创建一个 php 搜索栏
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/16403221/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Creating a php search bar
提问by John Dane
I want to put a search box so that when you type in a persons name it selects that persons details from the database.
我想放一个搜索框,这样当你输入一个人的名字时,它会从数据库中选择那个人的详细信息。
This is my search box:
这是我的搜索框:
<html>
<body>
<form action="users.php" method="GET">
<input id="search" type="text" placeholder="Type here">
<input id="submit" type="submit" value="Search">
</form>
</body>
</html>
Then here is my PHP to return the users:
然后这里是我的 PHP 返回用户:
<?php
$connection = mysql_connect("localhost","root","");
mysql_select_db("blog1")or die(mysql_error());
$result = mysql_query("SELECT username FROM member");
while ($row = mysql_fetch_assoc($result)) {
echo "<div id='link' onClick='addText(\"".$row['username']."\");'>" . $row['username'] . "</div>";
}
?>
How to get it to just return the user that i type in the search bar instead of all the users? Any help would be great as I am just learning PHP.
如何让它只返回我在搜索栏中输入的用户而不是所有用户?任何帮助都会很棒,因为我只是在学习 PHP。
回答by Adrian
You need to add a WHEREclause to your SQL query to filter for users with matching usernames (using =) or similar usernames (using LIKE). For example:
您需要WHERE在 SQL 查询中添加一个子句,以过滤具有匹配用户名( using =)或类似用户名( using LIKE)的用户。例如:
SELECT * FROM users WHERE username LIKE '%querystring%'
Will return all users whose username contains "querystring".
将返回用户名包含“querystring”的所有用户。
Also, as you're likely to be bombarded with in the comments, the mysql_*functions are deprecated. You should at least switch to mysqli_*, or even better, switch to PDO.
此外,由于您可能会在评论中遭到轰炸,因此不推荐使用这些mysql_*功能。您至少应该切换到,或者甚至更好地切换到 PDO。mysqli_*
回答by Ali Akbar Azizi
fist don't use mysql_* in your code , use PDO or mysqli_*
拳头不要在你的代码中使用 mysql_* ,使用 PDO 或 mysqli_*
<?php
$connection = mysql_connect("localhost","root","");
mysql_select_db("blog1")or die(mysql_error());
$safe_value = mysql_real_escape_string($_POST['search']);
$result = mysql_query("SELECT username FROM member WHERE `username` LIKE %$safe_value%");
while ($row = mysql_fetch_assoc($result)) {
echo "<div id='link' onClick='addText(\"".$row['username']."\");'>" . $row['username'] . "</div>";
}
?>
second edit your html
第二次编辑你的html
<form action="users.php" method="GET">
<input id="search" name="search" type="text" placeholder="Type here">
<input id="submit" type="submit" value="Search">
</form>
回答by ajtrichards
Please, don't use mysql_* functions in new code.They are no longer maintained and the deprecation processhas begun on it. See the red box? Learn about prepared statementsinstead, and use PDOor MySQLi- this articlewill help you decide which.
请不要在新代码中使用 mysql_* 函数。它们不再被维护,弃用过程已经开始。看到红框了吗?了解准备好的语句,并使用PDO或 MySQLi- 本文将帮助您决定哪个。
Personally, I would use something like Bootstrap's typeahead function. You could pre-load your user list in to a javascript array and when the users are typing it will begin filtering. More information on Bootstrap's typeahead can be found here: http://twitter.github.io/bootstrap/javascript.html#typeahead
就个人而言,我会使用类似 Bootstrap 的预先输入功能的东西。您可以将您的用户列表预加载到 javascript 数组中,当用户输入时,它将开始过滤。更多关于 Bootstrap 的 typeahead 的信息可以在这里找到:http: //twitter.github.io/bootstrap/javascript.html#typeahead
To do it the way your currently doing it, I would use the following code (I've used the MySQLi extension)
要按照您目前的方式进行操作,我将使用以下代码(我使用了 MySQLi 扩展)
<?php
$connection = new mysqli('localhost', 'root', 'password', 'DB_NAME');
$search = $_GET['search'];
$search = $mysqli -> real_escape_string($search);
$query = "SELECT username FROM member WHERE username LIKE '%".$search."%'";
$result= $mysqli -> query($query);
while($row = $result -> fetch_object()){
echo "<div id='link' onClick='addText(\"".$row -> username."\");'>" . $row -> username . "</div>";
}
By adding the WHERE username LIKE '%".$search."%'it filters the records by usernames that start or end with the term you've type.
通过添加WHERE username LIKE '%".$search."%'它,它会按以您键入的术语开头或结尾的用户名过滤记录。
If you had a user name "Alex" and your search term was "Ale" that result would be amongst the returned results, if you searched for "lex", Alex would be amongst the returned results.
如果您有一个用户名“Alex”并且您的搜索词是“Ale”,那么结果将在返回的结果中,如果您搜索“lex”,Alex 将在返回的结果中。
回答by Stan
- Submit GET request
- Get the variable and escape it to prevent sqlinjk
- Search the database records where username is set to what is passed
- Print result
- 提交GET请求
- 获取变量并对其进行转义以防止sqlinjk
- 搜索用户名设置为传递内容的数据库记录
- 打印结果
html
html
<form action="users.php" method="GET">
<input name="username" id="search" type="text" placeholder="Type here">
<input id="submit" type="submit" value="Search">
</form>
php
php
<?php
$connection = mysql_connect("localhost","root","");
mysql_select_db("blog1")or die(mysql_error());
$username = mysql_real_escape_string($_GET['username']);
$result = mysql_query("SELECT * FROM member WHERE username = '" + $username + "'");
print_r($result);
回答by user2355445
<form action="users.php" method="GET">
<input id="search" name="keywords" type="text" placeholder="Type here">
<input id="submit" type="submit" value="Search">
</form>
</body>
</html>
<?php
$connection = mysql_connect("localhost","root","");
mysql_select_db("blog1")or die(mysql_error());
$keywords = isset($_GET['keywords']) ? '%'.$_GET['keywords'].'%' : '';
$result = mysql_query("SELECT username FROM member where username like '$keywords'");
while ($row = mysql_fetch_assoc($result)) {
echo "<div id='link' onClick='addText(\"".$row['username']."\");'>" . $row['username'] . "</div>";
}
?>
