这样子行不行??
<?php
$str = "24100";
$codition = "";
for($i = 1; $i <= strlen($str); $i++){
if ($codition == "") $codition .= " and ";
else $codition .= " or ";
$codition .= "id = ".substr($str,0,$i);
}
$sql = "select * from tablename where username='aa'".$codition;
echo $sql;
?>
<?php
$str = "24100";
$codition = "";
for($i = 1; $i <= strlen($str); $i++){
if ($codition == "") $codition .= " and ";
else $codition .= " or ";
$codition .= "id = ".substr($str,0,$i);
}
$sql = "select * from tablename where username='aa'".$codition;
echo $sql;
?>
<?php
$str = "221";
$codition = "";
for($i = 1; $i <= strlen($str); $i++){
if ($codition == "") {
$codition .= " and ";
$codition .= "id = '".substr($str,0,$i)."'";
}
else if ($i == strlen($str)) {
$codition .= " or id like '".substr($str,0,$i)."%'";
}
else {
$codition .= " or ";
$codition .= "id = '".substr($str,0,$i)."'";
}
}
//echo strlen($str);
$sql = "select * from tablename where username='aa'".$codition;
echo $sql;//select * from tablename where username='aa' and id = '2' or id = '22' or id like '221%'
?>
$inp = "24101100";$p = array(2,2,4); // 各层次的位数
$n = 0;
foreach($p as $v) {
$n += $v;
$ch = substr($inp,0,$n);
if(strlen($ch) < $n)
$out[] = "id like '$ch%'";
else
$out[] = "id='$ch'";
}$expr = join(" or ",$out);$sqlstr = "select * form tbl_name where $expr";
只存在24,2410,24101100这样子的情况,241属于非法输入
if(strlen($str)==2)
$condition="id like '".$str$."'";
else if(strlen($str)==4)
$condition="id link '".str%."' and id like ".substr(0,2,$str)."'";else if(strlen($str)==8)
$condition="id link '".str%."' and id like '".substr(0,4,$str)."'and id like '".substr(0,4,$str)."'";else
echo 输入的不合法。无法查询$sqlstr = "select * form tbl_name where $condition";
其实这是一个海关编码的查询24
2410
24101100
24101105
24101106
24101107
24101200
24101211
24101255
2415
24151717
24151790
24151800
24151855