我想从一个MySQL数据库的所有表的所有字段搜索一个给定的字符串,可能使用语法为:
SELECT * FROM * WHERE * LIKE '%stuff%'
有可能做这样的事情吗?
当前回答
我也做了我自己的mysql爬虫来搜索一些wordpress配置,在界面和数据库中都无法找到它,数据库转储太沉重和不可读。我得说我现在不能没有它。
它的工作原理类似于@Olivier,但它管理外来的数据库/表名,并且是像小丑一样安全。
<?php
$database = 'database';
$criteria = '*iemblo'; // you can use * and ? as jokers
$dbh = new PDO("mysql:host=127.0.0.1;dbname={$database};charset=utf8", 'root', '');
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$tables = $dbh->query("SHOW TABLES");
while (($table = $tables->fetch(PDO::FETCH_NUM)) !== false)
{
$fields = $dbh->prepare("SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = ? AND TABLE_NAME = ?");
$fields->execute(array ($database, $table[0]));
$ors = array ();
while (($field = $fields->fetch(PDO::FETCH_NUM)) !== false)
{
$ors[] = str_replace("`", "``", $field[0]) . " LIKE REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(:search, '\\\\', '\\\\\\\\'), '%', '\\%'), '_', '\\_'), '*', '%'), '?', '_')";
}
$request = 'SELECT * FROM ';
$request .= str_replace("`", "``", $table[0]);
$request .= ' WHERE ';
$request .= implode(' OR ', $ors);
$rows = $dbh->prepare($request);
$rows->execute(array ('search' => $criteria));
$count = $rows->rowCount();
if ($count == 0)
{
continue;
}
$str = "Table '{$table[0]}' contains {$count} rows matching '{$criteria}'.";
echo str_repeat('-', strlen($str)), PHP_EOL;
echo $str, PHP_EOL;
echo str_repeat('-', strlen($str)), PHP_EOL;
$counter = 1;
while (($row = $rows->fetch(PDO::FETCH_ASSOC)) !== false)
{
$col = 0;
$title = "Row #{$counter}:";
echo $title;
foreach ($row as $column => $value)
{
echo
(($col++ > 0) ? str_repeat(' ', strlen($title) + 1) : ' '),
$column, ': ',
trim(preg_replace('!\s+!', ' ', str_replace(array ("\r", "\t", "\n"), array ("", "", " "), $value))),
PHP_EOL;
}
echo PHP_EOL;
$counter++;
}
}
运行这个脚本可以输出如下内容:
---------------------------------------------------
Table 'customers' contains 1 rows matching '*iemblo'.
---------------------------------------------------
Row #1: email_client: my@email.com
numero_client_compta: C05135
nom_client: Tiemblo
adresse_facturation_1: 151, My Street
adresse_facturation_2:
ville_facturation: Nantes
code_postal_facturation: 44300
pays_facturation: FR
numero_tva_client:
zone_geographique: UE
prenom_client: Alain
commentaires:
nom_societe:
email_facturation: my@email.com
其他回答
我要用这个。你只需要改变变量
$query ="SELECT `column_name` FROM `information_schema`.`columns` WHERE `table_schema`='" . $_SESSION['db'] . "' AND `table_name`='" . $table . "' ";
$stmt = $dbh->prepare($query);
$stmt->execute();
$columns = $stmt->fetchAll(PDO::FETCH_ASSOC);
$query="SELECT name FROM `" . $database . "`.`" . $table . "` WHERE ( ";
foreach ( $columns as $column ) {
$query .=" CONVERT( `" . $column['column_name'] . "` USING utf8 ) LIKE '%" . $search . "%' OR ";
}
$query = substr($query, 0, -3);
$query .= ")";
echo $query . "<br>";
$stmt=$dbh->prepare($query);
$stmt->execute();
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
echo "<pre>";
print_r ($results );
echo "</pre>";
虽然这个问题已经很老了,但如果你使用的是mysql workbench 6.3,你可以这样做。(很可能它也适用于其他版本)
