dongzan1970 2014-08-17 19:33
浏览 68
已采纳

SQL查询条件不起作用

I'm working on a search script with pagination but can't get it to work properly.

Here is my query: 

$query = "SELECT COUNT(*) FROM server_data WHERE trash = '0' AND server_address LIKE '%$search%' OR title LIKE '%$search%' OR short_desc LIKE '%$search%'";

This is to count how many results there are in the database.

Here is my query for the actual data:

$query = "SELECT * FROM server_data WHERE trash = '0' AND server_address LIKE '%$search%' OR title LIKE '%$search%' OR short_desc LIKE '%$search%' ORDER BY id DESC $limit";

For some reason, this is returning results where trash = 1 and trash = 0, when it should only be returning where trash = 0 obviously. Anybody have any idea why this could be happening?

  • 写回答

1条回答 默认 最新

  • douyiyang6317 2014-08-17 19:36
    关注

    Use parenthesis

    $query = "SELECT * FROM server_data WHERE trash = '0' AND (server_address LIKE '%$search%' OR title LIKE '%$search%' OR short_desc LIKE '%$search%') ORDER BY id DESC $limit";

    Without parenthesis your query is evaluated as follows:

    $query = "SELECT * FROM server_data WHERE (trash = '0' AND server_address LIKE '%$search%') OR title LIKE '%$search%' OR short_desc LIKE '%$search%' ORDER BY id DESC $limit";

    The reason for this is that AND is "strong" than OR (it's like in math where multiplication is stronger than addition: 3*5+3=15+3=18).

    Btw. please make sure $search is properly escaped, otherwise you allow SQL injection.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 在获取boss直聘的聊天的时候只能获取到前40条聊天数据
  • ¥20 关于URL获取的参数,无法执行二选一查询
  • ¥15 液位控制,当液位超过高限时常开触点59闭合,直到液位低于低限时,断开
  • ¥15 marlin编译错误,如何解决?
  • ¥15 有偿四位数,节约算法和扫描算法
  • ¥15 VUE项目怎么运行,系统打不开
  • ¥50 pointpillars等目标检测算法怎么融合注意力机制
  • ¥20 Vs code Mac系统 PHP Debug调试环境配置
  • ¥60 大一项目课,微信小程序
  • ¥15 求视频摘要youtube和ovp数据集