使用PHP将查询字符串传递给PDO sql查询

时间:2016-05-14 13:00:59

标签: php mysql pdo

我正在根据不同的SQL查询创建一个返回JSON的自定义端点 - 查询是基于我从我的App传递的多个查询字符串创建的。我所做的是破旧,想知道是否有更好的方法可以获得与以下内容相同的结果:

下面只是检查不同查询字符串的所有IF / Else语句的一小部分

if(isset($_GET['pt']) && !isset($_GET['c']) && !isset($_GET['sc']) && isset($_GET['size'])) {

    $sql = "SELECT *
    FROM product
    INNER JOIN product_sizes
    ON product.product_sku = product_sizes.affiliate_p_id
    WHERE product_sizes.product_type IN (".$_GET['pt'].") 
    AND product_sizes.product_sizes IN (".$_GET['size'].") 
    GROUP BY product_sizes.affiliate_p_id
    ORDER BY product.last_updated ASC
    LIMIT 100";


} else {

    $sql = "SELECT *
    FROM product
    INNER JOIN product_sizes
    ON product.product_sku = product_sizes.affiliate_p_id
    GROUP BY product_sizes.affiliate_p_id
    ORDER BY product.last_updated ASC
    LIMIT 100";

}


$result = $pdo->query($sql)->fetchAll(PDO::FETCH_ASSOC);
$return = array();
foreach ($result as $row) {
    $return[] = array( 
        'affiliate_p_id' => $row['affiliate_p_id'],
        'affiliate_id' => $row['affiliate_id'],
        'product_colours' => $row['product_colours'],
        'product_sub_category' => $row['product_sub_category'],
        'merchant_name' => $row['merchant_name'],
        'product_type' => $row['product_type'],
        'product_sizes' => $row['product_sizes'],
        'product_name' => $row['product_name'],
        'sale_price' => $row['sale_price'],
        'rrp_price' => $row['rrp_price'],
        'product_image' => $row['product_image'],
        'product_slug' => $row['product_slug']          
    );
}
$dbh = null;    

header('Content-type: application/json');
echo json_encode($return);

2 个答案:

答案 0 :(得分:1)

你可以把它分成像这样的小部分

$sql = 'SELECT *
    FROM product
    INNER JOIN product_sizes
    ON product.product_sku = product_sizes.affiliate_p_id ';
if(isset($_GET['pt']) && !isset($_GET['c']) && !isset($_GET['sc']) && isset($_GET['size'])) {
$sql .= 
    " WHERE product_sizes.product_type IN :pt AND product_sizes.product_sizes IN  = :size ';
}
$sql .= " GROUP BY product_sizes.affiliate_p_id
    ORDER BY product.last_updated ASC
    LIMIT 100";
$sth = $dbh->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
if(isset($_GET['pt']) && !isset($_GET['c']) && !isset($_GET['sc']) && isset($_GET['size'])) {
$sth->execute(array(':pt' => $_GET['pt'], ':size' => $_GET['size']));
}
$result = $sth->fetchAll();

答案 1 :(得分:-1)

你可以稍微重构一下,以dinamically的方式构建sql字符串。

// SQL start common to all queries
$sql = "SELECT * 
        FROM product 
        INNER JOIN product_sizes 
        ON product.product_sku = product_sizes.affiliate_p_id";

// Append query depending on conditions
if(isset($_GET['pt']) && !isset($_GET['c']) && !isset($_GET['sc']) && isset($_GET['size'])) {
    $sql .= " WHERE product_sizes.product_type IN (".$_GET['pt'].") 
              AND product_sizes.product_sizes IN (".$_GET['size'].")";
}

// SQL end common to all queries
$sql .= " GROUP BY product_sizes.affiliate_p_id
          ORDER BY product.last_updated ASC
          LIMIT 100";

这样您就不会重复所有查询通用的SQL部分。

相关问题
最新问题