右键点击你的模式和“搜索表数据”,输入你的值,然后点击“开始搜索”。这是它。
如果你安装了phpMyAdmin,使用它的“搜索”功能。
选择您的数据库 确保你有一个DB选择(即不是一个表,否则你会得到一个完全不同的搜索对话框) 点击“搜索”标签 选择您想要的搜索词 选择要搜索的表
我在250个表/10GB的数据库上使用过这个功能(在一个快速的服务器上),响应时间非常惊人。
如果23个答案还不够,这里还有2个……根据数据库结构和内容,您可能会发现其中一个实际上是快速而简单的解决方案。
对于shell一行程序的爱好者,这里有一个很长的程序(实际上只有2行,使用变量):
cmd='mysql -u Username -pYour_Password -D Your_Database' # <-- Adapt this
$cmd -s -e 'SHOW TABLES' | while read table; do echo "=== $table ==="; $cmd -B -s -e "SELECT * FROM $table" | grep 'Your_Search'; done
或多行,使其更具可读性:
$cmd -s -e 'SHOW TABLES' \
| while read table; do
echo "=== $table ===";
$cmd -B -s -e "SELECT * FROM $table" \
| grep 'Your_Search';
done
-s(——silent)用于屏蔽列名标头 -B(——batch)转义像换行符这样的特殊字符,所以我们在使用grep时获得整个记录
对于Perl爱好者来说,这将允许您使用正则表达式:
# perl -MDBI -le '($db,$u,$p)=@ARGV; $dbh=DBI->connect("dbi:mysql:dbname=$db",$u,$p); foreach $table ($dbh->tables()) {print "$table\n"; foreach $r ($dbh->selectall_array("SELECT * FROM $table")) {$_=join("\t", @$r); print $_ if (/Your_Regex/);}}' Your_Database Username Your_Password
在“真正的”Perl脚本中可能是这样的:
#!/usr/bin/perl
use strict;
use open qw(:std :utf8);
use DBI;
my $db_host = 'localhost';
my $db = 'Your_Database';
my $db_user = 'Username';
my $db_pass = 'Your_Password';
my $search = qr/Your_regex_Search/;
# https://metacpan.org/pod/DBD::mysql
my $dbh = DBI->connect( "dbi:mysql:dbname=$db;host=$db_host", $db_user, $db_pass,
{ mysql_enable_utf8mb4 => 1 }
) or die "Can't connect: $DBI::errstr\n";
foreach my $table ( $dbh->tables() ) {
my $sth = $dbh->prepare("SELECT * FROM $table")
or die "Can't prepare: ", $dbh->errstr;
$sth->execute
or die "Can't execute: ", $sth->errstr;
my @results;
while (my @row = $sth->fetchrow()) {
local $_ = join("\t", @row);
if ( /$search/ ) {
push @results, $_;
}
}
$sth->finish;
next unless @results;
print "*** TABLE $table :\n",
join("\n---------------\n", @results),
"\n" . "=" x 20 . "\n";
}
$dbh->disconnect;
这个解决方案 a)只有MySQL,不需要其他语言,并且 b)返回SQL结果,准备处理!
#Search multiple database tables and/or columns
#Version 0.1 - JK 2014-01
#USAGE: 1. set the search term @search, 2. set the scope by adapting the WHERE clause of the `information_schema`.`columns` query
#NOTE: This is a usage example and might be advanced by setting the scope through a variable, putting it all in a function, and so on...
#define the search term here (using rules for the LIKE command, e.g % as a wildcard)
SET @search = '%needle%';
#settings
SET SESSION group_concat_max_len := @@max_allowed_packet;
#ini variable
SET @sql = NULL;
#query for prepared statement
SELECT
GROUP_CONCAT("SELECT '",`TABLE_NAME`,"' AS `table`, '",`COLUMN_NAME`,"' AS `column`, `",`COLUMN_NAME`,"` AS `value` FROM `",TABLE_NAME,"` WHERE `",COLUMN_NAME,"` LIKE '",@search,"'" SEPARATOR "\nUNION\n") AS col
INTO @sql
FROM `information_schema`.`columns`
WHERE TABLE_NAME IN
(
SELECT TABLE_NAME FROM `information_schema`.`columns`
WHERE
TABLE_SCHEMA IN ("my_database")
&& TABLE_NAME IN ("my_table1", "my_table2") || TABLE_NAME LIKE "my_prefix_%"
);
#prepare and execute the statement
PREPARE stmt FROM @sql;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
