我已经制作了一个搜索脚本来搜索各种记录,但是当我在sql中添加一个WHERE会话时,脚本就不再工作了。你可以检查代码并告诉我如何更改脚本以便我可以使用它吗?
这是我的脚本:
<?php
//include connection file
include_once("connection.php");
session_start();
if (!isset($_SESSION['GEBRUIKER_ID'])) {
header ("Location: ");
die;
}
// initilize all variable
$params = $columns = $totalRecords = $data = array();
$params = $_REQUEST;
//define index of column
$columns = array(
0 =>'id',
1 =>'user_id',
2 => 'klant_id',
3 => 'naam_klant',
4 => 'contactpersoon',
5 => 'adres'
);
$where = $sqlTot = $sqlRec = "";
// check search value exist
if( !empty($params['search']['value'])) {
$where .=" WHERE ";
$where .=" ( naam_klant LIKE '".$params['search']['value']."%' ";
$where .=" OR contactpersoon LIKE '".$params['search']['value']."%' ";
$where .=" OR adres LIKE '".$params['search']['value']."%')";
}
// getting total number records without any search
$sql = "SELECT id,naam_klant,contactpersoon,adres FROM klanten WHERE user_id='".$_SESSION['GEBRUIKER_ID']."' ";
$sqlTot .= $sql;
$sqlRec .= $sql;
//concatenate search sql if value exist
if(isset($where) && $where != '') {
$sqlTot .= $where;
$sqlRec .= $where;
}
$sqlRec .= " ORDER BY ". $columns[$params['order'][0]['column']]." ".$params['order'][0]['dir']." LIMIT ".$params['start']." ,".$params['length']." ";
$queryTot = mysqli_query($conn, $sqlTot) or die("database error:". mysqli_error($conn));
$totalRecords = mysqli_num_rows($queryTot);
$queryRecords = mysqli_query($conn, $sqlRec) or die("error to fetch employees data");
//iterate on results row and create new index array of data
while( $row = mysqli_fetch_row($queryRecords) ) {
$data[] = $row;
}
$json_data = array(
"draw" => intval( $params['draw'] ),
"recordsTotal" => intval( $totalRecords ),
"recordsFiltered" => intval($totalRecords),
"data" => $data // total data array
);
echo json_encode($json_data); // send data as json format
?>
<script type="text/javascript">
$( document ).ready(function() {
$('#employee_grid').DataTable({
"bProcessing": true,
"serverSide": true,
"ajax":{
url :"response.php", // json datasource
type: "post", // type of method ,GET/POST/DELETE
error: function(){
$("#employee_grid_processing").css("display","none");
}
}
});
});
</script>
<div class="container">
<div class="">
<h3>Klanten overzicht</h3>
<div class="">
<table id="employee_grid" class="display" width="100%" cellspacing="0">
<thead>
<tr>
<th>Klantnummer</th>
<th>Naam</th>
<th>Contactpersoon</th>
<th>Adres</th>
</tr>
</thead>
<tfoot>
<tr>
<th>Klantnummer</th>
<th>Naam</th>
<th>Contactpersoon</th>
<th>Adres</th>
</tr>
</tfoot>
</table>
</div>
</div>
</div>
答案 0 :(得分:0)
在构建查询时,显然会为登录用户添加where user_id = ?子句。如果搜索值不为空,则添加第二个where子句,使查询基本上为select .. from .. where user_id = ? where (naam_klant like ".." OR .. OR ..)。您在一个查询中不能有两个where,它必须是and,如下所示:
select .. from .. where user_id = ? AND (naam_klant like ".." OR .. OR ..)