多个下拉查询过滤器

时间:2012-03-23 20:01:13

标签: php mysql drop-down-menu

编辑:我在原始代码中发现了一个很大的缺陷。对于我的选择,我使用相同的变量名称“full_name”和“city”(复制和粘贴错误)。但我仍然不确定如何输入select语句以根据下拉菜单选择行。我在下面发布了我的代码的两部分。有任何想法吗?谢谢!

下拉框代码:

<select name="name">
<option value="">--</option>
<?php
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." GROUP BY full_name ORDER BY full_name";
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
while ($row = mysql_fetch_assoc($sql_result)) {
    echo "<option value='".$row["full_name"]."'".($row["full_name"]==$_REQUEST["full_name"] ? " selected" : "").">".$row["full_name"]."    </option>";
}
?>
</select>&nbsp;&nbsp;
<label>City</label>
<select name="city">
<option value="">--</option>
<?php
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." GROUP BY city ORDER BY city";
$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
while ($row = mysql_fetch_assoc($sql_result)) {
    echo "<option value='".$row["city"]."'".($row["city"]==$_REQUEST["city"] ? " selected" : "").">".$row["city"]."</option>";
}
?>
</select>

选择行代码:

<?php

if ($_REQUEST["city"]<>'') {
$search_city = " WHERE city='".mysql_real_escape_string($_REQUEST["city"])."'"; 
}
if ($_REQUEST["full_name"]<>'') {
$search_full_name = " AND  full_name='".mysql_real_escape_string($_REQUEST["full_name"])."'";   
}

if ($_REQUEST["from"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"].$search_string.$search_city.$search_full_name;
} else if ($_REQUEST["to"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"].$search_string.$search_city.$search_full_name;
} else {
$sql = "SELECT * FROM ".$SETTINGS["data_table"].$search_string.$search_city.$search_full_name;
}

$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
if (mysql_num_rows($sql_result)>0) {
while ($row = mysql_fetch_assoc($sql_result)) {
?>

4 个答案:

答案 0 :(得分:0)

看起来你只需要附加字符串

$search_city = '';
$search_full_name = '';

if ($_REQUEST["city"]<>'') {
$search_city = " AND city='".mysql_real_escape_string($_REQUEST["city"])."'";   
}
if ($_REQUEST["full_name"]<>'') {
$search_full_name = " AND full_name='".mysql_real_escape_string($_REQUEST["full_name"])."'";    
}

if ($_REQUEST["from"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE from_date >= '".mysql_real_escape_string($_REQUEST["from"])."'".$search_string.$search_city.$search_full_name;
} else if ($_REQUEST["to"]<>'') {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE to_date <= '".mysql_real_escape_string($_REQUEST["to"])."'".$search_string.$search_city.$search_full_name;
} else {
$sql = "SELECT * FROM ".$SETTINGS["data_table"]." WHERE id>0".$search_string.$search_city.$search_full_name;
}

$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
if (mysql_num_rows($sql_result)>0) {
while ($row = mysql_fetch_assoc($sql_result)) {

答案 1 :(得分:0)

您可以使用数组为查询动态添加条件。像 -

这样的东西
$criteria = array();

if ($_REQUEST['city'] <> '') {
    $criteria['city'] = $_REQUEST['city'];
}

if ($_REQUEST['full_name'] <> '') {
    $criteria['full_name'] = $_REQUEST['full_name'];
}

if ($_REQUEST['from'] <> '') {
    $criteria['from_date'] = array($_REQUEST['from'], '>=');
}

if ($_REQUEST["to"]<>'') {
    $criteria['to_date'] = array($_REQUEST['to'], '<=');
}

$sql = "SELECT * FROM $SETTINGS['data_table'] WHERE id > 0";

foreach ($criteria as $field => $filter) {

    $comparator = is_array($filter) ? $filter[1] : '=';
    $value = mysql_real_escape_string(is_array($filter) ? $filter[0] : $filter);
    $sql .= " AND $field $comparator '$value'";

}

$sql_result = mysql_query ($sql, $connection ) or die ('request "Could not execute SQL query" '.$sql);
if (mysql_num_rows($sql_result)>0) {
    while ($row = mysql_fetch_assoc($sql_result)) {

答案 2 :(得分:0)

使用此代码:

<?php

// only process if the request is POST
if (!empty($_POST)) {
    // prepare the base select
    $sql = 'SELECT *
            FROM ' . $SETTINGS['data_table'];

    // list of where conditions
    $where = array();

    // map of POST => DB fields
    $maps = array(
        'from'      => 'from_date',
        'to'        => 'to_date',
        'city'      => 'city',
        'full_name' => 'full_name',
    );

    // process all possible POST fields
    foreach ($maps as $postName => $fieldName) {
        if (!empty($_POST[$postName])) {
            $where[] = sprintf('? = "?"', $fieldName, mysql_real_escape_string($_POST[$postName]));
        }
    }

    // append the WHERE statement if required
    if (!empty($where)) {
        $sql .= ' WHERE ' . join(' AND ', $where);
    }

    // execute and process the query
    $qry = mysql_query($sql, $connection);
    if ($qry === false) {
        throw new Exception(mysql_error(), mysql_errno());
    }

    while ($row = mysql_fetch_assoc($qry)) {
        // process the row
    }
}

答案 3 :(得分:0)

终于搞定了!我用过这个:

$whereClauses = array();
if (! empty($_POST['full_name'])) $whereClauses[] ="full_name='".mysql_real_escape_string($_POST['full_name'])."'";
if (! empty($_POST['city'])) $whereClauses[] ="city='".mysql_real_escape_string($_POST['city'])."'";
$where = '';
if (count($whereClauses) > 0) { $where = ' WHERE '.implode(' AND ',$whereClauses); }
$sql = mysql_query("SELECT * FROM data".$where); 

我尝试在另一个帖子中使用它放弃并以这种方式启动它,放弃了这种方式并回到第一种方式并使其正常工作。