构建一个更好的搜索查询php / mysql

时间:2014-10-15 15:34:13

标签: php mysql search

我目前正试图整理一个相当简单的搜索表单 - 所有复选框 - 但遇到了将查询放在一起的问题。如果选择1个位置,1个经验或仅1个语言,我可以返回结果。如果我选择任何我的结果的组合充其量是不稳定的。我的目的是为用户返回所有结果:

experience a OR b OR c AND location a OR b OR b OR d AND languages a OR b AND approved

现在,如果我只选择一堆地点,没有其他标准,我就没有结果。

在尝试搜索20多种语言,50多个地点以及其他一些要求时,我应该查看哪种类型的查询?我该怎么做呢?我是在正确的轨道上吗?

$adv_search_query = "SELECT 
users.*, general.*, languages.*, experience.*
FROM users
    LEFT OUTER JOIN languages ON users.user_id = languages.user_id
    LEFT OUTER JOIN general ON users.user_id = general.user_id
    LEFT OUTER JOIN experience ON users.user_id = experience.user_id
WHERE (";

if(!empty($_POST['location'])) {
    foreach($_POST['location'] as $location) {
        $location_input = " general.neighborhood LIKE '%" . $location . "%' OR";
    }
    $adv_search_query .= trim($location_input, 'OR');
    $adv_search_query .= ") ";
}

if(!empty($_POST['languages']) && !empty($_POST['location'])) {
    $adv_search_query .= "AND (";
}

if(!empty($_POST['languages'])) {
    foreach($_POST['languages'] as $language) {
        $language_input = " languages." . $language . " = 1 OR";
    }
    $adv_search_query .= trim($language_input, 'OR');
    $adv_search_query .= ") ";
}

if(!empty($_POST['experience']) && !empty($_POST['location'])) {
    $adv_search_query .= "AND (";
}

if(!empty($_POST['experience'])) {
    foreach($_POST['experience'] as $exp) {
        $exp_input = " experience." . $exp . " = 1 OR";
    }
    $adv_search_query .= trim($exp_input, 'OR');
    $adv_search_query .= ") ";
}

if (isset($_POST["approved"])) {
    $approved = " users.approved = 1 OR";
} else { $approved = ""; }

if (isset($_POST["pending"])) {
    $pending = " users.approved = 2 OR";
} else { $pending = ""; }

if (isset($_POST["incomplete"])) {
    $incomplete = " users.approved = 0 OR";
} else { $incomplete = ""; }

if(isset($_POST['approved']) || isset($_POST['pending']) || isset($_POST['incomplete'])) {
    $status_input = "AND (" . $approved . " " . $pending . " " . $incomplete . "";
    $adv_search_query .= trim($status_input, 'OR');
    $adv_search_query .= ") ";
}

$adv_search_query .= "AND users.admin_level = 0";

table.users
user_id  first_name   last_name   admin_level   user_approved  
1        nick         jones       0             1      
2        johnny       rocket      0             1      
3        sally        fields      0             2    

table.general
user_id  city        state      zip     neighborhood
1        baltimore   maryland   00125   hamsterdam
2        lakeland    maine      11542   treemont
3        sonic       new york   11763   highville

table.languages
user_id  french  german  italian  spanish
1        0       1       0        1
2        0       0       1        1
3        1       1       1        1

table.experience
user_id  waldorf  kumon  homeschooling 
1        0       1       0
2        0       0       1
3        1       1       1

1 个答案:

答案 0 :(得分:1)

首先,请注意您的代码容易受到SQL注入:

 general.neighborhood LIKE

一部分。

在这种类型的SQL查询构建中,“array()”和“implode”是你的朋友:

$experience_valid_values = array('exp1', 'exp2');
$experience_conditions = array();
if(!empty($_POST['experience'])) {
    foreach($_POST['experience'] as $exp) {
        if (in_array($exp, $experience_valid_values)) {
            $experience_conditions[] = 'experience.' . $exp . '=1';
        }
    }
}

$language_valid_values = array('english', 'japanese', 'spanish', 'chinese');
$language_conditions = array();
if(!empty($_POST['language'])) {
    foreach($_POST['languages'] as $language) {
        if (in_array($language, $language_valid_values)) {
            $language_conditions[] = 'language.' . $language . '=1';
        }
    }
}

$conditions = array();
if (!empty($experience_conditions)) {
    $conditions[] = '(' . implode(' OR ', $experience_conditions) . ')';
}
if (!empty($language_conditions)) {
    $conditions[] = '(' . implode(' OR ', $language_conditions) . ')';
}

$sql = 'SELECT *
        FROM users
            LEFT OUTER JOIN experience ON users.user_id = experience.user_id
            LEFT OUTER JOIN languages ON users.user_id = languages.user_id
        WHERE
       ';
$sql .= implode(' AND ', $conditions);

使用“array()”和“implode”将使您的代码更短,更易于阅读。 这只是一个简短的例子,我希望能给你这个想法。