我有多个if条件,在SQL查询中有多个where子句。
if(empty($pincode) && !empty($data) && $flag==true ) {
$dql = "SELECT s.instaffiliation,i.institutename,i.institutefeerange,i.instituterating,
a.addressline1,a.addressline2,i.instituterating,
i.instituteteachingtimings,s.instdescription,s.insttype,
s.insteligibilitycriteria,u.instlogo,u.instbrochure
FROM Edufaction\Bundle\EdufactionBundle\Entity\Institute i
INNER JOIN i.instsummary s
INNER JOIN i.address a
INNER JOIN i.insturl u
WHERE s.instaffiliation IN('')
ORDER BY i.instituterating";
}
if(empty($pincode) && !empty($data) && $flag==false) {
$dql = "SELECT s.instaffiliation,i.institutename,i.institutefeerange,i.instituterating,
a.addressline1,a.addressline2,i.instituterating,
i.instituteteachingtimings,s.instdescription,s.insttype,
s.insteligibilitycriteria,u.instlogo,u.instbrochure
FROM Edufaction\Bundle\EdufactionBundle\Entity\Institute i
INNER JOIN i.instsummary s
INNER JOIN i.address a
INNER JOIN i.insturl u
WHERE s.instaffiliation IN($data)
ORDER BY i.instituterating";
}
if(!empty($pincode) && !empty($data)) {
$dql = "SELECT s.instaffiliation,i.institutename,i.institutefeerange,i.instituterating,
a.addressline1,a.addressline2,i.instituterating,
i.instituteteachingtimings,s.instdescription,s.insttype,
s.insteligibilitycriteria,u.instlogo,u.instbrochure
FROM Edufaction\Bundle\EdufactionBundle\Entity\Institute i
INNER JOIN i.instsummary s
INNER JOIN i.address a
INNER JOIN i.insturl u
WHERE s.instaffiliation IN($data)
AND a.pincode IN($pincode)
ORDER BY i.instituterating";
}
if(!empty($data) && !empty($reqfee) && $flag==false) {
$dql = "SELECT s.instaffiliation,i.institutename,i.institutefeerange,i.instituterating,
a.addressline1,a.addressline2,i.instituterating,
i.instituteteachingtimings,s.instdescription,s.insttype,
s.insteligibilitycriteria,u.instlogo,u.instbrochure
FROM Edufaction\Bundle\EdufactionBundle\Entity\Institute i
INNER JOIN i.instsummary s
INNER JOIN i.address a
INNER JOIN i.insturl u
WHERE s.instaffiliation IN($data)
AND i.institutefeerange IN($reqfee)
ORDER BY i.instituterating";
}
这里的查询与基于多个if条件的多个条件相同。 如何使用if条件一次应用具有多个where子句的单个查询。 请帮助我。谢谢你提前
答案 0 :(得分:1)
所以看起来你只是想简化代码。如果是这种情况,你可以使用简单的字符串连接,但实际上并没有接触到sql注入。字段和连接的主要列表完全相同,顺序也是如此。因此,将查询的第一部分构建到字符串中,直到where子句。
$dql = "SELECT
s.instaffiliation, i.institutename, i.institutefeerange,
i.instituterating, a.addressline1, a.addressline2,
i.instituterating, i.instituteteachingtimings, s.instdescription,
s.insttype, s.insteligibilitycriteria, u.instlogo, u.instbrochure
FROM
Edufaction\Bundle\EdufactionBundle\Entity\Institute i
INNER JOIN i.instsummary s
INNER JOIN i.address a
INNER JOIN i.insturl u
WHERE ";
现在,根据具体的合格条件添加where标准
if(empty($pincode) && !empty($data) && $flag==true )
{
$dql = $dql + "s.instaffiliation IN('') ";
}
if(empty($pincode) && !empty($data) && $flag==false)
{
$dql = $dql + "s.instaffiliation IN($data)";
}
if(!empty($pincode) && !empty($data))
{
$dql = $dql + "s.instaffiliation IN($data)
AND a.pincode IN($pincode) ";
}
if(!empty($data) && !empty($reqfee) && $flag==false)
{
$dql = $dql + "s.instaffiliation IN($data)
AND i.institutefeerange IN($reqfee) ";
}
最后,点击订单
$dql = $dql + "ORDER BY i.instituterating";
这是否更接近您在代码中尝试简化的内容?
答案 1 :(得分:1)
$query_string = "SELECT rows FROM table INNER JOIN ";
// Here you validate your variables and build your correct WHERE clause
if(empty($pincode) && !empty($data) && $flag==true ) {
$query_string .= " WHERE s.instaffiliation IN('') ";
}
// and so on for every case
$query_string .= "ORDER BY row ASC ";
// Now you will have a sigle correct query string