所以我不是那种在编程方面经验丰富的人,我正在开发一些php。
我的查询(不包括我破坏的if-else语句> _>),但是当我提交1个查询(例如query2)时,它可以打印结果,以及另一个查询7的结果。我怎么能阻止它?
此外,如果有人知道我在第一个查询和查询6的if-else语句中失败了,我会感激一些见解(他们都使用html提交按钮)
谢谢!
这是我的问题php代码:
$lastName = $_POST['lastName'];
if ($_Post['lastName'] = "") {
$query = "SELECT c.*, s.speaker_year FROM Contact c, Speakers s WHERE s.Contact_con_id = c.con_id ";
} Else {
$query = "SELECT c.*, s.speaker_year FROM Contact c, Speakers s WHERE s.Contact_con_id = c.con_id
AND con_lname = ";
}
$query = $query . "'" . $lastName . "' ORDER BY con_lname;";
$rgroups = $_POST['rgroups'];
if ($_Post['rgroups'] = "") {
$query6 = "SELECT r.rev_groups_id, c.con_fname, c.con_lname, con_phone, rev_groups_pass, count(p.proposal_id)
FROM Review_Groups r JOIN Proposal p on r.rev_groups_id = p.Review_Groups_rev_groups_id
JOIN Presents px on px.Proposal_proposal_id = p.proposal_id
JOIN Contact c on px.Speakers_Contact_con_id = c.con_id
JOIN Reviewer rw on rw.Review_Groups_rev_groups_id = r.rev_groups_id
WHERE rw.reviewer_type = 'local'
AND r.rev_groups_id = ";
$query6 = $query6 . "'" . $rgroups . "' Group BY r.rev_groups_id;";}
Else {
$query6 = "SELECT r.rev_groups_id, c.con_fname, c.con_lname, con_phone, rev_groups_pass, count(p.proposal_id)
FROM Review_Groups r JOIN Proposal p on r.rev_groups_id = p.Review_Groups_rev_groups_id
JOIN Presents px on px.Proposal_proposal_id = p.proposal_id
JOIN Contact c on px.Speakers_Contact_con_id = c.con_id
JOIN Reviewer rw on rw.Review_Groups_rev_groups_id = r.rev_groups_id
WHERE rw.reviewer_type = 'local'
AND r.rev_groups_id = ";
$query6 = $query6 . "'" . $rgroups . "' ";}
$check = $_POST['check'];
$query7 = "Select c.con_fname, c.con_lname, s.Contact_con_id,
IF(s.Contact_con_id IS NULL, 'NO', 'YES')
From Contact c Left Join (Select Contact_con_id FROM Speakers
WHERE speaker_year = '". $check . "') As s
ON c.con_id = s.Contact_con_id";
$query7 = $query7 . " ORDER BY c.con_fname;";
(this is the code that prints on every result)
$average = $_POST['average'];
$query5 = "SELECT c.con_fname, r.Reviewer_Contact_con_id, question_id, AVG( DISTINCT question_score)
FROM Contact c, Individual_Review r
WHERE r.Reviewer_Contact_con_id = c.con_id
AND con_fname = ";
$query5 = $query5 . "'" . $average . "' GROUP BY r.Proposal_proposal_id;";
(example of working code. you can put in George next to con_fname to get a result)
答案 0 :(得分:1)
// 1. Format your code with indents, etc.
// 2. Comment your code
// 3. Don't pass $_POST data straight to your sql.
// 4. Variables are case sensitive, including POST
$lastName = $_POST['lastName'];
if ($lastName = "") {
$query = "SELECT c.*, s.speaker_year FROM Contact c, Speakers s WHERE
s.Contact_con_id = c.con_id ";
}else{
$query = "SELECT c.*, s.speaker_year FROM Contact c, Speakers s WHERE
s.Contact_con_id = c.con_id
AND con_lname = ";
}
$query = $query . "'" . $lastName . "' ORDER BY con_lname;";
// if you did the first if, then this broke.
// Use:
// echo $query;
// to see what you have so far.
