替换多个值+在 SQL 查询中?

【问题标题】:replace multiple values+in SQL query?替换多个值+在 SQL 查询中?
【发布时间】:2010-12-27 22:52:08
【问题描述】:

我想使用用户在字段中的输入来搜索数据。也就是说,如果用户输入 "D+t+y+g,k,j,h" 想要搜索具有字母 "d and t and y and g or k or j or h"。我尝试了 PHP str_replace 函数,但结果不喜欢。

//kw is text field... 
if($kw != "") {
  //here we check for some data in field; if yes, continue below

  //c is for ',' replaced in JavaScript 
  $kw1 = str_replace("c"," OR bcm.keywords LIKE '$kw%' ",$kw);

  //p is for '+' replaced in JavaScript//'bcm' is table name.
  $kw3 = str_replace("p"," AND bcm.keywords LIKE '$kw%' ",$kw1);

  //for appending into main query string
  $app.=$kw3; 
  //$app.=" AND bcm.keywords LIKE '$kw%'";
}

...但是对于输入 "D+t+y+g,k,j,h",查询结果如下:

AND bcm.keywords LIKE 'Dptpypgckcjch%' t 
AND bcm.keywords LIKE 'Dptpypgckcjch%' y 
AND bcm.keywords LIKE 'Dptpypgckcjch%' g 
OR bcm.keywords LIKE 'D 
AND bcm.keywords LIKE 'Dptpypgckcjch%' t 
AND bcm.keywords LIKE 'Dptpypgckcjch%' y 
AND bcm.keywords LIKE 'Dptpypgckcjch%' gckcjch%' k 
OR bcm.keywords LIKE 'D 
AND bcm.keywords LIKE 'Dptpypgckcjch%' t 
AND bcm.keywords LIKE 'Dptpypgckcjch%' y 
AND bcm.keywords LIKE 'Dptpypgckcjch%' gckcjch%' j 
OR bcm.keywords LIKE 'D 
AND bcm.keywords LIKE 'Dptpypgckcjch%' t 
AND bcm.keywords LIKE 'Dptpypgckcjch%' y 
AND bcm.keywords LIKE 'Dptpypgckcjch%' gckcjch%' h**

...当我想要/需要的是:

AND bcm.keywords LIKE 'D%' 
AND bcm.keywords LIKE 't%' 
AND bcm.keywords LIKE 'y%' 
AND bcm.keywords LIKE 'g%' 
OR bcm.keywords LIKE 'k%' 
OR bcm.keywords LIKE 'j%' 
OR bcm.keywords LIKE 'h%'

【问题讨论】:

  • 你知道......阅读你的代码和你的问题太难了。我以not a real question 的身份关闭...
  • @Chacha:如果您可以投票关闭,那么您还应该有权编辑帖子以清理格式。更新 300 条帖子后,它甚至还有一个徽章 - Strunk & White。
  • 如果其他人为他们修复它,他们永远不会知道 ;)
  • @Jani:如果您不提供降价链接,则不会:stackoverflow.com/editing-help
  • @dev646: 什么数据库?可能同样复杂,但将过滤条件转换为正则表达式可能是一个更好的主意。

标签: php javascript sql string


【解决方案1】:

javascript中的解决方案

var getSearchSql = function(kw) 
{
  if(kw != "") 
  {
    var ors = kw.split(",");
    var sql = "";
    var sqlVariable = "bcm.keywords";
    for(i = 0; i < ors.length; i++)
    {
      var ands = ors[i].split("+");
      sql += (i == 0)? "(": " OR (";
      for(j = 0; j < ands.length; j++)
      {
          sql += (j == 0)? "": " AND ";
          sql += sqlVariable + " LIKE '%" + ands[j] + "%' "
      }
      sql += ")"
    }
  }
  return sql;
}

产生以下结果(kw = "D+t+y+g,k,j,h" 时)

