."%'");
echo "<div class=\"search-results\">";
while($data_fetch=mysql_fetch_array($query_for_result))

{

    echo "<div class=\"boxgrid caption\"><a href=\"profile.php?id={$data_fetch['user_id']}\"><img width=140px height=180px src=\"data/photos/{$data_fetch['user_id']}/_default.jpg\"><div class=\"cover boxcaption\">"; ?>
    <h58><? echo substr($data_fetch[$db_tb_atr_name], 0,160);?></a></h58> 
    </div>
    </div>
<? } ?>
4

1 回答 1

0

You're trying to get a variable called query when you actually passed to in your link. You get all records because your query is testing for LIKE '%%', which will match everything.

This line is wrong...

echo "<div class=\"morebutton-search\"><a href=\"search_results.php?to=%$query%\" target=\"_blank\" \">+ view more results</a></div>";

It should be...

echo "<div class=\"morebutton-search\"><a href=\"search_results.php?query=$query\" target=\"_blank\" \">+ view more results</a></div>";

Also, notice how you're already applying the wildcard % in more_search_results.php so sending the extra %s in the parameter is unnecessary.

Please note: you should refrain from using the mysql_ family of functions. They are deprecated and unsafe. Using them could lead to a SQL Injection. You should resort to using parametized queries with either MySQLi or PDO.

于 2013-02-03T01:35:15.547 回答