进一步过滤我的搜索

时间:2013-04-07 08:20:32

标签: php sql database

我想回应我想要的结果,如何进一步过滤它们?

示例search x100 y100,目前可获得数百个结果。我需要进一步过滤这些结果,所以我只会将那些被标记为敌对,待定或友好的

我有以下html表单

<form action="xysearch.php" method="post">
     <label>X Coord
       <input type="text" name="x" />
      </label>
     <label>Y Coord
       <input type="text" name="y" />
      </label>
     <select name="term">
       <option value="Hostile">Hostile</option>
       <option value="Pending">Pending</option>
       <option value="Friendly">Friendly</option>
      </select>
     <input type="submit" value="Search" />
   </form>

我需要添加到搜索查询中的是一种过滤这些结果的方法,因此只显示在外交下拉列表中选择的选项

到目前为止,我的查询无效 - 我可以获得所有结果,但不仅仅是过滤后的结果。

<?php

$x = $_POST['x'];
$y = $_POST['y'];
$term = $_POST['term'];

mysql_connect ("localhost","host","pass")  or die (mysql_error());
mysql_select_db ("d_base");

 $res = mysql_query("SELECT * FROM my_table WHERE (x BETWEEN $x -75 AND $x +75) AND (y BETWEEN $y -75 AND $y +75) ");
 $res2 = mysql_query("SELECT dip FROM my_table WHERE dip IN '%$term%' ORDER BY '%$term%' DESC  ");

    echo "<table border='1' align='center' cellpadding='5'>";
    echo "<tr> <th>City Name</th> <th>X</th> <th>Y</th> <th>Diplomacy</th> </tr>";

// loop through results of database query, displaying them in the table

    while($row = mysql_fetch_array( $res, $res2 )) {

// echo out the contents of each row into a table

    echo '<td>' . $row['city'] . '</td>';
    echo '<td>' . $row['x'] . '</td>';
    echo '<td>' . $row['y'] . '</td>';
    echo '<td>' . $row['dip'] . '</td>';
    echo "</tr>";

// close table>

    echo "</table>";

    }

?>

我不太确定我哪里出错了,因为我实际上可以得到回应的结果,只是问题的过滤。

3 个答案:

答案 0 :(得分:0)

使用:

"SELECT dip FROM my_table WHERE dip IN '%".$term."%' ORDER BY '".$term."' DESC"

如果那不起作用:

"SELECT dip FROM my_table WHERE dip='".$term."' ORDER BY '".$term."' DESC"

是的,SQL注入:)你非常脆弱。

答案 1 :(得分:0)

我看了PHP definition of mysql_fetch_array,它似乎只接受了一个结果集,所以如果我是正确的,你只是遍历第一个结果集,这是未经过滤的结果集。

array mysql_fetch_array ( resource $result [, int $result_type = MYSQL_BOTH ] )

为什么不在单个查询中过滤结果?看起来你似乎从一个表(my_table)中获取项目,对吧?

这是一个有效的sqlfiddle

$res = mysql_query("SELECT * FROM my_table WHERE (x BETWEEN $x -75 AND $x +75) AND (y BETWEEN $y -75 AND $y +75) AND dip REGEXP '$term' ORDER BY dip DESC");
while($row = mysql_fetch_array( $res )) {
...
}

请注意,您将通过“|”连接不同的术语(或)运营商。

答案 2 :(得分:0)

第一眼看到你的代码:

while($row = mysql_fetch_array( $res, $res2 )) {

不正确,因为$ res2应该是resulttype而不是查询的结果。

选项包括:

while($row = mysql_fetch_array( $res, MYSQL_ASSOC )) {
while($row = mysql_fetch_array( $res, MYSQL_NUM )) {
while($row = mysql_fetch_array( $res, MYSQL_BOTH )) {

我想你正在努力实现这样的目标:

$res = mysql_query("SELECT * FROM my_table WHERE (x BETWEEN $x -75 AND $x +75) AND  (y BETWEEN $y -75 AND $y +75) AND dip LIKE '%$term%'");

这意味着代码如下:

<?php

$x = $_POST['x'];
$y = $_POST['y'];
$term = $_POST['term'];

mysql_connect ("localhost","host","pass")  or die (mysql_error());
mysql_select_db ("d_base");


 $res = mysql_query("SELECT * FROM my_table WHERE (x BETWEEN $x -75 AND $x +75) AND  (y BETWEEN $y -75 AND $y +75) AND dip LIKE '%$term%'");



    echo "<table border='1' align='center' cellpadding='5'>";
    echo "<tr> <th>City Name</th> <th>X</th> <th>Y</th> <th>Diplomacy</th> </tr>";

// loop through results of database query, displaying them in the table

    while($row = mysql_fetch_array( $res, MYSQL_ASSOC )) {

// echo out the contents of each row into a table

    echo '<td>' . $row['city'] . '</td>';
    echo '<td>' . $row['x'] . '</td>';
    echo '<td>' . $row['y'] . '</td>';
    echo '<td>' . $row['dip'] . '</td>';
    echo "</tr>";

// close table>

    echo "</table>";

    }

?>

为了获得更好的数据库,我认为您应该将这些条款存储在一个单独的表中,然后进行一些加入:

如果您决定这样做,请以与此类似的方式使用查询:

 $res = mysql_query("SELECT * FROM my_table mt LEFT JOIN terms t ON (mt.term_id = t.id) WHERE (x BETWEEN $x -75 AND $x +75) AND  (y BETWEEN $y -75 AND $y +75) AND dip LIKE '%$term%'");

另一个提示是使用PDO。使用mysql_ * - 函数真的不难。在某种程度上,创建更好,更易读的代码更容易。

相关问题
最新问题