DataTables 1.9.4 - 限制结果

时间:2013-10-01 17:01:22

标签: php mysql session datatable

我正在使用DataTables-1.9.4进行服务器端处理,一切都运行良好,但我的表正在从表中返回所有内容!这总共有3,147个条目,每天都在增长......

示例:www.hunterpdx.com/metro_new_copy/view-reports-test.php

有没有办法限制返回显示与特定关联的显示数据  user: WHERE company = $_SESSION['company']? 我确信这可以做到,但我已经花了好几天而已经无处可去......

我正在使用基本的初始化代码(甚至将表ID保持不变):

$(document).ready(function() {
    $('#example').dataTable( {
        "bProcessing": true,
        "bServerSide": true,
        "sAjaxSource": "../server_side/scripts/server_processing.php"
    } );
} );

我在server_processing.php文件中唯一改变的是aColumns数组和数据库连接信息:

<?php
    /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
     * Easy set variables
     */

    /* Array of database columns which should be read and sent back to DataTables. Use a space where
     * you want to insert a non-database field (for example a counter or static image)
     */
    $aColumns = array( 'company', 'bldg', 'report', 'freq', 'report_date', 'file_path' );

    /* Indexed column (used for fast and accurate table cardinality) */
    $sIndexColumn = "report_id";

    /* DB table to use */
    $sTable = "uploads";

    /* Database connection information */
    $gaSql['user']       = "root";
    $gaSql['password']   = "";
    $gaSql['db']         = "members";
    $gaSql['server']     = "localhost";

我假设它必须对server_processing.php的这一部分做一些事情:

/*
 * Filtering
 * NOTE this does not match the built-in DataTables filtering which does it
 * word by word on any field. It's possible to do here, but concerned about efficiency
 * on very large tables, and MySQL's regex functionality is very limited
 */
$sWhere = "";
if ( isset($_GET['sSearch']) && $_GET['sSearch'] != "" )
{
    $sWhere = "WHERE (";
    for ( $i=0 ; $i<count($aColumns) ; $i++ )
    {
        $sWhere .= "`".$aColumns[$i]."` LIKE '%".mysql_real_escape_string( $_GET['sSearch'] )."%' OR ";
    }
    $sWhere = substr_replace( $sWhere, "", -3 );
    $sWhere .= ')';
}

/* Individual column filtering */
for ( $i=0 ; $i<count($aColumns) ; $i++ )
{
    if ( isset($_GET['bSearchable_'.$i]) && $_GET['bSearchable_'.$i] == "true" && $_GET['sSearch_'.$i] != '' )
    {
        if ( $sWhere == "" )
        {
            $sWhere = "WHERE ";
        }
        else
        {
            $sWhere .= " AND ";
        }
        $sWhere .= "`".$aColumns[$i]."` LIKE '%".mysql_real_escape_string($_GET['sSearch_'.$i])."%' ";
    }
}

此处的目标是确保用户仅查看与其公司关联的数据(即使使用内置过滤搜索):

WHERE company = '$_SESSION['company']'

网站上线实际上是关于这一点,所以我非常需要帮助! 可以这样做吗?怎么样?

1 个答案:

答案 0 :(得分:0)

感谢@ Maximus2012带我走过这个!答案很简单:

在server_processing.php页面顶部调用session_start();

要过滤特定会话,我在会话开始时设置了一个特定于用户的变量:

$userCompany = $_SESSION['company'];

然后通过更改第一个:

来调用代码的过滤部分中的变量 
$sWhere = "";


$sWhere = "WHERE company = '".$userCompany."'";

最后,为了确保搜索过滤器没有绕过初始过滤器,我更改了

$sWhere .= ')';


$sWhere .= ") AND company = '".$userCompany."'";
相关问题
最新问题