通过PHP MYSQL页面传递多个变量

时间:2013-07-21 06:31:30

标签: php mysql

以下代码适用于第一页。它是基于表单的用户输入的查询。我有2个问题。第一个是当我点击下一页时,我得到未定义的索引和未定义的变量错误,这意味着不传递变量。第二个问题是我如何根据表单中的用户填充/选择值进行查询并对其进行分页?某些用户可能无法填写所有值。 这是我的代码:NB:表单方法是GET。我也尝试了REQUEST和POST。所有相同的错误。先谢谢你们。

<?php   

    if (isset($_POST['Submit'])) 
    $name = mysql_real_escape_string($_GET['name']);
    $email = mysql_real_escape_string($_GET['email']);
    $age = mysql_real_escape_string($_GET['age']);
    $height = mysql_real_escape_string($_GET['height']);

    include_once "conn.php"; //connect to db and table

    $rs = mysql_query("SELECT COUNT(*) FROM people WHERE name='$name' AND email='$email' AND age='$age' AND height='$height'"); 
    $rw = mysql_fetch_array($rs);
    $numrows = $rw[0];
if ($numrows== 0) die("No Results Found");

$rowsperpage = 7;

$totalpages = ceil($numrows / $rowsperpage);


if (isset($_GET['currentpage']) && is_numeric($_GET['currentpage'])) {

   $currentpage = (int) $_GET['currentpage'];
} else {

   $currentpage = 1;
} 
if ($currentpage > $totalpages) {

   $currentpage = $totalpages;
} 
if ($currentpage < 1) {

   $currentpage = 1;
} 
$offset = ($currentpage - 1) * $rowsperpage;

    $query = mysql_query("SELECT * FROM people WHERE name='$name' AND email='$email' AND age='$age' AND height='$height' ORDER BY time DESC LIMIT $offset, $rowsperpage"); 

//print my tables here 

while($row = mysql_fetch_array($query)) 
               {       
                   $uniqueid = $row['age'];
//output stuff here   
               }
//close sql
$range = 3;
if ($currentpage > 1) {
   echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=1&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'> Go To Page 1</a> ";

   $prevpage = $currentpage - 1;

   echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$prevpage&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'> Previous Page</a>";
} 
for ($x = ($currentpage - $range); $x < (($currentpage + $range) + 1); $x++) {

   if (($x > 0) && ($x <= $totalpages)) {

      if ($x == $currentpage) {

         echo " &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font size=4 color=red>[<b>$x</b>] </font>";

      } else {

         echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$x&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'>$x</a>";
      } 
   }  
}        
if ($currentpage != $totalpages) {

   $nextpage = $currentpage + 1;

   echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$nextpage&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'>Next Page</font></a>";

   echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$totalpages&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'>Last Page</a> ";
} 

?>

1 个答案:

答案 0 :(得分:0)

表单提交为GET。因为这个,没有设置POST变量。而你没有定义第一个变量(缺少括号?)。此外,Submit是唯一提交资本的值。这是故意的吗?

if (isset($_GET['Submit'])) {
    $name = mysql_real_escape_string($_GET['name']);
    $email = mysql_real_escape_string($_GET['email']);
    $age = mysql_real_escape_string($_GET['age']);
    $height = mysql_real_escape_string($_GET['height']);
}

更理想的是,因为您想要省略值,所以您可能希望单独检查每个变量是否存在。如果未设置(或empty),请不要在WHERE子句中添加该字段。

$name = isset($_GET['name']) ? mysql_real_escape_string($_GET['name']) : null;
// ... process the other fields in same way ...

或跨越多行:编辑:刚刚注意到我在下面的两个区块中错过了结束)

$name = null;
if (isset($_GET['name'])) {
    $name = mysql_real_escape_string($_GET['name']);
}

// ... process the other fields in same way ...

甚至:

$name = null;
if (isset($_GET['name']))
    $name = mysql_real_escape_string($_GET['name']);

// ... process the other fields in same way ...

动态查询

然后,让您的查询更具动态性。比如,将所有可用的WHERE参数添加到数组中。它使事情变得更容易。

// Store conditions in array
$whereConditions = array();

if (!empty($name)) {
    $whereConditions['name'] = $name;
}

if (!empty($email)) {
    $whereConditions['email'] = $email;
}

if ($age && $age > 0) {
    $whereConditions['age'] = $age;
}

if ($height && $height > 0) {
    $whereConditions['height'] = $height;
}

// Start building your query dynamically
$query = 'SELECT * FROM people';


// Making things easier here. Just flatten your array down.
$conditions = array();
foreach ($whereConditions as $field => $value) {
    $conditions[] = sprintf("%s = '%s'", $field, $value);
}

// Join all conditions with AND
$where = implode(' AND ', $conditions);

// Add where clause, if there are conditions
if (!empty($where)) {
    $query .= ' WHERE ' . $where;
}

$query .= " ORDER BY time DESC LIMIT {$offset}, {$rowsperpage}";

最后的笔记

如果您允许用户输入,请记住使用准备好的查询。并且不推荐mysql_扩展名。切换到mysqli_PDO