데이터베이스 필터링에 문제가 있습니다.이 코드는 있지만 제출 버튼 검색을 클릭 한 후 필터링 된 데이터베이스가 표시되지 않습니다.
<form method="POST" action="client.php">
<div id="Search" style="display:none">
<h4>Search Client</h4>
<table>
<tr>
<td>
<input type="text" name="text" placeholder="Keyword" />
</td>
<td>
   
</td>
<td>
<select id="search_by" name="search_by">
<option value="Reference">Reference</option>
<option value="Lastname">Lastname</option>
<option value="Firstname">Firstname</option>
<option value="Province">Province</option>
<option value="Request">Request</option>
<option value="Status">Status</option>
</select>
</td>
<td>
   
</td>
<td>
<input type="submit" name="btn_search" value="Search">
</td>
</tr>
</table>
<br>
<?php
$res=mysqli_query($con,"SELECT*FROM client_info");
echo "<table style='font-size:12px;border-spacing:5px; background-color:white; width:100%;'>";
echo "<tr>";
echo "<th> Reference No </th>";
echo "<th> Lastname </th>";
echo "<th> Firstname </th>";
echo "<th> Middlename </th>";
echo "<th> Street </th>";
echo "<th> Brgy </th>";
echo "<th> Town </th>";
echo "<th> Prov </th>";
echo "<th> Mobile </th>";
echo "<th> Email </th>";
echo "<th> Event </th>";
echo "<th> Venue </th>";
echo "<th> No. of Attendants </th>";
echo "<th> Request </th>";
echo "<th> Payment Ammount </th>";
echo "<th> Payment Status </th>";
echo "</tr>";
while ($row=mysqli_fetch_array($res)) {
echo "<tr>";
echo "<td>". $row["ref_no"] . "</td>";
echo "<td>". $row["last_name"] . "</td>";
echo "<td>". $row["first_name"] . "</td>";
echo "<td>". $row["middle_name"] . "</td>";
echo "<td><center>". $row["street"] . "</center></td>";
echo "<td><center>". $row["brgy"] . "</center></td>";
echo "<td><center>". $row["town"] . "</center></td>";
echo "<td><center>". $row["prov"] . "</center></td>";
echo "<td><center>". $row["mobile"] . "</center></td>";
echo "<td><center>". $row["email_add"] . "</center></td>";
echo "<td><center>". $row["event"] . "</center></td>";
echo "<td><center>". $row["venue"] . "</center></td>";
echo "<td><center>". $row["number_attendants"] . "</center></td>";
echo "<td><center>". $row["request_res"] . "</center></td>";
echo "<td><center>". $row["payment_amount"] . "</center></td>";
echo "<td><center>". $row["payment_res"] . "</center></td>";
echo "</tr>";
}
echo "</table>";
?>
</form>
<?php
if (isset($_POST['btn_search'])) {
if ($_POST['search_by'] == 'Reference') {
$res=mysqli_query($con,"SELECT*FROM client_info WHERE ref_no LIKE '%".$_POST['text']."%'");
echo "<table style='font-size:12px;border-spacing:5px; background-color:white; width:100%;'>";
echo "<tr>";
echo "<th> Reference No </th>";
echo "<th> Lastname </th>";
echo "<th> Firstname </th>";
echo "<th> Middlename </th>";
echo "<th> Street </th>";
echo "<th> Brgy </th>";
echo "<th> Town </th>";
echo "<th> Prov </th>";
echo "<th> Mobile </th>";
echo "<th> Email </th>";
echo "<th> Event </th>";
echo "<th> Venue </th>";
echo "<th> No. of Attendants </th>";
echo "<th> Request </th>";
echo "<th> Payment Ammount </th>";
echo "<th> Payment Status </th>";
echo "</tr>";
while ($row=mysqli_fetch_array($res)) {
echo "<tr>";
echo "<td>". $row["ref_no"] . "</td>";
echo "<td>". $row["last_name"] . "</td>";
echo "<td>". $row["first_name"] . "</td>";
echo "<td>". $row["middle_name"] . "</td>";
echo "<td><center>". $row["street"] . "</center></td>";
echo "<td><center>". $row["brgy"] . "</center></td>";
echo "<td><center>". $row["town"] . "</center></td>";
echo "<td><center>". $row["prov"] . "</center></td>";
echo "<td><center>". $row["mobile"] . "</center></td>";
echo "<td><center>". $row["email_add"] . "</center></td>";
echo "<td><center>". $row["event"] . "</center></td>";
echo "<td><center>". $row["venue"] . "</center></td>";
echo "<td><center>". $row["number_attendants"] . "</center></td>";
echo "<td><center>". $row["request_res"] . "</center></td>";
echo "<td><center>". $row["payment_amount"] . "</center></td>";
echo "<td><center>". $row["payment_res"] . "</center></td>";
echo "</tr>";
}
echo "</table>";
}
}
?>
</div>
필터링 된 결과 가 표시되는 것 같습니다 . 매번 필터링되지 않은 결과를 출력하고 검색 양식이 제출 된 경우 필터링 된 결과를 출력하기 때문에 그렇지 않은 것처럼 보입니다. 검색 양식이 제출되었는지 여부에 따라 다른 쿼리를 실행하기 만하면됩니다. 이 같은.
// search form
if (isset($_POST['btn_search'])) {
if ($_POST['search_by'] == 'Reference') {
$res = mysqli_query($con, "SELECT * FROM client_info WHERE ref_no LIKE '%".$_POST['text']."%'");
}
} else {
$res = mysqli_query($con, "SELECT * FROM client_info");
}
// display your query results
또한 쿼리는 SQL 주입에 취약합니다. 그것은 여기서 문제의 요점을 벗어 났지만 SQL에 post 값을 연결하는 대신 준비된 문을 사용하는 것을 고려해야합니다.
이 기사는 인터넷에서 수집됩니다. 재 인쇄 할 때 출처를 알려주십시오.
침해가 발생한 경우 연락 주시기 바랍니다[email protected] 삭제
몇 마디 만하겠습니다