在多个列中搜索多个项目 [英] Search Multiple Items in Multiple columns

问题描述

我在表单中有6个选择项.我想在MYSQL DB中搜索那些6.如果只使用一个结果，我可以检索结果，例如:

I have 6 select items in a form. I want to search those 6 in MYSQL DB. I can retrieve results if I use only one, like:

$result = mysql_query("SELECT * FROM wsinmuebles WHERE Property_Type LIKE '%{$_POST['Property_Type']}%'");

但是当我尝试更多时，我没有结果！

But when I try more, I get no results!

$result = mysql_query("SELECT * FROM wsinmuebles WHERE 
Property_Type LIKE '%{$_POST['Property_Type']}%' AND 
Estado LIKE '%{$_POST['Estado']}%' AND 
Ciudad LIKE '%{$_POST['Ciudad']}%' AND 
Urbanizacion LIKE '%{$_POST['Urbanizacion']}%' AND 
Operacion LIKE '%{$_POST['Operacion']}%' AND 
Precio_bsf LIKE '%{$_POST['Precio_bsf']}%'");

这来自于POST方法的表单.

This comes from a form by the POST method.

我需要在MYSQL DB中查找Property_Type，Estado，Ciudad，Urbanizacion，Operacion和Precio_bsf变量，并仅接收与所有这些值匹配的结果.

What I need is to look for Property_Type, Estado, Ciudad, Urbanizacion, Operacion and Precio_bsf variables in MYSQL DB, and receive only the results that match all those values.

推荐答案

不要在条件之间使用或使用Or，毕竟，您应该知道串联字符串和执行查询可能会导致SQL注入，这是在代替搜索的情况下字符串我结束您的查询并执行给定的操作，例如'和1 = 1；删除wsinmuebles"，如果这是我的搜索查询，您将丢失所有数据.

Dont use And use Or between criteria, and after all you should know that concatenating strings and executing queries is giving possible SQL Injection, that is when instead of your search string I end your query and execute given action, for example "' and 1=1; delete wsinmuebles" if this is my serach query you will lose all your data.

  $result = mysql_query("select * from tbl1 where Name='".mysql_escape_string ($_POST["value"]."'" );

这篇关于在多个列中搜索多个项目的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！