$query = "SELECT c.*, s.speaker_year FROM Contact c, Speakers s WHERE
s.Contact_con_id = c.con_id
AND con_lname = '".$lastName."' ORDER BY con_lname";
$rgroups = $_POST['rgroups'];
// you can go like $query .=
// you don't have to do $query = $query;
// so all of this could be:
$query6 = "SELECT r.rev_groups_id, c.con_fname, c.con_lname, con_phone, rev_groups_pass, count(p.proposal_id)
FROM Review_Groups r JOIN Proposal p on r.rev_groups_id = p.Review_Groups_rev_groups_id
JOIN Presents px on px.Proposal_proposal_id = p.proposal_id
JOIN Contact c on px.Speakers_Contact_con_id = c.con_id
JOIN Reviewer rw on rw.Review_Groups_rev_groups_id = r.rev_groups_id
WHERE rw.reviewer_type = 'local' ";
if ($_Post['rgroups'] = "") {
$query6 .= " AND r.rev_groups_id = '" . $rgroups . "' Group BY r.rev_groups_id;";
}else{
$query6 = "SELECT r.rev_groups_id, c.con_fname, c.con_lname, con_phone, rev_groups_pass, count(p.proposal_id)
FROM Review_Groups r JOIN Proposal p on r.rev_groups_id = p.Review_Groups_rev_groups_id
JOIN Presents px on px.Proposal_proposal_id = p.proposal_id
JOIN Contact c on px.Speakers_Contact_con_id = c.con_id
JOIN Reviewer rw on rw.Review_Groups_rev_groups_id = r.rev_groups_id
WHERE rw.reviewer_type = 'local'
AND r.rev_groups_id = '" . $rgroups . "' ";
}
$check = $_POST['check'];
答案 1 :(得分:0)
您可以在某些if条件中添加$ query7以避免
答案 2 :(得分:0)
注意:我只处理您的PHP结构。我根本没有看过你的SQL语法。但是我给了你工具来看看SQL是否正在返回你认为应该返回的内容。
<?PHP
// here are some functions for ya
function sqlarr($sql, $numass=MYSQL_BOTH) {
// MYSQL_NUM MYSQL_ASSOC MYSQL_BOTH
$got = array();
$result=mysql_query($sql) or die("$sql: " . mysql_error());
if(mysql_num_rows($result) == 0)
return $got;
mysql_data_seek($result, 0);
while ($row = mysql_fetch_array($result, $numass)) {
array_push($got, $row);
}
return $got;
}
// Sql fetch assoc
function sqlassoc($sql){
$query = mysql_query($sql) or die("$sql:". mysql_error());
$row = mysql_fetch_assoc($query);
return $row;
}
function sqlrow($sql){
$query = mysql_query($sql) or die("$sql:". mysql_error());
$row = mysql_fetch_row($query);
return $row;
}
function sqlquery($sql){
$query = mysql_query($sql) or die("$sql:". mysql_error());
return $row;
}
function printr( array $array, $label = '' ){
echo '<pre>'.$label;
print_r( $array );
echo '</pre>';
}
// This isn't the best, but it's better than nothing
// use PDO when you get more advanced
function makeSomewhatSafe($str){
return htmlspecialchars(stripslashes(strip_tags($str, '<p>')), ENT_QUOTES);
}
// good practice: initiate any variables you use at the beginning
// we're going to go ahead and strip them here too to try to avoid sql injection
$rgroups = makeSomewhatSafe($_POST['rgroups'] );
$lastName = makeSomewhatSafe( $_POST['lastName'] );
$query = NULL;
$speakerContactResulst = array();
$check = makeSomewhatSafe( $_POST['check'] );
$average = makeSomewhatSafe($_POST['average']);
// if($_Post['lastName'] = "") {
// we're going to see if it has a value
// another way to do this if your empty isn't working is to do
// if( strlen( $lastName ) > 0 ){
if( empty( $lastName ) ){
$query = "SELECT c.*, s.speaker_year FROM Contact c, Speakers s WHERE s.Contact_con_id = c.con_id ";
}else{
$query = "SELECT c.*, s.speaker_year FROM Contact c, Speakers s WHERE s.Contact_con_id = c.con_id
AND con_lname = ";
}
$query .= "'" . $lastName . "' ORDER BY con_lname";
echo 'This query states: '.$query.' <br /><br />';
$speakerContactResulst = sqlarr( $query );
printr( $speakerContactResulst, 'speakerContactResulst ');
if ( ! empty( $rgroups ) ){
$query = "SELECT r.rev_groups_id, c.con_fname, c.con_lname, con_phone, rev_groups_pass, count(p.proposal_id)
FROM Review_Groups r JOIN Proposal p on r.rev_groups_id = p.Review_Groups_rev_groups_id
JOIN Presents px on px.Proposal_proposal_id = p.proposal_id
JOIN Contact c on px.Speakers_Contact_con_id = c.con_id
JOIN Reviewer rw on rw.Review_Groups_rev_groups_id = r.rev_groups_id
WHERE rw.reviewer_type = 'local'
AND r.rev_groups_id = '" . $rgroups . "' Group BY r.rev_groups_id;";
}else{
// I dont know if you matters, but keep your else's more compact. Don't do like you had with the else on a new line
// str'; }
// else {
$query = "SELECT r.rev_groups_id, c.con_fname, c.con_lname, con_phone, rev_groups_pass, count(p.proposal_id)
FROM Review_Groups r JOIN Proposal p on r.rev_groups_id = p.Review_Groups_rev_groups_id
JOIN Presents px on px.Proposal_proposal_id = p.proposal_id
JOIN Contact c on px.Speakers_Contact_con_id = c.con_id
JOIN Reviewer rw on rw.Review_Groups_rev_groups_id = r.rev_groups_id
WHERE rw.reviewer_type = 'local'
AND r.rev_groups_id = '" . $rgroups . "' ";
}
$groupResults = sqlarr( $query );
printr( $groupResults, 'groupResults' );
$query = "Select c.con_fname, c.con_lname, s.Contact_con_id,
IF(s.Contact_con_id IS NULL, 'NO', 'YES')
From Contact c Left Join (Select Contact_con_id FROM Speakers
WHERE speaker_year = '". $check . "') As s
ON c.con_id = s.Contact_con_id ORDER BY c.con_fname;";
$checkResults = sqlarr( $query );
$query = "SELECT c.con_fname, r.Reviewer_Contact_con_id, question_id, AVG( DISTINCT question_score)
FROM Contact c, Individual_Review r
WHERE r.Reviewer_Contact_con_id = c.con_id
AND con_fname = '" . $average . "' GROUP BY r.Proposal_proposal_id;";
$averageResults = sqlarr( $query );
?>