我试图通过一个包含在数据库列中的词来过滤sql查询。
这是行得通的(请不要告诉我说,有错...它不适用于Where)
$query = sprintf("SELECT *, ( 3959 * acos( cos( radians('%s') ) * cos( radians( `Lat` ) ) * cos( radians( `Long` ) - radians('%s') ) + sin( radians('%s') ) * sin( radians( `Lat` ) ) ) ) AS distance FROM Tutors HAVING distance < '%s' ORDER BY distance",
mysql_real_escape_string($lat),
mysql_real_escape_string($lng),
mysql_real_escape_string($lat),
mysql_real_escape_string($radius));
$result = mysql_query($query, $dbConn);我想添加如下内容:
$query = sprintf("SELECT *, ( 3959 * acos( cos( radians('%s') ) * cos( radians( `Lat` ) ) * cos( radians( `Long` ) - radians('%s') ) + sin( radians('%s') ) * sin( radians( `Lat` ) ) ) ) AS distance FROM Tutors HAVING distance < '%s' AND SubjectList like '%s' ORDER BY distance",
mysql_real_escape_string($lat),
mysql_real_escape_string($lng),
mysql_real_escape_string($lat),
mysql_real_escape_string($radius),
mysql_real_escape_string($subject));
$result = mysql_query($query, $dbConn);