我正在尝试在我的献血者应用程序中创建搜索/过滤选项。可以通过性别,姓名,血型或通过选择所有三种来搜索捐赠者。这是我的代码
function search_donar($_POST) {
$by_name = $_POST['by_name'];
$by_sex = $_POST['by_sex'];
$by_group = $_POST['by_group'];
$by_level = $_POST['by_level'];
$search_query = "SELECT * FROM donar WHERE";
if($by_name !="") {
$search_query .= " name='$by_name'";
}
if($by_sex !="") {
$search_query .= " sex='$by_sex'";
}
if($by_group !="") {
$search_query .= " blood_group='$by_group'";
}
if($by_level !="") {
$search_query .= " e_level='$by_level'";
}
$search_query;
$result = mysql_query($search_query);
return $result;
}
这是html
if(isset($_POST['submit'])) {
$retrived_result = $donar->search_donar($_POST);
}
<form action="" method="post">
<table width="100%" border="0" style="border:none;">
<tr>
<td><label>Name: </label><input type="text" name="by_name" /></td>
<td><label>Sex: </label><input type="text" name="by_sex" /></td>
<td><label>Blood Group: </label><input type="text" name="by_group" /></td>
<td><label>Level: </label><input type="text" name="by_level" /></td>
<td><input class="button" type="submit" name="submit" value="Search" /></td>
</tr>
</table>
</form>
单次过滤非常好。但要过滤所有我使用的AND,但它给了我错误。有人可以帮忙吗?
提前致谢
答案 0 :(得分:26)
与所有其他帖子一样,您需要使用AND附加所有条件。到目前为止,这是最干净的答案。记住要使用mysqli OOP方式而不是旧的mysql来真正逃避你的字符串。只是一个建议。
以下是典型查询的示例。
正确的方法:
SELECT * FROM donar WHERE name='dxenaretionx' AND sex='M';
你这样做的方式
SELECT * FROM donar WHERE name='dxenaretionx' sex='M';
代码:
function search_donar($_POST) {
$by_name = $_POST['by_name'];
$by_sex = $_POST['by_sex'];
$by_group = $_POST['by_group'];
$by_level = $_POST['by_level'];
//Do real escaping here
$query = "SELECT * FROM donar";
$conditions = array();
if(! empty($by_name)) {
$conditions[] = "name='$by_name'";
}
if(! empty($by_sex)) {
$conditions[] = "sex='$by_sex'";
}
if(! empty($by_group)) {
$conditions[] = "blood_group='$by_group'";
}
if(! empty($by_level)) {
$conditions[] = "e_level='$by_level'";
}
$sql = $query;
if (count($conditions) > 0) {
$sql .= " WHERE " . implode(' AND ', $conditions);
}
$result = mysql_query($sql);
return $result;
}
答案 1 :(得分:1)
以下代码段:
$search_query = "SELECT * FROM donar WHERE";
if($by_name !="") {
$search_query .= " name='$by_name'";
}
if($by_sex !="") {
$search_query .= " sex='$by_sex'";
}
生成类似
的查询SELECT * FROM donar WHERE name='nowak' sex='m'
,这是无效的,因为子句之间没有逻辑运算符。你需要添加一个'AND'。为了简化代码,您可以以“true和a和b ......”的形式生成条件:
$search_query = "SELECT * FROM donar WHERE true";
if($by_name !="") {
$search_query .= " AND name='$by_name'";
}
if($by_sex !="") {
$search_query .= " AND sex='$by_sex'";
}
...
