数据表 + 服务器端处理 + 搜索筛选
datatables + serverside processing + search filtering
我正在遵循本教程:
http://coderexample.com/datatable-demo-server-side-in-phpmysql-and-ajax/
这是演示:
http://coderexample.com/demo/datatable-demo-server-side-in-phpmysql-and-ajax/
如果我在搜索输入中搜索ou
,我会得到No matching records found
但我希望返回的是至少Airi Satou
这一行。
我认为这是我必须更改的代码,因为我必须做搜索服务器端。
<?php
/* Database connection start */
$servername = "localhost";
$username = "root";
$password = "Password1";
$dbname = "test";
$conn = mysqli_connect($servername, $username, $password, $dbname) or die("Connection failed: " . mysqli_connect_error());
/* Database connection end */
// storing request (ie, get/post) global array to a variable
$requestData= $_REQUEST;
$columns = array(
// datatable column index => database column name
0 =>'employee_name',
1 => 'employee_salary',
2=> 'employee_age'
);
// getting total number records without any search
$sql = "SELECT employee_name, employee_salary, employee_age ";
$sql.=" FROM employee";
$query=mysqli_query($conn, $sql) or die("employee-grid-data.php: get employees");
$totalData = mysqli_num_rows($query);
$totalFiltered = $totalData; // when there is no search parameter then total number rows = total number filtered rows.
if( !empty($requestData['search']['value']) ) {
// if there is a search parameter
$sql = "SELECT employee_name, employee_salary, employee_age ";
$sql.=" FROM employee";
$sql.=" WHERE employee_name LIKE '".$requestData['search']['value']."%' "; // $requestData['search']['value'] contains search parameter
$sql.=" OR employee_salary LIKE '".$requestData['search']['value']."%' ";
$sql.=" OR employee_age LIKE '".$requestData['search']['value']."%' ";
$query=mysqli_query($conn, $sql) or die("employee-grid-data.php: get employees");
$totalFiltered = mysqli_num_rows($query); // when there is a search parameter then we have to modify total number filtered rows as per search result without limit in the query
$sql.=" ORDER BY ". $columns[$requestData['order'][0]['column']]." ".$requestData['order'][0]['dir']." LIMIT ".$requestData['start']." ,".$requestData['length']." "; // $requestData['order'][0]['column'] contains colmun index, $requestData['order'][0]['dir'] contains order such as asc/desc , $requestData['start'] contains start row number ,$requestData['length'] contains limit length.
$query=mysqli_query($conn, $sql) or die("employee-grid-data.php: get employees"); // again run query with limit
} else {
$sql = "SELECT employee_name, employee_salary, employee_age ";
$sql.=" FROM employee";
$sql.=" ORDER BY ". $columns[$requestData['order'][0]['column']]." ".$requestData['order'][0]['dir']." LIMIT ".$requestData['start']." ,".$requestData['length']." ";
$query=mysqli_query($conn, $sql) or die("employee-grid-data.php: get employees");
}
$data = array();
while( $row=mysqli_fetch_array($query) ) { // preparing an array
$nestedData=array();
$nestedData[] = $row["employee_name"];
$nestedData[] = $row["employee_salary"];
$nestedData[] = $row["employee_age"];
$data[] = $nestedData;
}
$json_data = array(
"draw" => intval( $requestData['draw'] ), // for every request/draw by clientside , they send a number as a parameter, when they recieve a response/data they first check the draw number, so we are sending same number in draw.
"recordsTotal" => intval( $totalData ), // total number of records
"recordsFiltered" => intval( $totalFiltered ), // total number of records after searching, if there is no searching then totalFiltered = totalData
"data" => $data // total data array
);
echo json_encode($json_data); // send data as json format
?>
我说这是我必须更改的代码是对的吗?
如果是这样,谁能告诉我必须做什么?
我知道这有很多问题要问,但希望得到指导!
$sql.=" WHERE employee_name LIKE '".$requestData['search']['value']."%' ";
将匹配搜索词,然后匹配任何内容(由于通配符%)
由于您要匹配名称中间的搜索词,因此还需要在乞讨处添加通配符:
$sql.=" WHERE employee_name LIKE '%".$requestData['search']['value']."%' ";
请注意,这将禁止在employee_name
上使用索引,这对您来说可能是也可能不是问题。
这不是最好的搜索方法,您不应该检查所有三个字段,而是询问搜索者使用哪个字段。毕竟年龄和薪水可以有一些匹配的数字。
搜索 27,可以匹配年龄 27 或 27000 工资等。没有人会有鲍勃的年龄,所以做这个搜索是没有意义的
您的查询需要更新。
以下 SQL 语句选择所有以"搜索字段值"开头的employee_name:
$sql.=" WHERE employee_name LIKE '".$requestData['search']['value']."%' ";
因此,您的查询应该如下所示,以获得所需的输出,因为它检查employee_name中是否存在特定模式。
$sql.=" WHERE employee_name LIKE '%".$requestData['search']['value']."%' ";
构造 Where 子句的方式,要搜索的字段必须以搜索词开头。将 where 子句更改为
$sql.=" WHERE employee_name LIKE '%".$requestData['search']['value']."%' ";
通过做你正在做的事情,你也可以对SQL注入持开放态度。您需要使用参数化查询来消除此漏洞。请参阅如何防止 PHP 中的 SQL 注入?供参考
- 淘汰搜索/筛选
- 搜索不清除筛选器
- 数据表 + 服务器端处理 + 搜索筛选
- 添加'错误'消息发送到同位素.JS搜索筛选器
- 如何使用搜索筛选器初始化列表视图
- Lodash关于使用搜索词和多个属性名称进行筛选的帮助
- 基于多搜索输入筛选ngrepeat
- 用于服务器端处理的数据表,包括分页、筛选和搜索
- jQuery Datatables:如何清除列搜索筛选器
- 如何在 SharePoint 中搜索和筛选 20k 个项目
- 使用输入文本框搜索和筛选 html 表数据
- 使用 GPS 位置筛选移动网站上的搜索
- j查询搜索结果筛选
- Jquery 数据表筛选器/搜索表中的图标图像
- 语义 UI 搜索 - 筛选器字段
- CRM 2011 - 筛选的子网格搜索功能
- 如何在填充选择下拉列表中添加搜索筛选器
- 如何在 SharePoint Online 中为内容搜索 Web 部件创建排序/筛选
- 如何使用jQuery搜索字符串筛选结果
- 如何根据多个数据属性筛选搜索结果