0
Here you go. This will take all of the text user entered, get separate words and look for any of those words (whole or part - pick which where clause you wnt)
干得好。这将取得用户输入的所有文本,获取单独的单词并查找任何单词(全部或部分 - 选择您所在的where where子句)
Let's assume that $user_input is set from $_POST
我们假设$ user_input是从$ _POST设置的
$user_input = $_POST;
// try this one for sample data $user_input = "hi hello wh'at els;e is new select 1 from dual;";
$user_input_array = array_map('mysql_real_escape_string', explode(' ',$user_input));
$where_clause = "YOURCOL = '".implode("' OR YOURCOL = '", $user_input_array)."'";
echo $where_clause.'
';
// if you want to use IN
$where_clause = " YOURCOL IN ('".implode("', '", $user_input_array)."')";
echo $where_clause.'
';
// if you want to use LIKE
$where_clause = "YOURCOL LIKE '%".implode("%' OR YOURCOL LIKE '%", $user_input_array)."%'";
echo $where_clause.'
';
Results from above are:
以上结果是:
YOURCOL = 'hi' OR YOURCOL = 'hello' OR YOURCOL = 'wh\'at' OR YOURCOL = 'els;e' OR YOURCOL = 'is' OR YOURCOL = 'new' OR YOURCOL = 'select' OR YOURCOL = '1' OR YOURCOL = 'from' OR YOURCOL = 'dual;'
YOURCOL ='hi'或YOURCOL ='hello'或YOURCOL ='wh \'在'OR YOURCOL ='els; e'或YOURCOL ='是'或YOURCOL ='new'或YOURCOL ='select'或YOURCOL =' 1'或YOURCOL ='来自'OR YOURCOL ='dual;'
YOURCOL IN ('hi', 'hello', 'wh\'at', 'els;e', 'is', 'new', 'select', '1', 'from', 'dual;')
YOURCOL IN('hi','hello','wh''at','els; e','is','new','select','1','from','dual;')
YOURCOL LIKE '%hi%' OR YOURCOL LIKE '%hello%' OR YOURCOL LIKE '%wh\'at%' OR YOURCOL LIKE '%els;e%' OR YOURCOL LIKE '%is%' OR YOURCOL LIKE '%new%' OR YOURCOL LIKE '%select%' OR YOURCOL LIKE '%1%' OR YOURCOL LIKE '%from%' OR YOURCOL LIKE '%dual;%'
YOURCOL喜欢'%hi%'或YOURCOL喜欢'%hello%'或YOURCOL喜欢'%wh''%'或YOURCOL喜欢'%els; e%'或YOURCOL喜欢'%is%'或YOURCOL LIKE'%new %'或YOURCOL LIKE'%select%'或YOURCOL LIKE'%1%'或YOURCOL类似'%from%'或YOURCOL LIKE'%dual;%'