答案 2 :(得分:1)
在你的代码中有条件的查询有问题。这里你的查询就像
select * from donar where by_name = "A" by_group = "N"没有And/Or来确定条件。请尝试下面给出的代码。
$search_query = "SELECT * FROM donar";
$query_cond = "";
if($by_name !="") {
$query_cond .= " name='$by_name'";
}
if($by_sex !="") {
if(!empty($query_cond)){
$query_cond .= " AND ";
}
$query_cond .= " sex='$by_sex'";
}
if($by_group !="") {
if(!empty($query_cond)){
$query_cond .= " AND ";
}
$query_cond .= " blood_group='$by_group'";
}
if($by_level !="") {
if(!empty($query_cond)){
$query_cond .= " OR ";
}
$query_cond .= " e_level='$by_level'";
}
if(!empty($query_cond)){
$query_cond = " Where ".$query_cond;
$search_query.$query_cond;
}
这里的代码首先我们将$query_cond变量设为空并根据代码生成条件。并根据这个管理AND运营商。最后,如果我们发现$query_cond不为空,请将其添加到$select_query。
我希望它会对你有所帮助。
感谢
答案 3 :(得分:0)
试试这样:
function search_donar($_POST) {
$by_name = $_POST['by_name'];
$by_sex = $_POST['by_sex'];
$by_group = $_POST['by_group'];
$by_level = $_POST['by_level'];
$isfirst=0;
$search_query = "SELECT * FROM donar WHERE";
if($by_name !="") {
$search_query .= " name='$by_name'";
$isfirst=1;
}
if($by_sex !="") {
if($isfirst!=0)
$search_query .= " AND ";
$search_query .= " sex='$by_sex'";
$isfirst=1;
}
if($by_group !="") {
if($isfirst!=0)
$search_query .= " AND ";
$search_query .= " blood_group='$by_group'";
$isfirst=1;
}
if($by_level !="") {
if($isfirst!=0)
$search_query .= " AND ";
$search_query .= " e_level='$by_level'";
$isfirst=1;
}
$result = mysql_query($search_query);
return $result;
}
答案 4 :(得分:0)
在这里你不使用验证,建议不要使用Field是EMPTY还是NOT。试试下面的代码,希望它能运作
function search_donar($_POST) {
$by_name = $_POST['by_name'];
$by_sex = $_POST['by_sex'];
$by_group = $_POST['by_group'];
$by_level = $_POST['by_level'];
$search_query = "SELECT * FROM donar WHERE name LIKE '%$by_name%' AND sex LIKE '%$by_sex%' AND blood_group LIKE '%$by_group%' AND e_level LIKE '%$by_level%' ";
$result = mysql_query($search_query);
return $result;
}
答案 5 :(得分:0)
function search_donar($_POST) {
$by_name = $_POST['by_name'];
$by_sex = $_POST['by_sex'];
$by_group = $_POST['by_group'];
$by_level = $_POST['by_level'];
$search_query = "SELECT * FROM donar WHERE";
$and = '';
if(count($_POST) > 1) {
$and ='AND';
}
if($_POST[0]) {
$and ='';
}
if($by_name !="") {
$search_query .= $and." name='$by_name'";
}
if($by_sex !="") {
$search_query .= $and." sex='$by_sex'";
}
if($by_group !="") {
$search_query .= $and." blood_group='$by_group'";
}
if($by_level !="") {
$search_query .= $and." e_level='$by_level'";
}
if(count($_POST) == 0) {
$search_query .= " 1 ";
}
$search_query;
$result = mysql_query($search_query);
return $result;
}
答案 6 :(得分:0)
我会这样。
function search_donar($_POST) {
$by_name = $_POST['by_name'];
$by_sex = $_POST['by_sex'];
$by_group = $_POST['by_group'];
$by_level = $_POST['by_level'];
$search_query = "SELECT * FROM donar WHERE 1 = 1";
if($by_name !="") {
$search_query .= " AND name='$by_name'";
}
if($by_sex !="") {
$search_query .= " AND sex='$by_sex'";
}
if($by_group !="") {
$search_query .= " AND blood_group='$by_group'";
}
if($by_level !="") {
$search_query .= " AND e_level='$by_level'";
}
$result = mysql_query($search_query);
return $result;
}