下拉框代码:
<select name="name">
<option value="">--</option>
<?php
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." GROUP BY full_name ORDER BY full_name";
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
while ($row = mysql_fetch_assoc($sql_result)) {
echo "<option value='".$row["full_name"]."'".($row["full_name"]==$_REQUEST["full_name"] ? " selected" : "").">".$row["full_name"]." </option>";
}
?>
</select>
<label>City</label>
<select name="city">
<option value="">--</option>
<?php
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." GROUP BY city ORDER BY city";
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
while ($row = mysql_fetch_assoc($sql_result)) {
echo "<option value='".$row["city"]."'".($row["city"]==$_REQUEST["city"] ? " selected" : "").">".$row["city"]."</option>";
}
?>
</select>
选择行代码:
<?php
if ($_REQUEST["city"]<>'') {
$search_city = " WHERE city='".mysql_real_escape_string($_REQUEST["city"])."'";
}
if ($_REQUEST["full_name"]<>'') {
$search_full_name = " AND full_name='".mysql_real_escape_string($_REQUEST["full_name"])."'";
}
if ($_REQUEST["from"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"].$search_string.$search_city.$search_full_name;
} else if ($_REQUEST["to"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"].$search_string.$search_city.$search_full_name;
} else {
$sql = "SELECT * FROM ".$SETTINGS["data_table"].$search_string.$search_city.$search_full_name;
}
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
if (mysql_num_rows($sql_result)>0) {
while ($row = mysql_fetch_assoc($sql_result)) {
?>
答案 0 :(得分:0)
看起来你只需要附加字符串
$search_city = '';
$search_full_name = '';
if ($_REQUEST["city"]<>'') {
$search_city = " AND city='".mysql_real_escape_string($_REQUEST["city"])."'";
}
if ($_REQUEST["full_name"]<>'') {
$search_full_name = " AND full_name='".mysql_real_escape_string($_REQUEST["full_name"])."'";
}
if ($_REQUEST["from"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE from_date >= '".mysql_real_escape_string($_REQUEST["from"])."'".$search_string.$search_city.$search_full_name;
} else if ($_REQUEST["to"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE to_date <= '".mysql_real_escape_string($_REQUEST["to"])."'".$search_string.$search_city.$search_full_name;
} else {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE id>0".$search_string.$search_city.$search_full_name;
}
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
if (mysql_num_rows($sql_result)>0) {
while ($row = mysql_fetch_assoc($sql_result)) {
答案 1 :(得分:0)
您可以使用数组为查询动态添加条件。像 -
这样的东西$criteria = array();
if ($_REQUEST['city'] <> '') {
$criteria['city'] = $_REQUEST['city'];
}
if ($_REQUEST['full_name'] <> '') {
$criteria['full_name'] = $_REQUEST['full_name'];
}
if ($_REQUEST['from'] <> '') {
$criteria['from_date'] = array($_REQUEST['from'], '>=');
}
if ($_REQUEST["to"]<>'') {
$criteria['to_date'] = array($_REQUEST['to'], '<=');
}
$sql = "SELECT * FROM $SETTINGS['data_table'] WHERE id > 0";
foreach ($criteria as $field => $filter) {
$comparator = is_array($filter) ? $filter[1] : '=';
$value = mysql_real_escape_string(is_array($filter) ? $filter[0] : $filter);
$sql .= " AND $field $comparator '$value'";
}
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
if (mysql_num_rows($sql_result)>0) {
while ($row = mysql_fetch_assoc($sql_result)) {
答案 2 :(得分:0)
使用此代码:
<?php
// only process if the request is POST
if (!empty($_POST)) {
// prepare the base select
$sql = 'SELECT *
FROM ' . $SETTINGS['data_table'];
// list of where conditions
$where = array();
// map of POST => DB fields
$maps = array(
'from' => 'from_date',
'to' => 'to_date',
'city' => 'city',
'full_name' => 'full_name',
);
// process all possible POST fields
foreach ($maps as $postName => $fieldName) {
if (!empty($_POST[$postName])) {
$where[] = sprintf('? = "?"', $fieldName, mysql_real_escape_string($_POST[$postName]));
}
}
// append the WHERE statement if required
if (!empty($where)) {
$sql .= ' WHERE ' . join(' AND ', $where);
}
// execute and process the query
$qry = mysql_query($sql, $connection);
if ($qry === false) {
throw new Exception(mysql_error(), mysql_errno());
}
while ($row = mysql_fetch_assoc($qry)) {
// process the row
}
}
答案 3 :(得分:0)
终于搞定了!我用过这个:
$whereClauses = array();
if (! empty($_POST['full_name'])) $whereClauses[] ="full_name='".mysql_real_escape_string($_POST['full_name'])."'";
if (! empty($_POST['city'])) $whereClauses[] ="city='".mysql_real_escape_string($_POST['city'])."'";
$where = '';
if (count($whereClauses) > 0) { $where = ' WHERE '.implode(' AND ',$whereClauses); }
$sql = mysql_query("SELECT * FROM data".$where);
我尝试在另一个帖子中使用它放弃并以这种方式启动它,放弃了这种方式并回到第一种方式并使其正常工作。