PHP过滤MySQL语句

时间:2018-06-04 04:40:12

标签: php html mysql

我试图让我的页面过滤数据库并在表格中显示结果。目前 competitorFilter2.php 中有一个表单, competitorFilterResults2.php 应该显示已过滤的竞争对手,但它只显示一个空白表。我并不真正关心代码的正确性,或者在此阶段对SQL注入是开放的。我只需要它先工作。代码如下。提前谢谢。

competitorFilter2.php     

        <div>

            <h4>Filter Competitors:</h4>

            <div class="form-group">

            <label class="col-md-2" for="" required>Gender:</label>

            <div class="col-md-10">

            <label><input type="radio" class="form-control" name="male" value="male">Male</label><br>

            <label><input type="radio" class="form-control" name="female" value="female">Female</label>

            </div>

            </div>

            <div class="form-group">

            <label class="col-md-2" required>Age:</label>

            <div class="col-md-10">



                <label><input type="checkbox" class="form-control" name="age4" value="4">4</label><br>

                <label><input type="checkbox" class="form-control" name="age5" value="5">5</label><br>

                <label><input type="checkbox" class="form-control" name="age6" value="6">6</label><br>

                <label><input type="checkbox" class="form-control" name="age7" value="7">7</label><br>

                <label><input type="checkbox" class="form-control" name="age8" value="8">8</label><br>

                <label><input type="checkbox" class="form-control" name="age9" value="9">9</label><br>

                <label><input type="checkbox" class="form-control" name="age10" value="10">10</label><br>

                <label><input type="checkbox" class="form-control" name="age11" value="11">11</label><br>

                <label><input type="checkbox" class="form-control" name="age12" value="12">12</label><br>

                <label><input type="checkbox" class="form-control" name="age13" value="13">13</label><br>

                <label><input type="checkbox" class="form-control" name="age14" value="14">14</label><br>

                <label><input type="checkbox" class="form-control" name="age15" value="15">15</label><br>

                <label><input type="checkbox" class="form-control" name="age16" value="16">16</label><br>

                <label><input type="checkbox" class="form-control" name="age17" value="17">17</label><br>



            </div>

            </div>

            <div class="form-group">

                <label class="col-md-2" required>Grade/Belt:</label>

                <div class="col-md-10">



                <label><input type="checkbox" class="form-control" name="beltB" value="Beginner">Beginner</label><br>

                <label><input type="checkbox" class="form-control" name="belt9" value="9th Kyu White Belt">9th Kyu White Belt</label><br>

                <label><input type="checkbox" class="form-control" name="belt8" value="8th Kyu Yellow Belt">8th Kyu Yellow Belt</label><br>

                <label><input type="checkbox" class="form-control" name="belt7" value="7th Kyu Orange Belt">7th Kyu Orange Belt</label><br>

                <label><input type="checkbox" class="form-control" name="belt6" value="6th Kyu Green Belt">6th Kyu Green Belt</label><br>

                <label><input type="checkbox" class="form-control" name="belt5" value="5th Kyu Blue Belt">5th Kyu Blue Belt</label><br>

                <label><input type="checkbox" class="form-control" name="belt4" value="4th Kyu Purple Belt">4th Kyu Purple Belt</label><br>

                <label><input type="checkbox" class="form-control" name="belt3" value="3rd Kyu Brown Belt">3rd Kyu Brown Belt</label><br>

                <label><input type="checkbox" class="form-control" name="belt2" value="2nd Kyu Brown Belt">2nd Kyu Brown Belt</label><br>

                <label><input type="checkbox" class="form-control" name="belt1" value="1st Kyu Brown Belt">1st Kyu Brown Belt</label><br>

                <label><input type="checkbox" class="form-control" name="belt1BB" value="1st Dan Black Belt">1st Dan Black Belt</label><br>

                <label><input type="checkbox" class="form-control" name="belt2BB" value="2nd Dan Black Belt">2nd Dan Black Belt</label><br>



                </div>

            </div>

                <div class="form-group">

                    <label class="col-md-2" for="" require>Event:</label>

                    <div class="col-md-10">

                            <label><input type="radio" class="form-control" name="beginnerroutine" value="beginnerroutine">Beginner Routine</label><br>

                            <label><input type="radio" class="form-control" name="kata" value="kata">Kata</label><br>