(bcm.keywords LIKE '%D%' 
    AND bcm.keywords LIKE '%t%' 
    AND bcm.keywords LIKE '%y%' 
    AND bcm.keywords LIKE '%g%') 
OR (bcm.keywords LIKE '%k%') 
OR (bcm.keywords LIKE '%j%') 
OR (bcm.keywords LIKE '%h%')

【讨论】:

  • 美女... thnx ...我经历了这种方式但无法继续...干得好!
【解决方案2】:

试试这个:

<?
    $str = "D+t+y+g,k,j,h";

    $comNext = 0;
    for ($i = 0 ; $i < strlen($str);$i++){
        if ($str[$i+1] == "+"){
            $andKey .= " AND bcm.keywords LIKE '".$str[$i]."%'";
        }else if ($str[$i+1] == "," || $str[$i+1] == ""){
            if ($comNext == 0)
                $andKey .= " AND bcm.keywords LIKE '".$str[$i]."%'";
            else
                $orKey .= " OR bcm.keywords LIKE '".$str[$i]."%'";
            $comNext = 1;
        }

    }
    echo $andKey.$orKey;
?>

给我:

AND bcm.keywords LIKE 'D%' AND bcm.keywords LIKE 't%' AND bcm.keywords LIKE 'y%' AND bcm.keywords LIKE 'g%' OR bcm.keywords LIKE 'k%' OR bcm.keywords LIKE 'j%' OR bcm.keywords LIKE 'h%'

【讨论】:

  • 做得很好...!而不是 '+ and ,' 如果我们给出 'p 和 c' 它也会采用这个并显示输出包括... 'AND bcm.keywords LIKE 'l%' AND bcm.keywords LIKE 'p%' AND bcm.keywords LIKE 'o%' OR bcm.keywords LIKE 'c%'
  • 意思是不使用 + 和 , 作为分隔符。你想要,p 和 c 作为分隔符.. 它不能完成,因为字母是搜索的关键
  • 确实......但这对我来说是一个新想法......美丽!
【解决方案3】:

下面的答案带有 cmets 供某人参考...谢谢亲爱的帮助...

var ors = kw.split(",");//SPLITS WHERE , IS PRESENT
var sql = "";//INITIALISE SQL VARIABLE,TO BE PASSED TO AJAX
var sqlVariable = " LOWER(bcm.keywords)";//CONVERTS TO LOWER CASE FOR CHECKING, FROM DB
for(i = 0; i < ors.length; i++)// INITIALISE ARRAY TO GIVE OR WHERE , IS PRESENT 
                               // AND FOR FURTHER SPLITTING WHERE + IS PRESENT TILL ORS LENGTH ... 
                               // IE: ORS. LENGTH WILL HAVE VALUE FOR AT LEAST SINGLE , IN STRING
{
  var ands = ors[i].split("+");//SPLIT STRING WHERE + IS PRESENT
  sql += (i == 0)? "(": " OR (";//REPLACE , WITH OR
  for(j = 0; j < ands.length; j++)// SIMILAR STEPS TO ABOVE TO REPLACE + WITH AND
  {
      sql += (j == 0)? "": " AND ";
      sql += sqlVariable + " LIKE '%" + ands[j] + "%' "

  }
  sql += ")"// THE FINAL SQL ,WITH ALL BRACKETS, IS PASSED TO AJAX FOR 
               APPENDING TO SOME QUERY STATEMENT.
}

:)

【讨论】:

  • 也许最好将此 cmets 直接放在 @ecounysis 答案中(SO 是一个协作的地方),或者在他的答案末尾添加您的注释代码块。 (小写更好)谢谢!
【解决方案4】:

恕我直言,使用 javascript 编写 SQL 语句太疯狂了,您在应用程序中打开了广泛的安全漏洞!

如果您想在提交数据之前在客户端处理数据,最好使用 json 或任何其他格式,但请让 SQL 留给服务器端处理。

【讨论】:

    猜你喜欢
    • 2019-06-19
    • 1970-01-01
    • 1970-01-01
    • 2016-12-17
    • 1970-01-01
    • 2018-06-08
    • 2012-06-18
    • 2020-05-08
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode