问题
I've created the "Customers' Information" in the database. I also put and view it on my customers.php page. Help me to make some "Search box" inside the page. The search box will only search and view what keyword nearer in my database table.
Example: When I search "Jenny" the result of search box will be all "Jenny" in my database table. When my search box don't find "Jenny," the search box will say "no results found"
Here is my code in customers.php
<?php
$conn = mysqli_connect('localhost','root','','newcartdb');
if(mysqli_connect_errno()){
echo 'Failed to Connect: '.mysqli_connect_error();
}
if(isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM customers WHERE id='$_POST[hidden]'";
mysqli_query($conn,$DeleteQuery);
}
$query = "SELECT * FROM customers ORDER BY id ASC";
$results = mysqli_query($conn,$query);
echo '<table class="table table-bordered">
<thead>
<tr>
<th width="40px">ID</th>
<th>Email</th>
<th>Firstname</th>
<th>Lastname</th>
<th>Gender</th>
<th>Titlename</th>
<th>BirthMonth</th>
<th>BirthDay</th>
<th>BirthYear</th>
<th>Cellphone Number</th>
<th>Phone Number</th>
<th>Address1</th>
<th>Address2</th>
<th></th>
</tr>
</thead>
<tbody>
</tbody>';
while($userData = mysqli_fetch_array($results)){
echo '<form action="customers.php" method="POST">';
echo '<tr>';
echo '<td>'.$userData['id'].'</td>';
echo '<td>'.$userData['Email'].'</td>';
echo '<td>'.$userData['Firstname'].'</td>';
echo '<td>'.$userData['Lastname'].'</td>';
echo '<td>'.$userData['Gender'].'</td>';
echo '<td>'.$userData['Titlename'].'</td>';
echo '<td>'.$userData['BirthMonth'].'</td>';
echo '<td>'.$userData['BirthDay'].'</td>';
echo '<td>'.$userData['BirthYear'].'</td>';
echo '<td>'.$userData['CellphoneNumber'].'</td>';
echo '<td>'.$userData['PhoneNumber'].'</td>';
echo '<td>'.$userData['Address1'].'</td>';
echo '<td>'.$userData['Address2'].'</td>';
echo '<td><input type="hidden" name="hidden" value="'.$userData['id'].'">';
echo '<td><input type="submit" name="delete" value="Delete" class="btn btn-info" / ></td>';
echo '</tr>';
echo '</form>';
}
echo '</table>';
?>
回答1:
There are a few things you will need to know to be able to do this. Firstly the security bit...
Basically you want to never trust data that is submitted to your application. When accepting data for use in a MySQL statement, you could use PHP's built in escape functions for MySQL. ref: http://php.net/manual/en/mysqli.real-escape-string.php
You already seem to know how to get data from the submitted form as I see you accessed the $_POST superglobal. For your search, you will do something similar. It would be something like $_POST['search'] where you are getting data posted from a form with a text element with the name "search".
You will need an SQL query to search for results. Without seeing you database schema it's hard to say for user, but I suspect this would work.
$search = mysqli_real_escape_string($_POST['search']);
$query= "
SELECT *
FROM customers
WHERE
Firstname LIKE '%{$search}%'
OR Lastname LIKE '%{$search}%'
OR Email LIKE '%{$search}%'
";
$results = mysqli_query($conn,$query);
Once you have the results, you should be able to display them the same way you did with the example you gave.
Hope this helps!
来源:https://stackoverflow.com/questions/25829247/how-to-put-search-box-in-the-database-table-using-php-and-mysql