查询 - PHP ADODB 上的运算符之间
Query - Between operator on PHP ADODB
我有一个带有两个日期选择器 (dd/mm/yyyy) 的表单。
代码:
<label for="from">From Date:</label>
<input type="text" id="from" name="from">
<label for="to">to Date:</label>
<input type="text" id="to" name="to">
我尝试 select 这个范围的数据 PHP。 但是出现错误
Fatal error: Uncaught exception 'com_exception' with message
'Source: Microsoft OLE DB Provider for ODBC
Drivers
Description: [Microsoft][Driver ODBC Microsoft
Access] Tipi di dati non corrispondenti nell'espressione criterio.' in
C:\Program Files
(x86)\EasyPHP-Devserver-16.1\eds-www\DinamicoWeb\index.php:43 Stack
trace: #0 C:\Program Files
(x86)\EasyPHP-Devserver-16.1\eds-www\DinamicoWeb\index.php(43):
com->execute('SELECT [Id Ord]...') #1 {main} thrown in C:\Program
Files (x86)\EasyPHP-Devserver-16.1\eds-www\DinamicoWeb\index.php on
line 43
所以这是我的 php 文件(没有日期也能完美运行):
$input=$_POST['input'];
$id=$_POST['id'];
$tipo=$_POST['tipo'];
$numero1=$_POST['numero1'];
$numero2=$_POST['numero2'];
$data1=$_POST['from'];
$data2=$_POST['to'];
if (empty($input)) {
$sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo' OR [Data Ord] BETWEEN '$data1' AND '$data2'";
} else {
$sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Indirizzo] LIKE '%$input%' OR [Ragione Sociale] LIKE '%$input%' OR [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo'" OR [Data Ord] BETWEEN '$data1' AND '$data2'";
}
第 43 行:
$rs = $con->execute($sql);
形式:(不计算1到100的个数)
首先,您的代码是 SQL 注入的公开邀请。您应该使用参数化查询。
然后,如果数据库是 MS Access,并且 [Data Ord]
是 date 类型,在 SQL 中你应该用 [=12] 包围你的日期=] 而不是 '
,并将它们正确格式化如下:MM/DD/YYYY
有点喜欢这个。
$input=$_POST['input'];
$id=$_POST['id'];
$tipo=$_POST['tipo'];
$numero1=$_POST['numero1'];
$numero2=$_POST['numero2'];
$data1=date('m/d/Y', strtotime($_POST['from']));;
$data2=date('m/d/Y', strtotime($_POST['to']));;
if (empty($input)) {
$sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo' OR [Data Ord] BETWEEN #$data1# AND #$data2#";
} else {
$sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Indirizzo] LIKE '%$input%' OR [Ragione Sociale] LIKE '%$input%' OR [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo'" OR [Data Ord] BETWEEN #$data1# AND #$data2#";
}
我不知道您的 POST 数据是如何格式化的,因此您可能需要更改我格式化日期的方式
我有一个带有两个日期选择器 (dd/mm/yyyy) 的表单。
代码:
<label for="from">From Date:</label>
<input type="text" id="from" name="from">
<label for="to">to Date:</label>
<input type="text" id="to" name="to">
我尝试 select 这个范围的数据 PHP。 但是出现错误
Fatal error: Uncaught exception 'com_exception' with message 'Source: Microsoft OLE DB Provider for ODBC Drivers
Description: [Microsoft][Driver ODBC Microsoft Access] Tipi di dati non corrispondenti nell'espressione criterio.' in C:\Program Files (x86)\EasyPHP-Devserver-16.1\eds-www\DinamicoWeb\index.php:43 Stack trace: #0 C:\Program Files (x86)\EasyPHP-Devserver-16.1\eds-www\DinamicoWeb\index.php(43): com->execute('SELECT [Id Ord]...') #1 {main} thrown in C:\Program Files (x86)\EasyPHP-Devserver-16.1\eds-www\DinamicoWeb\index.php on line 43
所以这是我的 php 文件(没有日期也能完美运行):
$input=$_POST['input'];
$id=$_POST['id'];
$tipo=$_POST['tipo'];
$numero1=$_POST['numero1'];
$numero2=$_POST['numero2'];
$data1=$_POST['from'];
$data2=$_POST['to'];
if (empty($input)) {
$sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo' OR [Data Ord] BETWEEN '$data1' AND '$data2'";
} else {
$sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Indirizzo] LIKE '%$input%' OR [Ragione Sociale] LIKE '%$input%' OR [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo'" OR [Data Ord] BETWEEN '$data1' AND '$data2'";
}
第 43 行:
$rs = $con->execute($sql);
形式:(不计算1到100的个数)
首先,您的代码是 SQL 注入的公开邀请。您应该使用参数化查询。
然后,如果数据库是 MS Access,并且 [Data Ord]
是 date 类型,在 SQL 中你应该用 [=12] 包围你的日期=] 而不是 '
,并将它们正确格式化如下:MM/DD/YYYY
有点喜欢这个。
$input=$_POST['input'];
$id=$_POST['id'];
$tipo=$_POST['tipo'];
$numero1=$_POST['numero1'];
$numero2=$_POST['numero2'];
$data1=date('m/d/Y', strtotime($_POST['from']));;
$data2=date('m/d/Y', strtotime($_POST['to']));;
if (empty($input)) {
$sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo' OR [Data Ord] BETWEEN #$data1# AND #$data2#";
} else {
$sql="SELECT [Id Ord] AS [ID], [Tipo Ord] AS [Tipo], [N Ord] AS [Numero], [Data Ord] AS [Data], [Ragione Sociale], [Indirizzo], [TotImp] AS [IMPORTO TOTALE], [TotIva] AS [IMPORTO IVA] FROM [Ordini] WHERE [Indirizzo] LIKE '%$input%' OR [Ragione Sociale] LIKE '%$input%' OR [Id Ord] LIKE '$id' OR [Tipo Ord] LIKE '$tipo'" OR [Data Ord] BETWEEN #$data1# AND #$data2#";
}
我不知道您的 POST 数据是如何格式化的,因此您可能需要更改我格式化日期的方式