如何从php表单中搜索多个输入?

时间:2018-08-04 16:34:07

标签: php html sql forms multiple-input

我有一个PHP程序,允许用户根据输入或输入组合在SQL表中进行搜索。我可以进行单个搜索组合,但无法找到一种根据任何条件进行搜索的方法。到目前为止,我得到的结果很糟糕,因为我正在尝试按每种可能的输入进行搜索(并且不起作用)。这就是我到目前为止所得到的。

<?php

include_once("config.php");

if(isset($_POST['submit'])){

$name = mysqli_real_escape_string($mysqli, $_POST['name']);

$day = mysqli_real_escape_string($mysqli, $_POST['day']);

$month = mysqli_real_escape_string($mysqli, $_POST['month']);

$year = mysqli_real_escape_string($mysqli, $_POST['year']);


// 1 2 3 4

if( !empty($name) && !empty($day) && !empty($month) && !empty($year) ) {
   $sql = mysqli_query($mysqli, "SELECT * 
                                FROM transfer 
                                WHERE name like '%$name%' 
                                and day LIKE '%$day%' 
                                AND month LIKE '%$month%' 
                                AND year LIKE '%$year%'");
} else if (!empty($name) && !empty($day) && !empty($month) ) {

    $sql = mysqli_query($mysqli, "SELECT * 
                                    FROM transfer 
                                    WHERE name like '%$name%' 
                                    and day LIKE '%$day%' 
                                    AND month LIKE '%$month%'");
 } else if (!empty($day) && !empty($month) && !empty($year) ) {

    $sql = mysqli_query($mysqli, "SELECT * 
                                    FROM transfer 
                                    WHERE day LIKE '%$day%' 
                                    AND month LIKE '%$month%' 
                                    AND year LIKE '%$year%'");
} else if (!empty($name && !empty($day) ) {   
    $sql = mysqli_query($mysqli, "SELECT * FROM transfer 
                                    WHERE name like '%$name%' and 
                                    day LIKE '%$day%'");
}

//1 3

else if (!empty($name) && !empty($month) )

{

$sql = mysqli_query($mysqli, "SELECT * FROM transfer WHERE name like '%$name%' and month LIKE '%$month%'");

} 

//1 4

else if (!empty($name) && !empty($year) )

{

$sql = mysqli_query($mysqli, "SELECT * FROM transfer WHERE name like '%$name%' and year LIKE '%$year%'");

}

//2 3

else if (!empty($day) && !empty($month) )

{

$sql = mysqli_query($mysqli, "SELECT * FROM transfer WHERE day like '%$day%' and month LIKE '%$month%'");

}

//2 3

else if (!empty($day) && !empty($month) )

{

$sql = mysqli_query($mysqli, "SELECT * FROM transfer WHERE day like '%$day%' and month LIKE '%$month%'");

}

//2 4

else if (!empty($day) && !empty($year))

{

$sql = mysqli_query($mysqli, "SELECT * FROM transfer WHERE day like '%$day%' and year LIKE '%$year%'");

}

//3 4

else if (!empty($month) && !empty($year))

{

$sql = mysqli_query($mysqli, "SELECT * FROM transfer WHERE month like '%$month%' and year LIKE '%$year%'");

}

//1

else if (!empty($name))

{

$sql = mysqli_query($mysqli, "SELECT * FROM transfer WHERE name like '%$name%'");

}

//2

else if (!empty($day))

{

$sql = mysqli_query($mysqli, "SELECT * FROM transfer WHERE day like '%$day%'");

}

//3

else if (!empty($month))

{

$sql = mysqli_query($mysqli, "SELECT * FROM transfer WHERE month like '%$month%'");

}

//4

else if(!empty($year))

{

$sql = mysqli_query($mysqli, "SELECT * FROM transfer WHERE year like '%$year%'");

}

else

{

echo "<p>you must insert an input</p>";

}


//while loop used to retrieve data from the SQL database

while ($res = mysqli_fetch_array($sql))

{       

echo "<tr>";

echo "<td>".$res['name']."</td>";

echo "<td>".$res['confirmation']."</td>";

echo "<td>".$res['code']."</td>";

echo "<td>".$res['hora']." ".$res['horario']."</td>";

echo "<td>".$res['day']."/".$res['month']."/".$res['year']."</td>";

echo "<td>".$res['extra']."</td>";

echo "</tr>";                                               

}

}

?>

</table>

1 个答案:

答案 0 :(得分:1)

(注意:据说使用准备好的语句是正确的-但是我还是不想给出复制粘贴的答案,所以这里仅是一个有关如何实现结果的示例-使用准备好的语句语句。它的工作原理相同,只是要使用占位符创建查询并提供不为空的变量)

您可以以更“动态”的方式创建查询。这有点棘手,如果需要加入,它将变得非常“具有挑战性”-但是您真正想要的是结束一个包含所有约束的单个查询。

首先,您应该定义:您的 Searchfields 是“ and”还是“ or”字段?

如果是“ and”,则实现起来非常简单-像这样:

$query = "SELECT * FROM transfer";

$andParts = array();

if(!empty($name))
    $andParts[] = "name = '$name'";

if(!empty($day))
    $andParts[] = "day = $day";

if (!empty($month))
    $andParts[] = "month = $month";

if (!empty($year))
    $andParts[] = "year = $year";

if (!empty($andParts))
   $query .= " WHERE ".implode(" AND " , $andParts);

$sql->Query($query);

如果还涉及“或”,则需要另一个数组$orParts,在该数组中首先将所有“或”连接起来,最后将该数组粘在一起形成最终的“与”。

如果条件可以匹配“联接”表中的列,则需要跟踪该表,以便知道,您需要使用“选择”表。

如果您对每个“搜索字段”都有非常复杂的查询(即每个搜索字段的结果是多个联接的结果等),则可以仅查询每个搜索字段的ID,然后将结果相交并检索与所有ID匹配的ID准则:

   $result1 = $sql->Query("SELECT id FROM transfer left join .... ");
   // array(1,2,3,5,7,10,15,19,27)

   $result2 = $sql->Query("SELECT id FROM transfer right join .... ");
   // array(2,3,10,15,19,27,43,123)

   $result3 = $sql->Query("SELECT id FROM transfer inner join .... ");
   // array(2,10,15,27,43,711)

   $ids = array_intersect($result1, $result2, $result3);
   // array(2,10,15,27)

   $finalResult = $sql->Query("SELECT * FROM transfer WHERE id in (".implode(",", $ids).");");
相关问题
最新问题