                            <label><input type="radio" class="form-control" name="kumite" value="kumite">Kumite</label><br>

                            <label><input type="radio" class="form-control" name="openkumite" value="openkumite">Open Kumite</label>

                    </div>

                </div>
                <input type="submit" name="Submit" value="Submit">
            </form>

competitorFilterResults2.php

           <table id="myTable">
                <tr class="header">
                    <th style="width:25%;">Last Name/First Name</td>                       
                    <th style="width:25%;">Age</td>                                              
                    <th style="width:25%;">Grade</td>
                    <th style="width:25%;">Club</td>
                </tr>

           <?php               
               $mysqli = new mysqli("localhost", "afmaclub_admin", "EliteYouth2018", "afmaclub_Competitors");


                if ($mysqli->connect_errno) {
                    printf("Connect failed: %s\n", $mysqli->connect_error);
                    exit();
                }



                /*Create table doesn't return a resultset*/ 
                if ($mysqli->query("CREATE TEMPORARY TABLE afmaclub_Competitors LIKE AFMAClubCompetition") === TRUE) {
                    printf("Table Competitors successfully created.\n");
                }

                $male = $_POST['male'];
                $female = $_POST['female'];
                $beginnerroutine = $_POST['beginnerroutine'];
                $kata = $_POST['kata'];
                $kumite = $_POST['kumite'];
                $openkumite = $_POST['openkumite'];
                $age4 = $_POST['age4'];
                $age5 = $_POST['age5'];
                $age6 = $_POST['age6'];
                $age7 = $_POST['age7'];
                $age8 = $_POST['age8'];
                $age9 = $_POST['age9'];
                $age10 = $_POST['age10'];
                $age11 = $_POST['age11'];
                $age12 = $_POST['age12'];
                $age13 = $_POST['age13'];
                $age14 = $_POST['age14'];
                $age15 = $_POST['age15'];
                $age16 = $_POST['age16'];
                $age17 = $_POST['age17'];
                $beltB = $_POST['beltB'];
                $belt9 = $_POST['belt9'];
                $belt8 = $_POST['belt8'];
                $belt7 = $_POST['belt7'];
                $belt6 = $_POST['belt6'];
                $belt5 = $_POST['belt5'];
                $belt4 = $_POST['belt4'];
                $belt3 = $_POST['belt3'];
                $belt2 = $_POST['belt2'];
                $belt1 = $_POST['belt1'];
                $belt1BB = $_POST['belt1BB'];
                $belt2BB = $_POST['belt2BB'];

                $sql = "
SELECT firstname
     , lastname
     , age
     , belt
     , club 
  FROM AFMAClubCompetition 
 WHERE (male = '".$male."' OR female = '".$female."') 
   AND (beginnerroutine = '".$beginnerroutine."' OR kata = '".$kata."' OR kumite = '".$kumite."' OR openkumite = '".$openkumite."') 
   AND (age = $age4, $age5, $age6, $age6, $age7, $age8, $age9, $age10, $age11, $age12, $age13, $age14, $age15, $age16, $age17) 
   AND (belt = $beltB, $belt9, $belt8, $belt7, $belt6, $belt5, $belt4, $belt3, $belt2, $belt1, $belt1BB, $belt2BB)
";                 

        return $sql;

                $results = $mysqli->query($sql);
                while($row = mysqli_fetch_array($results)) {

            ?>
                    <tr>
                        <td><?php echo $row['lastname']?> <?php echo $row['firstname']?></td>
                        <td><?php echo $row['age']?></td>
                        <td><?php echo $row['belt']?></td>
                        <td><?php echo $row['club']?></td>
                    </tr>

                <?php
                }

                mysqli_close($results);

                ?>
             </table>

1 个答案:

答案 0 :(得分:0)

$results = $mysqli->query($sql);
           echo("<table>");
            while($row = mysqli_fetch_array($results)) {

      echo "
                <tr>
                    <td>".echo $row['lastname']." ".echo $row['firstname']."</td>
                    <td>".echo $row['age']."</td>
                    <td>".echo $row['belt']."</td>
                    <td>".echo $row['club']."</td>
                </tr>";


            }

            echo("</table>");

您可以通过使用此方法表行自动生成

来使用此方法