如何使用PHP上的输入搜索下拉列表

希望一切都会 . 我喜欢这个问题,任何人都可以帮助我 . 我得到了下拉的值,我把它输入,但我无法搜索它 . 我使用jQuery从bootstrap下拉列表中获取值以提供输入 .

<!-- HTML Code With Form --> 
  <!-- Basic dropdown -->
  <form method="post" enctype="multipart/form-data" action="team.php" 
  class="form-inline active-purple-3 active-purple-4" style="width:400px; 
  margin-top:-50px; margin-left:125px; ">

  <button id="sb" class="btn btn-primary dropdown-toggle mr-4" type="button" 
  data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" 
  style="margin-top:20px; margin-left:-140px;">Search By</button>

  <div class="dropdown-menu"  id="dm" style="margin-left:89px; margin- 
  top:-963px;">

  <a class="dropdown-item" id="dl" href="#" value="ID">BY ID</a>
  <a class="dropdown-item" id="dl" href="#" value="Name">Name</a>
  <a class="dropdown-item" id="dl" href="#" value="Positon">Position</a>
  </div>
  <input type='hidden' name='thenumbers'>
  <!-- Basic dropdown -->
  <!-- Search form -->
  <i class="fa fa-search" aria-hidden="true" style="margin-top:15px;"></i>
  <input name="txtSearch" class="form-control form-control-sm ml-3 w-75" 
  id="in" type="text" placeholder="Search" style=" margin-top:15px; border- 
  radius:5px 5px 5px 5px;" aria-label="Search">
  <button type="Submit" name="searchrec" class="btn btn-primary" 
  style="margin-left:365px; margin-top:-55px;">Search</button>
  </form>



  <!-- jQuery Code -->
   <script>
   $(document).ready(function(){
   $('#dm a').on('click', function(){
   $('#sb').text($(this).text());
    });
    });
   </script>
   <script>
   $(function(){
 //Listen for a click on any of the dropdown items
  $("#dm a").click(function(){
    //Get the value
    var value = $(this).text();
    //Put the retrieved value into the hidden input
    $("input[name='thenumbers']").val(value);
   });
   });
   </script>
  <!-- jQuery Code End -->


   <!-- PHP Code  -->
   <?php
   include "Config.php";
   if(isset($_POST['searchrec']))
   {
  $txtSearch=$_POST['txtSearch'];
  $column=$_POST['thenumbers'];

 if($column == "BY ID")
 {

 $query1="SELECT * FROM ourteam WHERE id LIKE '%$txtSearch%'";
 $result1=mysqli_query($db,$query1);
 $count=mysqli_num_rows($result1);
 if($count == 0)
 {

 }else{
 while($rowr=mysqli_fetch_array($result1))
 {
     $id=$rowr['id'];
     $name=$rowr['name'];
     echo "<script>alert($name);</script>";
 }
 }

这个PHP代码仅用于ID,我也使用elesif语句用于其他实体 .

回答(1)

2 years ago

首先,获取值而不是文本:

//Get the value
var value = $(this).attr('value'); // instead of text

然后,将其映射到服务器端

$allowed_columns = ['id', 'name', 'position'];
$column = $_POST['thenumbers'];
$txtSearch = $_POST['txtSearch'];

// Check the field name
if (!in_array($column, $allowed_columns)) {
    // Throw some exception, or do whatever you want
}

// Sanitize the value
$txtSearch = mysqli_real_escape_string($txtSearch);

$query1="SELECT * FROM ourteam WHERE `$column` LIKE '%$txtSearch%'";

// ...