我的数据库中有一个用户列表,如果用户被禁止,我还有另一个表...
我需要帮助来调整我的sql查询,这样如果用户在禁止表中,他们将被排除在sql结果之外
tbl_ban_user
banID user_id nickname isBan date_ban ban_cause
98 32 Michael Y 2016-03-11 whatever reason
99 84 Joe Y 2016-03-11 whatever reason
tbl_users
user_id nickname is_private verified etc..
32 Michael N Y
84 Joe N Y
这是我的sql查询,然后输出JSON,
public function fetchUsers($keyword, $user_id, $who = 0, $who_nickname = '') {
$sql = "SELECT
A.*,
SUM(IF(D.grader_id='$user_id', 0, 1)) AS ungraded_count,
ROUND(AVG(D.grader_value),0) as avg_grade,
COUNT(DISTINCT B.grader_id) as grading,
COUNT(DISTINCT E.grade_id) as graders,
COUNT(DISTINCT C.photo_id) as photos,
SUM(IF(B.grader_id='$user_id', 1, 0)) AS is_graded,
SUM(IF(B.grader_id='$user_id', B.notification, 0)) AS notification
FROM
tbl_users A
LEFT JOIN
tbl_grade B ON (A.user_id = B.grade_id AND B.grade_type=2)
LEFT JOIN
tbl_photo C ON (A.user_id = C.user_id)
LEFT JOIN
tbl_grade D ON (C.photo_id=D.grade_id AND D.grade_type=1)
LEFT JOIN
tbl_grade E ON (A.user_id = E.grader_id AND E.grade_type=2)
WHERE
A.verified = 'Y' AND
A.user_name LIKE '%$keyword%'
AND A.user_id <> '$user_id' " . ($who == 0 ? '' : " AND A.user_id = '$who'") . ($who_nickname == '' ? '' : " AND A.nickname = '$who_nickname'") . "
GROUP BY A.user_id
ORDER BY A.user_name";
return $this->db->query($sql)->result();
}
所以基本上我想从结果中排除tbl_ban_user中列出的任何用户我将如何编码?
感谢您的帮助
答案 0 :(得分:1)
最快的方法可能是:
public function fetchUsers($keyword, $user_id, $who = 0, $who_nickname = '') {
$sql = "SELECT
A.*,
SUM(IF(D.grader_id='$user_id', 0, 1)) AS ungraded_count,
ROUND(AVG(D.grader_value),0) as avg_grade,
COUNT(DISTINCT B.grader_id) as grading,
COUNT(DISTINCT E.grade_id) as graders,
COUNT(DISTINCT C.photo_id) as photos,
SUM(IF(B.grader_id='$user_id', 1, 0)) AS is_graded,
SUM(IF(B.grader_id='$user_id', B.notification, 0)) AS notification
FROM
tbl_users A
LEFT JOIN
tbl_grade B ON (A.user_id = B.grade_id AND B.grade_type=2)
LEFT JOIN
tbl_photo C ON (A.user_id = C.user_id)
LEFT JOIN
tbl_grade D ON (C.photo_id=D.grade_id AND D.grade_type=1)
LEFT JOIN
tbl_grade E ON (A.user_id = E.grader_id AND E.grade_type=2)
WHERE
A.verified = 'Y' AND
A.user_name LIKE '%$keyword%'
AND A.user_id <> '$user_id' " . ($who == 0 ? '' : " AND A.user_id = '$who'") . ($who_nickname == '' ? '' : " AND A.nickname = '$who_nickname'") . "
AND A.user_id NOT IN(SELECT DISTINCT(user_id) FROM tbl_ban_user)
GROUP BY A.user_id
ORDER BY A.user_name";
return $this->db->query($sql)->result();
}
另一种方式是:
public function fetchUsers($keyword, $user_id, $who = 0, $who_nickname = '') {
$sql = "SELECT
A.*,
SUM(IF(D.grader_id='$user_id', 0, 1)) AS ungraded_count,
ROUND(AVG(D.grader_value),0) as avg_grade,
COUNT(DISTINCT B.grader_id) as grading,
COUNT(DISTINCT E.grade_id) as graders,
COUNT(DISTINCT C.photo_id) as photos,
SUM(IF(B.grader_id='$user_id', 1, 0)) AS is_graded,
SUM(IF(B.grader_id='$user_id', B.notification, 0)) AS notification
FROM
tbl_users A
LEFT JOIN
tbl_grade B ON (A.user_id = B.grade_id AND B.grade_type=2)
LEFT JOIN
tbl_photo C ON (A.user_id = C.user_id)
LEFT JOIN
tbl_grade D ON (C.photo_id=D.grade_id AND D.grade_type=1)
LEFT JOIN
tbl_grade E ON (A.user_id = E.grader_id AND E.grade_type=2)
LEFT JOIN
tbl_bar_user F ON F.user_id = A.user_id
WHERE
A.verified = 'Y' AND
A.user_name LIKE '%$keyword%'
AND A.user_id <> '$user_id' " . ($who == 0 ? '' : " AND A.user_id = '$who'") . ($who_nickname == '' ? '' : " AND A.nickname = '$who_nickname'") . "
AND F.isBan <> 'Y'
GROUP BY A.user_id
ORDER BY A.user_name";
return $this->db->query($sql)->result();
}
您可以测试两者并查看更适合您的数据集/编码首选项。
答案 1 :(得分:1)
永远不要在生产中运行此功能,因为这些行易受攻击:
A.nickname ='$ who_nickname'
尝试使用PDO来避免sql注入