<!doctype html>
<body>
<?php
$mysqli = new mysqli("localhost", "root", "", "test3");
$hs_data= '%' .$_POST['hs_data']. '%'; //changed this and it worked!
$nv_data= '%' .$_POST['hs_data']. '%';
$vsa_data= '%' .$_POST['hs_data']. '%';
$query = $mysqli->stmt_init();
//create a prepared statement
$query = "SELECT hs,nv,vsa FROM handover WHERE hs like ? or nv like ? or vsa like ?";
//$query = "SELECT id,hs,nv,vsa FROM sectona_product WHERE hs = ? or nv = ?";
$statement = $mysqli->prepare($query);
//bind parameters for markers, where (s = string, i = integer, d = double, b = blob)
$statement->bind_param('sss',$hs_data,$nv_data,$vsa_data);
//execute query
$statement->execute();
//bind result variables to be printed
$statement->bind_result( $hs,$nv,$vsa);
$statement->store_result();
if( $statement->num_rows > 0 )
{
print '<table border="1">';
print '<tr>';
//fetch records
while($statement->fetch()) {
print '<td>'.$hs.'</td>';
print '<td>'.$nv.'</td>';
print '<td>'.$vsa.'</td>';
print '</tr>';
}
print '</table>';
} else {
print "<p>No Rows</p>";
}
//close connection
$statement->close();
?>
最终的工作代码得到了sectona的大力帮助 - 只是让每个人都能清楚地看到。这是对名为hs_data的输入的关键字搜索。我检查我的数据库hs,nv,vsa中的列,它将匹配的结果打印到表中。
答案 0 :(得分:0)
这段代码应该有所帮助,我相信它应该对你有用(虽然我还没有测试过它。 我只是编码正确的方式) 首先,您需要能够区分intger和varchar系列数据。 在Mysqli中,Interger,数字由i表示,varchar family由s表示 因此,在你的绑定中,你可能有类似
的东西$stmt->bind_param('sis',$varchar,$integer,$text); etc.
请遵循此代码,您的问题就解决了。如果你仍然无法解决它,请给我一个喊叫。 谢谢.. Sectona
<?
$mysqli = new mysqli("localhost", "root", "root777", "sectona_db");
$hs_data= '%' .$_POST['hs_data']. '%'; //changed this and it worked!
$nv_data= '%' .$_POST['hs_data']. '%';
$vsa_data= '%' .$_POST['hs_data']. '%';
$stmt = $mysqli->stmt_init();
if($stmt->prepare("SELECT * FROM handover WHERE hs LIKE ? OR nv LIKE ? OR vsa LIKE ?")) {
$stmt->bind_param('sss',$hs1,$nv1,$vsa1);
$stmt->execute();
// Close statement object
$stmt->close();
print "<font size=4 color=green>Query Successful </font>";
}
else{
print "<font size=4 color=red>Somethin is wrong somewhere </font>";
}
/* close connection */
$mysqli->close();
?>
答案 1 :(得分:0)
代码已经过测试,现在可以使用了
首先创建表并插入记录
create table sectona_product(id int primary key auto_increment, hs varchar(100), nv varchar(80),vsa varchar(86));
insert into sectona_product(hs,nv,vsa) values('jon','gab','secunda');
<?php
$mysqli = new mysqli("localhost", "root", "root_password", "sectona_db");
$hs_data = 'jon';
$nv_data = 'gab';
$query = $mysqli->stmt_init();
//create a prepared statement
$query = "SELECT id,hs,nv,vsa FROM sectona_product WHERE hs like ? or nv like ?";
//$query = "SELECT id,hs,nv,vsa FROM sectona_product WHERE hs = ? or nv = ?";
$statement = $mysqli->prepare($query);
//bind parameters for markers, where (s = string, i = integer, d = double, b = blob)
$statement->bind_param('ss',$hs_data,$nv_data);
//execute query
$statement->execute();
//bind result variables to be printed
$statement->bind_result($id, $hs, $nv,$vsa);
Print "Your data is printed successfully";
print '<table border="1">';
//fetch records
while($statement->fetch()) {
print '<tr>';
print '<td>'.$id.'</td>';
print '<td>'.$hs.'</td>';
print '<td>'.$nv.'</td>';
print '<td>'.$vsa.'</td>';
print '</tr>';
}
print '</table>';
//close connection
$statement->close();
?>
如果查询来自表单输入Eg。
<input type=text name="hs_data" id="hs_data>
然后你可以将php变量设置为
$hs_data=$_POST['hs_data'];
如果您在输出或打印数据库中的数据时仍需要保护脚本免受XSS攻击,则可以
使用htmlentities() or htmlspecialchars()
functions as per below
print '<td>'.htmlentities($vsa, ENT_QUOTES, "UTF-8").'</td>';
如果您觉得有趣,请评价并给我一个喊叫。 .... Sectona