如何在PHP中搜索关键字？

Question

我有一个脚本。它与＃＆amp;完全匹配，但是当我使用多个关键字进行搜索时，它会针对我的查询返回null和黑页。

这是我的代码：

<!doctype html public "-//w3c//dtd html 3.2//en">

<html>
<head>

</head>

<body>
<?Php
ini_set('display_errors', true);//Set this display to display  all erros while testing and developing the script
error_reporting(0);// With this no error reporting will be there
include "include/z_db.php";


$todo=$_POST['todo'];
$search_text=$_POST['search_text'];

if(strlen($serch_text) > 0){
if(!ctype_alnum($search_text)){
echo "Data Error";
exit;
}
}
////////// Displaying the search box /////
echo "<table>
<tr><td colspan=2 align='center'>";

echo "<form method=post action=''><input type=hidden name=todo value=search>
<input type=text name=search_text value='$search_text'><input type=submit value=Search><br>
<input type=radio name=type value=any checked>Match any where 
<input type=radio name=type value=exact>Exact Match

</form>
";

echo "</td></tr>";

/////////// if form is submitted the data processing is  done here///////////////
echo "<tr><td width='600' valign=top>";

if(isset($todo) and $todo=="search"){

$type=$_POST['type'];

$search_text=ltrim($search_text);
$search_text=rtrim($search_text);

    if($type<>"any"){
$query="select * from student where name='$search_text'";
        }else{
$kt=split(" ",$search_text);//Breaking the string to array of words
// Now let us generate the sql 
            while(list($key,$val)=each($kt)){
if($val<>" " and strlen($val) > 0){$q .= " name like '%$val%' or ";}

            }// end of while
$q=substr($q,0,(strLen($q)-3));
// this will remove the last or from the string. 
$query="select * from student where $q ";
        } // end of if else based on type value
echo "<span style='background-color= #FFFF00'>$query</span><br>";
$count=$dbo->prepare($query);
$count->execute();
$no=$count->rowCount();
if($no > 0 ){echo " No of records = ".$no."<br><br>"; 
echo "<table><tr><th>ID</th><th>Name</th><th>Class</th><th>Mark</th><th>Sex</th></tr>";
foreach ($dbo->query($query) as $row){
echo "<tr><td>$row[id]</td><td>$row[name]</td><td>$row[class]</td>
<td>$row[mark]</td><td>$row[sex]</td></tr>";
}
echo "</table>";
}else {
echo " No records found ";
}

}// End if form submitted
echo "</td><td width='400' valign=top>";
echo " Full records here ";
$query="select * from student";


echo "<table><tr><th>ID</th><th>Name</th><th>Class</th><th>Mark</th><th>Sex</th></tr>";
foreach ($dbo->query($query) as $row){
echo "<tr><td>$row[id]</td><td>$row[name]</td><td>$row[class]</td>
<td>$row[mark]</td><td>$row[sex]</td></tr>";
}
echo "</table>";

echo "</td></tr></table>";
?>
</body>

</html>
<!doctype html public "-//w3c//dtd html 3.2//en">

<html>
<head>
<title>Demo of Search Keyword using PHP and MySQL</title>
</head>

<body>
<?Php
ini_set('display_errors', true);//Set this display to display  all erros while testing and developing the script
error_reporting(0);// With this no error reporting will be there
include "include/z_db.php";


$todo=$_POST['todo'];
$search_text=$_POST['search_text'];

if(strlen($serch_text) > 0){
if(!ctype_alnum($search_text)){
echo "Data Error";
exit;
}
}
////////// Displaying the search box /////
echo "<table>
<tr><td colspan=2 align='center'>";

echo "<form method=post action=''><input type=hidden name=todo value=search>
<input type=text name=search_text value='$search_text'><input type=submit value=Search><br>
<input type=radio name=type value=any checked>Match any where 
<input type=radio name=type value=exact>Exact Match

</form>
";

echo "</td></tr>";

/////////// if form is submitted the data processing is  done here///////////////
echo "<tr><td width='600' valign=top>";

if(isset($todo) and $todo=="search"){

$type=$_POST['type'];

$search_text=ltrim($search_text);
$search_text=rtrim($search_text);

    if($type<>"any"){
$query="select * from student where name='$search_text'";
        }else{
$kt=split(" ",$search_text);//Breaking the string to array of words
// Now let us generate the sql 
            while(list($key,$val)=each($kt)){
if($val<>" " and strlen($val) > 0){$q .= " name like '%$val%' or ";}

            }// end of while
$q=substr($q,0,(strLen($q)-3));
// this will remove the last or from the string. 
$query="select * from student where $q ";
        } // end of if else based on type value
echo "<span style='background-color= #FFFF00'>$query</span><br>";
$count=$dbo->prepare($query);
$count->execute();
$no=$count->rowCount();
if($no > 0 ){echo " No of records = ".$no."<br><br>"; 
echo "<table><tr><th>ID</th><th>Name</th><th>Class</th><th>Mark</th><th>Sex</th></tr>";
foreach ($dbo->query($query) as $row){
echo "<tr><td>$row[id]</td><td>$row[name]</td><td>$row[class]</td>
<td>$row[mark]</td><td>$row[sex]</td></tr>";
}
echo "</table>";
}else {
echo " No records found ";
}

}// End if form submitted
echo "</td><td width='400' valign=top>";
echo " Full records here ";
$query="select * from student";


echo "<table><tr><th>ID</th><th>Name</th><th>Class</th><th>Mark</th><th>Sex</th></tr>";
foreach ($dbo->query($query) as $row){
echo "<tr><td>$row[id]</td><td>$row[name]</td><td>$row[class]</td>
<td>$row[mark]</td><td>$row[sex]</td></tr>";
}
echo "</table>";

echo "</td></tr></table>";
?>
</body>

</html>

MySQL连接：

<?php
global $dbo;

$info['dbhost_name'] = "localhost";
$info['database'] = "search"; // database name
$info['username'] = "root";  // userid
$info['password'] = "";   // password

$dbConnString = "mysql:host=" . $info['dbhost_name'] . "; dbname=" . $info['database'];

$dbo = new PDO($dbConnString, $info['username'], $info['password']);
$dbo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_SILENT);
//$dbo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

$error = $dbo->errorInfo();
if($error[0] != "") {
    echo "string";
}

?>

提交查询后的结果：

Answer 1

 $q = array();  // create an array
    $sq = ""; // this variable will be used in the query
 if(isset($_POST['txt_projectname']) && !empty($_POST['txt_projectname'])){  
    $projectname = mysqli_real_escape_string($conn,$_POST['txt_projectname']); 
    $q[] = "db_projectname='".$projectname."' ";     
    }  // take the variable from input after submit and put it in the array 
    if(isset($_POST['txt_location']) && !empty($_POST['txt_location'])){  
    $location =  mysqli_real_escape_string($conn,$_POST['txt_location']); 
    $q[] = "db_location='".$location."' ";      
    }
  $first = true; 

    foreach($q as $qu){  
        if($first){  
        $sq .= " where ".$qu;      
        $first = false;  
        }else{  
        $sq .= " and ".$qu;          
        } // for loop to use where and and in the query
    }
$sql=mysqli_query($conn,"select * from table {$sq}  ")or die(mysqli_error($conn));

你可以做这样的事情