如何让脚本从MYSQL数据库中检索特定数据?

时间:2013-03-31 03:08:28

标签: php database get mysqli

我进行了简单的搜索,以便从数据库中检索客户数据。到目前为止,我只能成功地在网页上显示当前的表格数据,但我无法获得搜索功能来检索特定数据。我有0个数据库访问问题。

我已经在护目镜上搜索了好几个小时并尝试了许多不同的组合,但我找不到任何关于进行mysqli搜索的体面教程。

Link to my current php page

Cust_no是主键(varchar),prog_id(整数),balance(varchar)

 **Table structure**

Query Output:

> SELECT prog_id, cust_no, balance

FROM `tee`.`teecust`

+ ------------ + ------------ + ------------ +

| prog_id      | cust_no      | balance      |

+ ------------ + ------------ + ------------ +

| 220852       | 1184631      | 0
           |
| 220853       | 1184693      | 0
           |
| 225726       | 1186292      | 0
           |
| 220854       | 1233446      | 0
           |
| 220856       | 1233672      | 0


<!DOCTYPE html>
        <head>
            <title>Search the Database</title>
        </head>



  <body>
      <form action="search.php" method="get" enctype="application/x-www-form-urlencoded" target="_self" id="search">
          Search: <input type="text" name="term" /><br />
          <input type="submit" name="submit" value="Submit" />
    </form>

 <?php

    $host="****";
    $port="3306";
    $socket="";
    $user="u*****";
    $password="*****";
    $dbname="tee";

    $mysqli = new mysqli($host, $user, $password, $dbname);
        if (mysqli_connect_errno()) {
        printf("Connect failed: %s\n", mysqli_connect_error());
        exit();
    }
    $query = "SELECT cust_no FROM teecust LIMIT 20,5";

    if ($result = $mysqli->query($query)) {
        /* fetch associative array */

     while ($row = $result->fetch_row()) {
            printf ("Customer Number:%s   Billing ID:%s   Balance due:%s\n", $row["cust_no"], $row["prog_id"], $row["balance"]);
    }
        /* free result set */
        $result->close();
    }

    /* close connection */
    $mysqli->close();
    ?>

        </body>
    </html>

2 个答案:

答案 0 :(得分:1)

您需要通过get获取搜索条件 - 因为这是您指定的内容。虽然您在帖子中没有提到这一点,但我假设您要在查询中使用搜索条件:

额外注意:您可能还想阅读SQL中的where clause

(我已经向您展示了如何使用prepared statements来增加安全性)

    <?php
            $searchTerm = $_GET['term']; // GET the search term submitted by the form

            $customerNumber = '';
            $progID = '';
            $balance = '';

            // build your query - notice the user of '?' as I'm using prepared statements to query the database. Also notice the 'where' clause.
            $sql = "Select cust_no, prog_id, balance From teecust where cust_no = ?";

            // Create the prepared statement
            if($stmt = $mysqli->prepare($sql)){
                $stmt->bind_param("s", $searchTerm); // bind the search term to the query where the '?' once was
                if(!$stmt->execute()){ // run the query
    echo $mysqli->error;
    }
                $stmt->bind_result($customerNumber, $progID, $balance ); // retrieve results into variables
                while($stmt->fetch()){ // loop through results
                    // You now have the result in $customerNumber, $progID, and $balance - do what    you want with it
echo "customer number: " . $customerNumber . "<br> Program ID: " . $progID . "<br> Balance: " . $balance;
                }
                $stmt->close();
            }
        else{
        echo $mysqli->error;
        }

            ?>

答案 1 :(得分:1)

  

mysqli没有任何问题 - ...所有偏好。

当然这是一个偏好问题。如果一个人更喜欢臃肿,不可重用且不安全的代码,那么mysqli就是他们的选择。但如果他们想要其他东西,那么必须选择PDO

$sql = "Select cust_no, prog_id, balance From teecust where cust_no = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute(array($_GET['term']));
while($row = $stmt->fetch()) {
    echo "Customer: $row[cust_no]<br>
          Program ID: $row[prog_id]<br>
          Balance: $row[balance]";
}
相关问题
最新问题