如果我单击我的搜索字段并在不输入任何文本的情况下提交它,则会返回我数据库中的所有数据。这是如何停止的,所以什么也没有发生?
查看网站:
weezy.co.uk/newresults.php
谢谢!
詹姆斯
<?php
$conn = mysql_connect("cust-mysql-123-02", "uwee_641290_0001", "La0%-Mr4");
if (!$conn) {
echo "Unable to connect to DB: " . mysql_error();
exit;
}
{
$search = "%" . $_POST["search"] . "%";
$searchterm = "%" . $_POST["searchterm"] . "%";
}
if (!mysql_select_db("weezycouk_641290_db1")) {
echo "Unable to select mydbname: " . mysql_error();
exit;
}
$sql = "SELECT name,lastname,email
FROM test_mysql
WHERE name LIKE '%".$search."%' AND lastname LIKE '%".$searchterm."%'";
$result = mysql_query($sql);
if (!$result) {
echo "Could not successfully run query ($sql) from DB: " . mysql_error();
exit;
}
if (mysql_num_rows($result) == 0) {
echo "No rows found, nothing to print so am exiting";
exit;
}
while ($row = mysql_fetch_assoc($result)) {
echo '<br>';
echo '<br>';
echo '<div class="data1">';
echo $row["name"];
echo '</div>';
echo '<br>';
echo '<div class="data2">';
echo $row["lastname"];
echo '</div>';
echo '<br>';
echo '<div class="data3">';
echo $row["email"];
echo '</div>';
}
mysql_free_result($result);
?>
最佳答案
你应该在进行查询之前检查它是否为空:
if(empty($_POST['searchterm'])){
//don't search and show an error message
}else{
//proceed as normal, do the query
}
否则您最终可能会进行如下查询:
WHERE name LIKE('%%')
这真的很昂贵并返回所有数据库行
关于php - 提交空搜索字段时如何停止搜索字段返回所有结果?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/7889573/