我正在研究搜索功能,它在四天前工作正常,现在它正在返回此错误
您的SQL语法有错误;检查与MySQL服务器版本对应的手册,以便在第1行的'AND state ='AZ''附近使用正确的语法
这条线的正确语法是什么?
if($search_state !== "") {
$query .="AND state = '" . $search_state . " ' " ;
整个部分是:
$query = "SELECT id, name, contact, contact2, address1, address2, city, state, postalcode, country, location, workphone, fax, email, webaddress, region, rail, food, forest, metal, bulk, chem, general, paper FROM companies_new WHERE dummy = '' ORDER BY state ASC ";
if($search_co !== "") {
$query .= "AND name LIKE '%" . $search_co ."%' ";
}
if($search_first !== "") {
$query .= "AND contact LIKE '%" .$search_first."%' ";
}
if($search_last !== "") {
$query .= "AND contact LIKE '%" .$search_last."%' ";
}
if($search_city !== "") {
$query .="AND city = ' " . $search_city . " ' ";
}
if($search_state !== "") {
$query .="AND state = '" . $search_state . " ' " ;
}
答案 0 :(得分:7)
AND之后,您无法为WHERE子句添加ORDER BY个连词。您的ORDER BY子句必须在完整的WHERE子句之后。
答案 1 :(得分:0)
WHERE部分位于代码中的AND之前,这是错误的。这就是你想要的
$query = "SELECT id, name, contact, contact2, address1, address2, city, state, postalcode, country, location, workphone, fax, email, webaddress, region, rail, food, forest, metal, bulk, chem, general, paper FROM companies_new WHERE dummy = '' ";
if($search_co !== "") {
$query .= "AND name LIKE '%" . $search_co ."%' ";
}
...
$query .= " ORDER BY state ASC ";
另外,为了完整起见,您可以使代码更容易阅读:
$query .= "AND name LIKE '%$search_co%' ";
因为你的字符串是双引号
答案 2 :(得分:0)
您需要将AND语句放在where之后和sort_by之前。 将sort_by移动到php的末尾(附加到查询字符串),它应该可以工作。
答案 3 :(得分:0)
试试这个:
$query = "SELECT id, name, contact, contact2, address1, address2, city, state, postalcode, country, location, workphone, fax, email, webaddress, region, rail, food, forest, metal, bulk, chem, general, paper FROM companies_new WHERE dummy = '' ";
if($search_co !== "") {
$query .= "AND name LIKE '%".$search_co."%' ";
}
if($search_first !== "") {
$query .= "AND contact LIKE '%".$search_first."%' ";
}
if($search_last !== "") {
$query .= "AND contact LIKE '%".$search_last."%' ";
}
if($search_city !== "") {
$query .= "AND city = '".$search_city."' ";
}
if($search_state !== "") {
$query .= "AND state = '". $search_state."' " ;
}
$query.= "ORDER BY state ASC"
正如其他人所说,你的order by声明必须是最后的。此外,您在查询的city =部分中有城市名称周围的空格。虽然这是有效的SQL语法,但它只会返回城市名称被空格包围的结果。我猜这不是你想要的。
此外,您可能还想在order by中添加更多字段。现在,它将由州订购,但记录将由州随机回来。也许像是
$query.= "ORDER BY state, city, name, id"
最后,仅供参考,如果您没有仔细清理搜索输入,这种方法很容易受到SQL注入的影响。
答案 4 :(得分:0)
我认为这可行:
$query = "SELECT id, name, contact, contact2, address1, address2, city, state, postalcode, country, location, workphone, fax, email, webaddress, region, rail, food, forest, metal, bulk, chem, general, paper FROM companies_new ";
$conditions = array();
if(!empty($search_co)) {
$conditions[] = "name LIKE '%" . $search_co ."%' ";
}
if(!empty($search_first)) {
$conditions[] = "contact LIKE '%" .$search_first."%' ";
}
if(!empty($search_last)) {
$conditions[] = "contact LIKE '%" .$search_last."%' ";
}
if(!empty($search_city)) {
$conditions[] = "city = '" . $search_city . "' ";
}
if(!empty($search_state)) {
$conditions[] = "state = '" . $search_state . "' " ;
}
if (count($conditions) > 0) {
$query .= " WHERE " . implode(' AND ', $conditions);
}
$query .= " ORDER BY state ASC";
编辑:原始版本使用空,应该是!空的。现在已经修好了。
编辑2:这也假设您已使用mysql_real_escape_string或类似内容对变量进行了清理。
请注意,ORDER BY必须位于WHERE子句之后。
implode接受一个数组并将其转换为一个字符串,其中包含元素之间的指定字符串。所以,给定:
$myArray = array('A', 'B', 'C');
你可以做到
$myString = implode(' and ', $myArray);
将“A和B和C”放入$myString。
答案 5 :(得分:0)
此外,您似乎在单引号和双引号之间有空格,这将使查询如下所示:AND state ='AZ',这可能不是您想要的。您还可以使用以下语法避免PHP中的其他引号和连接:
$query .= " AND state = '$search_state' ";
当然,我必须提到您应该清理输入以防止SQL注入。