为什么此查询忽略过滤器?
如果我删除“and table.field = '$filter' OR table.field='$otherfilter'”,下面的查询将正常工作。如果我添加此部分,那么它会向我显示我无权查看的人员的结果。我确实需要添加该部分,以便它向我显示过滤后的结果。我如何构建它,以便它使用以下命令向我显示正确的结果: and table.field = '$filter' OR table.field='$otherfilter'
代码:
//$filter = "23943409"
$filter2 = "$username";
$sql = "SELECT table.field, table2.field, table.field, table.field,
table.field, table.field, table.field FROM table
LEFT JOIN table2 ON table.field = table2.field
WHERE table.field='$id' and table.field='$id'
and table.field = '$filter' OR table.field='$otherfilter'
ORDER BY table.id DESC LIMIT 0, 3";
$result=mysql_query($sql);
$query = mysql_query($sql) or die ("Error: ".mysql_error());
if ($result == "")
{
echo "";
}
echo "";
$rows = mysql_num_rows($result);
if($rows == 0)
{
print("");
}
elseif($rows > 0)
{
while($row = mysql_fetch_array($query))
{
$field = $row['field'];
print("$field");
}
}
The query below works correctly if I REMOVE the "and table.field = '$filter' OR table.field='$otherfilter'". If i add this part then it shows me results for people I am not authorized to see. I definetely need to add that part so it shows me filtered results. How do I structure this so it shows me the correct results using: and table.field = '$filter' OR table.field='$otherfilter'
Code:
//$filter = "23943409"
$filter2 = "$username";
$sql = "SELECT table.field, table2.field, table.field, table.field,
table.field, table.field, table.field FROM table
LEFT JOIN table2 ON table.field = table2.field
WHERE table.field='$id' and table.field='$id'
and table.field = '$filter' OR table.field='$otherfilter'
ORDER BY table.id DESC LIMIT 0, 3";
$result=mysql_query($sql);
$query = mysql_query($sql) or die ("Error: ".mysql_error());
if ($result == "")
{
echo "";
}
echo "";
$rows = mysql_num_rows($result);
if($rows == 0)
{
print("");
}
elseif($rows > 0)
{
while($row = mysql_fetch_array($query))
{
$field = $row['field'];
print("$field");
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
尝试
AND (table.field = '$filter' OR table.field = '$otherfilter')。请注意该子句周围的括号。我假设您已经混淆了代码并用“field”替换了实际的字段名称。Try
AND (table.field = '$filter' OR table.field = '$otherfilter'). Note the parenthesis around the clause. I'm assuming you have obfuscated the code and replaced the actual field names with "field".您必须在过滤器周围放置括号:
否则您的逻辑就会关闭。
You have to place parentheses around your filters:
Otherwise your logic is off.
您的意思是“field is an apple AND field is an Orange”,其中
table.field=$id AND table.field = $filter。希望这只是您懒惰地混淆表/字段名称,但如果您对这两个值使用相同的 table.field 组合,那么您将排除所有记录,因为单个记录字段中不能有多个值一次。You're saying "field is an apple AND field is an orange" with the
table.field=$id AND table.field = $filter. Hopefully that's just you being lazy with obfuscating your table/fieldnames, but if you are using the same table.field combo for those two values, then you're excluding ALL records since a single record field cannot have more than one value in it at a time.您可能正在处理
and和or之间的优先级问题。尝试:You're probably dealing with precedence issues between
andandor. Try: