[英]How can I populate a 3rd column result on intersections of 1st and 2nd columns all from the same table that are selected by the user on dropdown?
I have a column vehicle_name and I would like 2 dropdown lists of my 2 other columns namely, vehicle_type and vehicle_color. 我有一个列vehicle_name,我想要2个其他列的下拉列表,即vehicle_type和vehicle_color。 When these 2 dropdown values are selected and submitted, I would like their intersection to print out the values from vehicle_name. 当选择并提交这两个下拉值时,我希望它们的交集打印出来自vehicle_name的值。 So far my code only generates a dropdown list for vehicle_type, I would need another dropdown for vehicle_colour. 到目前为止,我的代码只为vehicle_type生成一个下拉列表,我需要另一个vehicle_colour下拉列表。 Which on submissions populates the intersected values for the vehicle_name. 在提交时填充了vehicle_name的相交值。 How can I achieve this? 我怎样才能做到这一点?
<!DOCTYPE html>
<html>
<body>
<?php
echo "<br>";
echo "<br>";
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "mydb";
$db = new mysqli($servername, $username, $password, $dbname);
if (!$db) {
exit('Connect Error (' . mysqli_connect_errno() . ') '
. mysqli_connect_error());
}
?>
<br>
<div class="label">Select vehicle type:</div>
<select name="payment_method">
<option value = "">---Select---</option>
<?php
$queryusers = "SELECT DISTINCT vehicle_type FROM orders";
$db = mysqli_query($db, $queryusers);
while ($d=mysqli_fetch_assoc($db)) {
echo "<option value='{".$d['vehicle_type']."}'>".$d['vehicle_type']."</option>";
}
?>
</select>
<br>
<div class="label_for_time">Select color:</div>
<select name="vehicle_color">
<option value = "">---Select---</option>
<?php
$query_for_color = "SELECT DISTINCT vehicle_color FROM orders";
$db = mysqli_query($db, $query_for_date);
while ($a=mysqli_fetch_assoc($db)) {
echo "<option value='{".$a['vehicle_color']."}'>".$a['vehicle_color']."</option>";
}
?>
</select>
<br>
<br>
<button class="go-btn" type="submit">Go</button>
</body>
</html>
As I don't see any AJAX / client-side code in your above example I assume that this is a pure backend-side filtering you are performing. 由于我在上面的示例中没有看到任何AJAX /客户端代码,我认为这是您正在执行的纯后端端过滤。 Your code is currently missing parts of the required elements we would need but let's try to figure this out together: 您的代码目前缺少我们需要的部分元素,但让我们一起尝试解决这个问题:
1. Form around your inputs 1.围绕您的输入形成
Add a <form method="POST" target="path-to-your-script.php">
where "path-to-your-script.php" has to be changed to your PHP file name or rewritten URL path. 添加<form method="POST" target="path-to-your-script.php">
其中“path-to-your-script.php”必须更改为PHP文件名或重写的URL路径。 This has to be around the <select>
boxes. 这必须在<select>
框周围。
You may also use PHP_SELF
to set this automatically, this should work in most cases. 您也可以使用PHP_SELF
自动设置它,这在大多数情况下都适用。 I used html_entities($var)
to avoid any code injections via manipulated URL. 我使用html_entities($var)
来避免通过操纵的URL进行任何代码注入。
<form name="test" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">
2. Check for POST'ed variable 'vehicle_type' 2.检查POST变量'vehicle_type'
In your form, check if a search for available colors has been performed: 在表单中,检查是否已搜索可用颜色:
<?php
$query_for_color = "SELECT DISTINCT vehicle_color FROM orders";
// check if the form variable 'vehicle_type' is available; if so, filter entries.
if (isset($_POST['vehicle_type'])) {
$vType= filter_var($_POST['vehicle_type'], FILTER_SANITIZE_STRING);
$query_for_colors .= ' WHERE vehicle_type = \''.$vType.'\'';
}
$db = mysqli_query($db, $query_for_date);
while ($a=mysqli_fetch_assoc($db)) {
echo "<option value='{".$a['vehicle_color']."}'>".$a['vehicle_color']."</option>";
}
?>
Edit: 编辑:
As pointed out by one user in the comment, filter_var($var, FILTER_SANITIZE_STRING)
won't be enough to avoid potential SQL injections. 正如评论中的一个用户所指出的, filter_var($var, FILTER_SANITIZE_STRING)
不足以避免潜在的SQL注入。 This was just a recommendation and was not part of the question at all. 这只是一个建议,根本不是问题的一部分。 If you have to work with user data, do more than using filter_var(), instead use either prepared statements or properly escape the user data. 如果必须使用用户数据,请使用filter_var(),而不是使用预准备语句或正确转义用户数据。 There are many tutorials like this one out there that will guide you to safe queries. 有很多这样的教程可以指导您进行安全查询。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.