$searchtype=$_POST['searchtype'];
$searchterm=$_POST['searchterm'];
$searchterm=($searchterm);
/*if (!$searchtype||$searchterm)
{
echo'你还没有输入要查询的内容,请再试一边';
exit;
}*/
if(!get_magic_quotes_gpc())
{
$searchtype=addslashes($searchtype);
$searchterm=addslashes($searchterm);
}
@$db=new mysqli('localhost','bookorama','bookorama123','books');
if(mysqli_connect_errno())
{
echo'不能找到数据库,请重试!!!';
exit;
}
$query="select * from books where".$searchtype."like '%".$searchterm."%'";
$result=$db->query($query);
$num_results=$result->num_rows;
echo'
没有找到:'.$num_results.'
';for($i=0;$i
{
$row=$result->fetch_assoc();
echo'
'.($i+1).'.Title:';
echo htmlspecialchars(stripslashes($row['title']));
echo'
Author:';
echo stripslashes($row['author']);
echo'
ISBN:';
echo stripslashes($row['isbn']);
echo'
Price:';
echo stripslashes($row['price']);
echo'
';}
$result->free();
$db->close();
?>
展开