3

我试图让我的搜索在我的数据库中查找 $searchtext 其中 $selecteditem 代表它正在搜索的列。我在代码的最后一部分遇到语法错误

我的表格——

<form name="search" id="search" method="POST" action="">
    <input type="text" name="searchterm" id="searchterm">
    <select name="selectitem">
        <option value="propertydescription">Property/Description</option>
        <option value="transactiontype">Transaction type</option>
        <option value="applicabledocument">Applicable document</option>
        <option value="recieved">recieved</option>
        <option value="paid">paid</option>
    </select>

</div></td>
<td>&nbsp;</td>
<td><input type="submit" name="search" value="search"></td>

我的 php -

if (isset($_POST['search']))
{
    $columbname = $_POST['selectitem'];
    $searchterm  = $_POST['searchterm'];
    $query="SELECT * FROM transactions WHERE agentclient  = '$agentclient' AND WHERE '$columbname' = '$searchterm'";
    $result = mysql_query ($query) or die(mysql_error());
}
else
4

8 回答 8

5

我已经替换了你的PHP代码,现在它运行良好

if (isset($_POST['search']))
{
$columbname = $_POST['selectitem'];
$searchterm  = $_POST['searchterm'];
$query="SELECT * FROM transactions WHERE agentclient  = '$agentclient' && 'columbname' = '$searchterm'";
$result = mysql_query ($query) or die(mysql_error());
}
else
于 2013-06-04T09:57:13.450 回答
5 
if (isset($_POST['search']))
{
$columbname = $_POST['selectitem'];
$searchterm  = $_POST['searchterm'];
$query="SELECT * FROM transactions WHERE agentclient  = '$agentclient' AND $columbname = '$searchterm'";
$result = mysql_query ($query) or die(mysql_error());
}
于 2013-06-04T09:52:49.370 回答
5
  1. 删除第二个WHERE
  2. $columbname删除从变量中获得的列名周围的引号。

改变

$query="SELECT * FROM transactions WHERE agentclient  = '$agentclient' AND WHERE '$columbname' = '$searchterm'";


$query="SELECT * FROM transactions WHERE agentclient  = '$agentclient' AND $columbname = '$searchterm'";

附带说明:您的代码容易受到 sql 注入的攻击。切换到 mysqli 或 PDO 并使用准备好的语句。

于 2013-06-04T09:54:56.310 回答
4

请在您的 SQL 查询中替换 AND WHEREby 。AND

于 2013-06-04T09:53:03.747 回答
3

你应该在你的查询中替换AND WHEREby而不需要inANDSELECT'$columbname

if (isset($_POST['search']))
{
 $columbname  = $_POST['selectitem'];
 $searchterm  = $_POST['searchterm'];
 $query       = "SELECT * FROM transactions WHERE (agentclient  = '$agentclient' AND $columbname = '$searchterm')";
 $result = mysql_query ($query) or die(mysql_error());
}

注意:不要使用已弃用的mysql_扩展名。请改用mysqliPDO

于 2013-06-04T09:57:08.057 回答
3

使用这个(删除第二个 where):

$query="SELECT * FROM transactions 
WHERE agentclient  = '$agentclient' 
AND '$columbname' = '$searchterm'";
于 2013-06-04T09:51:55.177 回答
3

修复查询。用这个:

$query="SELECT * FROM transactions WHERE agentclient  = '$agentclient' AND '$columbname' = '$searchterm'"

代替:

$query="SELECT * FROM transactions WHERE agentclient  = '$agentclient' AND WHERE '$columbname' = '$searchterm'"

(你有一个太多的WHERE

于 2013-06-04T09:55:31.587 回答
0

更改您的查询:

$query = "SELECT * FROM transactions 
          WHERE agentclient  = '$agentclient' 
          AND $columbname = '$searchterm'";
于 2013-06-04T09:56:02.477 回答