我正在构建一个简单的搜索算法,我想用空格打破我的字符串,并在上面搜索我的数据库,如下所示:
$search = "Sony TV with FullHD support";
$search = explode( ' ', $search );
SELECT name FROM Products WHERE name LIKE %$search[1]% AND name LIKE %$search[2]% LIMIT 6
这可能吗?
是的,您可以使用 SQLIN
运算符搜索多个绝对值:
SELECT name FROM products WHERE name IN ( 'Value1', 'Value2', ... );
如果你想使用LIKE
,你将需要使用OR
:
SELECT name FROM products WHERE name LIKE '%Value1' OR name LIKE '%Value2';
使用AND
(正如您所尝试的那样)需要所有条件都为真,使用OR
需要至少一个条件为真。
尝试这个
使用UNION
$sql = '';
$count = 0;
foreach($search as $text)
{
if($count > 0)
$sql = $sql."UNION Select name From myTable WHERE Name LIKE '%$text%'";
else
$sql = $sql."Select name From myTable WHERE Name LIKE '%$text%'";
$count++;
}
使用WHERE IN
$comma_separated = "('" . implode("','", $search) . "')"; // ('1','2','3')
$sql = "Select name From myTable WHERE name IN ".$comma_separated ;
这在两种情况下都可以完美运行,一个或多个字段搜索多个单词。
希望这会对某人有所帮助。谢谢
declare @searchTrm varchar(MAX)='one two three four';
--select value from STRING_SPLIT(@searchTrm, ' ') where trim(value)<>''
select * from Bols
WHERE EXISTS (SELECT value
FROM STRING_SPLIT(@searchTrm, ' ')
WHERE
trim(value)<>''
and(
BolNumber like '%'+ value+'%'
or UserComment like '%'+ value+'%'
or RequesterId like '%'+ value+'%' )
)
此处已部分回答: MySQL Like multiple values
我反对
$search =explode('', $search);
并将它们直接输入到 SQL 查询中,因为这很容易通过搜索栏进行 SQL 注入。您必须先转义字符,以防他们尝试一些有趣的事情,例如:“--; DROP TABLE name;
$search = str_replace('"', "''", 搜索);
但即使这样也不是完全安全的。您必须尝试使用 SQL 准备好的语句才能更安全。使用正则表达式更容易构建一个函数来准备和创建你想要的东西。
function makeSQL_search_pattern($search) {
search_pattern = false;
//escape the special regex chars
$search = str_replace('"', "''", $search);
$search = str_replace('^', "\\^", $search);
$search = str_replace('$', "\\$", $search);
$search = str_replace('.', "\\.", $search);
$search = str_replace('[', "\\[", $search);
$search = str_replace(']', "\\]", $search);
$search = str_replace('|', "\\|", $search);
$search = str_replace('*', "\\*", $search);
$search = str_replace('+', "\\+", $search);
$search = str_replace('{', "\\{", $search);
$search = str_replace('}', "\\}", $search);
$search = explode(" ", $search);
for ($i = 0; $i < count($search); $i++) {
if ($i > 0 && $i < count($search) ) {
$search_pattern .= "|";
}
$search_pattern .= $search[$i];
}
return search_pattern;
}
$search_pattern = makeSQL_search_pattern($search);
$sql_query = "SELECT name FROM Products WHERE name REGEXP :search LIMIT 6"
$stmt = pdo->prepare($sql_query);
$stmt->bindParam(":search", $search_pattern, PDO::PARAM_STR);
$stmt->execute();
我没有测试过这段代码,但这是我在你的情况下会做的。我希望这有帮助。
您可以尝试执行以下查询:
SELECT name FROM Products WHERE REGEXP '.*Value1|.*Value2';
请注意,管道符号 (|) 之前或之后不应有空格。
我知道这是很久以前的事了,但我有一个解决方案。可以这样解决:
#intial query
query = 'SELECT var1, var2 FROM dbo.db_name WHERE'
if status :
query = query + " AND status='" + status + "'"
if type :
query = query + " AND Type='" + type + "'"
if number :
query = query + " AND Number='" + number + "'"
if cancel_request:
query = query + " AND CancelRequest='" + cancel_request + "'"
query = query + ' ORDER BY transid DESC'
cur.execute(query)