使用数组创建动态 MySQL 查询 - PHP

Question

我正在尝试运行查询 MySQL 正在使用 LIKE 查找其中的片段。

Table 结构：Table示例

id    name     piece   
0     jon      piece0
1     james    piece3
2     sarah    piece6

我目前的截图：

$pieces  = "piece0 piece1";  //variable
$piecearrayexplode = explode(" ", $pieces);
$piece0 = $piecearrayexplode[0];
$piece1 = $piecearrayexplode[1];

$sql = "SELECT * FROM TableExample WHERE piece LIKE '%$piece0%' OR pieces LIKE '%$piece1%'";

我遇到的问题是 $pieces 是一个变量，我需要 $sql 是动态的并自动包含正确数量的 LIKE 语句。

例如如果 $pieces = "piece0 piece1 piece2"，我希望 $sql 为：

$sql = "SELECT * FROM TableExample WHERE piece LIKE '%$piecearrayexplode[0]%' OR pieces LIKE '%$piecearrayexplode[1]%' OR pieces LIKE '%$piecearrayexplode[2]%'";

注意：$pieces 始终由 space 分隔。

我可以统计字数。

$count = str_word_count($pieces);

我不知道从那里去哪里。

我确实看过这个Create a dynamic mysql query using php variables

这似乎不是我要找的，因为 LIKE 是连续的，而不是像 WHERE 这样的 1 个语句。我在这里遗漏了什么吗？

Answer 1

所以也动态地构建您的查询：

$foo = '... list of pieces ...';
$parts = explode(' ', $foo);

$likes = array();
foreach($parts as $part) {
   $likes[] = "piece LIKE '%$part%'";
}

$sql = "SELECT ... WHERE " . implode(' or ', $likes);

但请注意，这很容易受到 sql injection attacks.

的攻击

Answer 2

可以遍历数组，逐条添加查询。（未测试）

$pieces = "piece0 piece1 piece2";
$piecesArr = explode(" ", $pieces);

$sql = "SELECT * FROM TableExample WHERE piece LIKE"; 

$first = true;
foreach ( $piecesArr as $PA ) {
   if ( $first ) {
     $sql .= " '%$PA%'";
     $first = !$first;
   }
   else $sql .= " OR pieces LIKE '%$PA%'"`;
}

Answer 3

我基本上所做的是从视图中动态生成我的结果。然后我在视图中填充了具有列名值的下拉列表，然后将这些变量从视图传递给 select 语句。

<?php

error_reporting(0);
# FileName="Connection_php_mysql.htm"
# Type="MYSQL"
# HTTP="true"
$hostname_connection = "localhost";
$database_connection = "xxx";
$username_connection = "root";
$password_connection = "";
$connect = mysql_pconnect($hostname_connection, $username_connection, $password_connection) or trigger_error(mysql_error(),E_USER_ERROR);
mysql_select_db($database_connection,$connect);

$col1=$_POST['col1'];
$col2=$_POST['col2'];
$col3=$_POST['col3'];

$result = mysql_query("SELECT $col1 as column1,$col2 as column2,$col3 as colmun3 FROM variety_view");

if(!$result){
echo "failed";
} else {
echo "Perfecto";

}

echo "<table>"; // start a table tag in the HTML

while($row = mysql_fetch_array($result)){   //Creates a loop to loop through results
echo "<tr>
<td>" . $row['column1'] . "</td>
<td>" . $row['column2'] . "</td>
<td>" . $row['colmun3'] . "</td>
</tr>";  //$row['index'] the index here is a field name
}

echo "</table>"; //Close the table in HTML

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>

<form method="Post" action="">
<select name="col1">
<option value="official_name">Variety Name</option>
<option value="localname">Local name</option>
<option value="country">Country</option>
<option value="pedigree">Pedigree</option>
</select> &nbsp;
<select name="col2">
<option value="official_name">Variety Name</option>
<option value="localname">Local name</option>
<option value="country">Country</option>
<option value="pedigree">Pedigree</option>
</select> &nbsp; &nbsp;
<select name="col3">
<option value="official_name">Variety Name</option>
<option value="localname">Local name</option>
<option value="country">Country</option>
<option value="pedigree">Pedigree</option>
</select> <br />

<input type="submit" value="Search" />

</form>
</body>
</html>

使用数组创建动态 MySQL 查询 - PHP

Create a Dynamic MySQL Query using an Array - PHP

php

mysql

dynamicquery

sql-like