使用order by子句和switch语句尝试根据从下拉菜单中选择的值来排序表

时间:2011-10-14 08:56:02

标签: php mysql drop-down-menu sql-order-by switch-statement

我想使用下拉列表来排序查询结果。无论在下拉列表中选择何种选项,查询都将按所选选项的升序排序。我几乎在那里,但问题是,无论我从下拉菜单中选择哪种运动,它都只按会话ID对表格进行排序。如何使其他下拉值生效,以便在选择它们时,根据所选值对表进行排序。请仔细查看查询中的表单,switchstatment和ORDER BY子句,请帮助我解决这个问题。

以下是代码:

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title>Exam Interface</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>

<form action="exam_interface.php" method="post" name="sessionform">        <!-- This will post the form to its own page"-->
<p>Session ID: <input type="text" name="sessionid" /></p>      <!-- Enter Session Id here-->
<p>Module Number: <input type="text" name="moduleid" /></p>      <!-- Enter Module Id here-->
<p>Teacher Username: <input type="text" name="teacherid" /></p>      <!-- Enter Teacher here-->
<p>Student Username: <input type="text" name="studentid" /></p>      <!-- Enter User Id here-->
<p>Grade: <input type="text" name="grade" /></p>      <!-- Enter Grade here-->
<p>Order Results By: <select name="order">
<option value="noorder">Don't Order Results</option>
<option value="ordersessionid">Session ID</option>
<option value="ordermoduleid">Module Number</option>
<option value="orderteacherid">Teacher Username</option>
<option value="orderstudentid">Student Username</option>
<option value="ordergrade">Grade</option>
</select>
<p><input type="submit" value="Submit" /></p>
</form>

<?php

$username="xxx";
$password="xxx";
$database="mobile_app";

mysql_connect('localhost',$username,$password);

@mysql_select_db($database) or die("Unable to select database");

$sessionid = isset ($_POST['sessionid']) ? $_POST['sessionid'] : "";
$moduleid = isset ($_POST['moduleid']) ? $_POST['moduleid'] : "";
$teacherid = isset ($_POST['teacherid']) ? $_POST['teacherid'] : "";
$studentid = isset ($_POST['studentid']) ? $_POST['studentid'] : "";
$grade = isset ($_POST['grade']) ? $_POST['grade'] : "";
$orderfield = isset ($_POST['order']) ? $_POST['order'] : 'default order field';

$sessionid = mysql_real_escape_string($sessionid);
$moduleid = mysql_real_escape_string($moduleid);
$teacherid = mysql_real_escape_string($teacherid);
$studentid = mysql_real_escape_string($studentid);
$grade = mysql_real_escape_string($grade);

$_POST['ordersessionid'] = 'gr.SessionId';

$orderfield = isset ($_POST['order']);
switch ($orderfield) {
    case 'ordersessionid': $orderfield = 'gr.SessionId';
    break;
    case 'ordermoduleid': $orderfield = 'm.ModuleId'; 
    break;
    case 'orderteacherid': $orderfield = 's.TeacherId';
    break;
    case 'orderstudentid': $orderfield = 'gr.StudentId'; 
    break;
    case 'ordergrade': $orderfield = 'gr.Grade';
    break;
}

echo $orderfield;

$result = mysql_query("SELECT * FROM Module m INNER JOIN Session s ON m.ModuleId = s.ModuleId JOIN Grade_Report gr ON s.SessionId = gr.SessionId JOIN Student st ON gr.StudentId = st.StudentId WHERE ('$sessionid' = '' OR gr.SessionId = '$sessionid') AND ('$moduleid' = '' OR m.ModuleId = '$moduleid') AND ('$teacherid' = '' OR s.TeacherId = '$teacherid') AND ('$studentid' = '' OR gr.StudentId = '$studentid') AND ('$grade' = '' OR gr.Grade = '$grade') ORDER BY {$orderfield} ASC");

$num=mysql_numrows($result);    

echo "<table border='1'>
<tr>
<th>Student Id</th>
<th>Forename</th>
<th>Session Id</th>
<th>Grade</th>
<th>Mark</th>
<th>Module</th>
<th>Teacher</th>
</tr>";

while ($row = mysql_fetch_array($result)){

 echo "<tr>";
  echo "<td>" . $row['StudentId'] . "</td>";
  echo "<td>" . $row['Forename'] . "</td>";
  echo "<td>" . $row['SessionId'] . "</td>";
  echo "<td>" . $row['Grade'] . "</td>";
  echo "<td>" . $row['Mark'] . "</td>";
  echo "<td>" . $row['ModuleName'] . "</td>";
  echo "<td>" . $row['TeacherId'] . "</td>";
  echo "</tr>";
}

echo "</table>";

mysql_close();


 ?>

</body>
</html>

非常感谢,请帮忙。

3 个答案:

答案 0 :(得分:0)

这是因为您将$orderfield定义为isset ($_POST['order'])isset()返回一个布尔值;它不返回其参数的值,即使实际定义了用作其参数的变量。如果您将该行更改为更像涉及isset()的其他行,则可以使其生效。

$orderfield = isset ($_POST['order']) ? $_POST['order'] : "";

为安全起见,我建议另外两个步骤:

  • 如果提交的default字段不是您的预期值之一,请在您的交换机中添加order个案
  • 在查询中使用一个不同的命名变量到用于包含POST值的变量,以确保您放入查询的内容只是您已经消毒或自己制作的内容。

答案 1 :(得分:0)

这一行是你的问题:

$orderfield = isset ($_POST['order']);

您正在设置要打开的变量,为true或false。

答案 2 :(得分:0)

由于你的代码只是你面临某种问题......:)

$orderfield = isset ($_POST['order']); // Replace this line with below code ;


$orderfield = "";
if(isset($_POST['order'])){

    $orderfield = $_POST['order'];
}

试试这个代码......我想你会解决问题。

感谢。

相关问题
最新问题