1

好的,所以我正在为使用 MYSQL 和 PHP 的非营利组织开发搜索引擎。所有其他字段的数据看起来都很好。但是当我尝试从下拉选择框中获取数据时,数据不会出现。
我知道我的代码很适合 SQL 注入,但是服务器上没有保存任何重要数据,它只是有关治疗和研究的信息。

我想用一个函数来做。我还想知道是否有办法从多个盒子中检索数据。就像我有一个关键字搜索和一个下拉组合框一样,它们都已设置。如何使用我拥有的函数从数据库中的两列中检索数据?谢谢 这是我的代码,如果你们能帮助我,那将是非常感谢 html 框的代码

                          Broad Research Topic <select name="Treatment1">
                          <option value="Other">
                                    Other
                          </option>
                          <option value="Treatment">
                                    Treatment
                          </option>
                          <option value="PracticalCure">
                                    Practical Cure
                          </option>

检查是否已设置的 php 代码

               if (isset($_GET['Treatment1']) && in_array($_GET(['Treatment1']),       
               array('Treatment', 'PracticalCure', 'Other')) {


                $state =  $_GET['Treatment1']; 
                Investigator6($state); }
                 }

功能调查员6

       function Investigator6($state)
       {

       $state = trim($state);
       $state = preg_replace('/\s+/', ' ', $state);

      //seperate multiple keywords into array space delimited
       $keywords = explode(" ", $state);

       //Clean empty arrays so they don't get every row as result
       $keywords = array_diff($keywords, array(
        ""
        ));

        //Set the MySQL query
        if ($state == NULL or $state == '%') {
         } else {
         for ($i = 0; $i < count($keywords); $i++) {
        $query = ("SELECT * FROM Studies1 WHERE BroadResearchTopic LIKE   
       ' %$keywords[$i]%'");
       }

       //Store the results in a variable or die if query fails
       $result = mysql_query($query) or die(mysql_error());
       }
       if ($state == NULL or $state == '%') {
       } else {
       //Count the rows retrived
       $count = mysql_num_rows($result);
      echo $count;
      }

      //If search variable is null do nothing, else print it.
       if ($state == NULL) {
       } else {
       echo "You searched for <b><FONT COLOR=\"blue\">";
       foreach ($keywords as $value) {
        print "$value ";
       }
      echo "</font></b>";
       }
       echo "<p> </p><br />";
       echo "</center>";

     //If users doesn't enter anything into search box tell them to.
     if ($state == NULL) {
    echo "<center><b><FONT COLOR=\"red\">Please enter a search parameter to continue.                   
    b</font></b><br /></center>";
   } elseif ($state == '%') {
    echo "<center><b><FONT COLOR=\"red\">Please enter a search parameter to continue.  
    </font></b><br /></center>";
    //If no results are returned print it
    } elseif ($count <= 0) {
    echo "<center><b><FONT COLOR=\"red\">Your query returned no results from the   
    database.</font></b><br /></center>";
    //ELSE print the data in a table
     } else {
    //Table header
     echo "<center>";
     echo "</center>";

    //Colors for alternation of row color on results table
    $color1 = "#d5d5d5";
    $color2 = "#e5e5e5";
    //While there are rows, print it.
     while ($row = mysql_fetch_array($result)) {
        //Row color alternates for each row
        $row_color = ($row_count % 2) ? $color1 : $color2;
        //table background color = row_color variable
       echo "<td style = \"padding: 10px\">" . $row['BroadResearchTopic'] . "</td>";
       $row_count++;
       if ($state == NULL or $state == '%') {
       } else {
      //clear memory
      mysql_free_result($result);
     }
    }
4

0 回答 0