1

我做了一个简单的搜索以从数据库中检索客户数据。到目前为止,我只能让它在网页上成功显示当前表格数据,但我无法获得搜索功能来检索特定数据。我有 0 个数据库访问问题。

我已经在护目镜上搜索了几个小时并尝试了许多不同的组合,但我找不到任何关于进行 mysqli 搜索的体面教程。

链接到我当前的 php 页面

Cust_no 是主键(varchar), prog_id(integer), balance(varchar)

 **Table structure**

Query Output:

> SELECT prog_id, cust_no, balance

FROM `tee`.`teecust`

+ ------------ + ------------ + ------------ +

| prog_id      | cust_no      | balance      |

+ ------------ + ------------ + ------------ +

| 220852       | 1184631      | 0
           |
| 220853       | 1184693      | 0
           |
| 225726       | 1186292      | 0
           |
| 220854       | 1233446      | 0
           |
| 220856       | 1233672      | 0


<!DOCTYPE html>
        <head>
            <title>Search the Database</title>
        </head>



  <body>
      <form action="search.php" method="get" enctype="application/x-www-form-urlencoded" target="_self" id="search">
          Search: <input type="text" name="term" /><br />
          <input type="submit" name="submit" value="Submit" />
    </form>

 <?php

    $host="****";
    $port="3306";
    $socket="";
    $user="u*****";
    $password="*****";
    $dbname="tee";

    $mysqli = new mysqli($host, $user, $password, $dbname);
        if (mysqli_connect_errno()) {
        printf("Connect failed: %s\n", mysqli_connect_error());
        exit();
    }
    $query = "SELECT cust_no FROM teecust LIMIT 20,5";

    if ($result = $mysqli->query($query)) {
        /* fetch associative array */

     while ($row = $result->fetch_row()) {
            printf ("Customer Number:%s   Billing ID:%s   Balance due:%s\n", $row["cust_no"], $row["prog_id"], $row["balance"]);
    }
        /* free result set */
        $result->close();
    }

    /* close connection */
    $mysqli->close();
    ?>

        </body>
    </html>
4

2 回答 2

1

您需要通过get- 获取搜索条件,因为这是您指定的。尽管您没有在帖子中提到这一点,但我假设您想在查询中使用搜索条件:

Extra note: You may also want to read up on the where clause in SQL

(I've shown you how to use prepared statements for added security)

    <?php
            $searchTerm = $_GET['term']; // GET the search term submitted by the form

            $customerNumber = '';
            $progID = '';
            $balance = '';

            // build your query - notice the user of '?' as I'm using prepared statements to query the database. Also notice the 'where' clause.
            $sql = "Select cust_no, prog_id, balance From teecust where cust_no = ?";

            // Create the prepared statement
            if($stmt = $mysqli->prepare($sql)){
                $stmt->bind_param("s", $searchTerm); // bind the search term to the query where the '?' once was
                if(!$stmt->execute()){ // run the query
    echo $mysqli->error;
    }
                $stmt->bind_result($customerNumber, $progID, $balance ); // retrieve results into variables
                while($stmt->fetch()){ // loop through results
                    // You now have the result in $customerNumber, $progID, and $balance - do what    you want with it
echo "customer number: " . $customerNumber . "<br> Program ID: " . $progID . "<br> Balance: " . $balance;
                }
                $stmt->close();
            }
        else{
        echo $mysqli->error;
        }

            ?>
于 2013-03-31T03:14:04.250 回答
1

There is nothing wrong with mysqli - ... all preference.

Surely it's a matter of preference. If one prefers bloated, non-reusable and insecure code, mysqli is their choice. But if they want something otherwise, then PDO have to be chosen: 

$sql = "Select cust_no, prog_id, balance From teecust where cust_no = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute(array($_GET['term']));
while($row = $stmt->fetch()) {
    echo "Customer: $row[cust_no]<br>
          Program ID: $row[prog_id]<br>
          Balance: $row[balance]";
}
于 2013-03-31T06:04:18.513 回答