如果功能放置

时间:2012-12-06 21:38:30

标签: php

如果有人能为我提供合适的代码,那就太棒了。我想要做的是在正在回显的信息之后添加<hr />,如果从我的数据库中提取了多个结果。这是代码,如果有人可以帮助我。感谢。

<html>
<script>
function goBack()
  {
  window.history.back()
  }
</script>
<body>
<div style="width: 875px; margin-left: 30px; margin-right: auto;"><img         src="searchresults.png" alt="" title="Search Results"  alt="" /></p>
<?php


$term = $_POST['term'];

$sql = mysql_query("SELECT * FROM store_location where store_name like '%$term%' or     address like '%$term%' or city like '%$term%' or state like '%$term%' or zip like     '%$term%' or phone like '%$term%' or fax like '%$term%' or email like '%$term%' or url     like '%$term%' ");

    if( mysql_num_rows($sql) == 0) echo "<p>No TeachPro Store(s) in your area.</p>";

   while ($row = mysql_fetch_array($sql)){

echo 'Store Name: '.$row['store_name'];
echo '<br/> Address: '.$row['address'];
echo '<br/> City: '.$row['city'];
echo '<br/> State: '.$row['state'];
echo '<br/> Zip: '.$row['zip'];
echo '<br/> Phone: '.$row['phone'];
echo '<br/> Fax: '.$row['fax'];
echo '<br/> Email: <a href="mailto:'.$row['email'].'">'.$row['email'].'</a>';
echo '<br/> URL: <a href="'.$row['url'].'">'.$row['url'].'</a>';
echo '<br/><br/>';
}
?>
</div>
<input type="button" value="Back" onclick="goBack()">
</body>
</html>

1 个答案:

答案 0 :(得分:1)

只需将while循环包裹在else个案例中,然后在其中输出<hr>。如果没有找到行,您已经有了适当的逻辑来输出<p>,并且可以扩展它。

if( mysql_num_rows($sql) == 0) {
  echo "<p>No TeachPro Store(s) in your area.</p>";
}
// Instead of relying on an empty fetch to output nothing, put it in an else {}
else {
  while ($row = mysql_fetch_array($sql)){
    echo 'Store Name: '.$row['store_name'];
    echo '<br/> Address: '.$row['address'];
    echo '<br/> City: '.$row['city'];
    echo '<br/> State: '.$row['state'];
    echo '<br/> Zip: '.$row['zip'];
    echo '<br/> Phone: '.$row['phone'];
    echo '<br/> Fax: '.$row['fax'];
    echo '<br/> Email: <a href="mailto:'.$row['email'].'">'.$row['email'].'</a>';
    echo '<br/> URL: <a href="'.$row['url'].'">'.$row['url'].'</a>';
    echo '<br/><br/>';
  }
  // And your <hr /> and whatever else you need...
  echo "<hr />";
}

只是关于HTML输出的附注 - 请务必将这些值包装在htmlspecialchars()中,以便正确转义为HTML,以避免在包含< > &等HTML特殊字符时出现问题(并可能防范XSS如果这是用户输入的!)

// Ex:
echo 'Store Name: '.htmlspecialchars($row['store_name']);

更迫切的是使用mysql_real_escape_string()清除针对SQL注入的查询输入。

// At a minimum:
$term = mysql_real_escape_string($_POST['term']);

从长远来看,请考虑切换到支持预处理语句的API,例如MySQLi或PDO。

相关问题
最新问题