使用PHP表单下拉列表创建mySQL查询 - 如果用户忽略下拉列表,请不要按该参数进行过滤
[英]Creating a mySQL query using PHP form dropdowns - If user ignores dropdown, do not filter by that parameter
问题描述
I am creating a simple MySQL query that will be built from the user selecting options from 2 dropdowns. 
我正在创建一个简单的MySQL查询,该查询将通过用户从2个下拉列表中选择选项来构建。
The issue I am having is that I would like each drop down to default that if they do not actually choose an option, do not filter by that dropdown parameter. 我遇到的问题是,我希望每个下拉默认,如果他们实际上没有选择一个选项,请不要按下拉参数进行过滤。
So, if they come in, and simply hit submit without choosing from a dropdown they should see everything. 所以,如果他们进来,只需点击提交而不选择下拉列表,他们应该看到一切。 If they come in and pick from only one of the dropdowns, the query will basically ignore filtering by the other dropdown. 如果他们进入并仅从其中一个下拉列表中选择,则查询将基本上忽略其他下拉列表的过滤。
I tried making <OPTION VALUE='any'>Choose but my query didn't know what to do with the 'any' and just shows no results. 我尝试制作<OPTION VALUE='any'>Choose但我的查询不知道如何处理'任何'而只显示没有结果。
Here is my code. 这是我的代码。 Thank you very much for whatever help you can provide. 非常感谢您提供的任何帮助。
FORM 形成
<form method="POST" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
<select name="GameType">
<OPTION VALUE='any'>Choose Game Type
<option value="Game1">Option 1</option>
<option value="Game2">Option 2</option>
<option value="Game3">Option 3</option>
</select>
<select name="Instructor">
<OPTION VALUE='any'>Choose Instructor
<option VALUE="InstructorA">Instructor A</option>
<option value="InstructorB">Instructor B</option>
<option value="InstructorC">Instructor C</option>
</select>
<input type='submit' value='Search Videos'>
</form>
MYSQL MYSQL
<?PHP
connection stuff
$db_handle = mysql_connect($server, $user_name, $password);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) {
$SQL = "SELECT * FROM Videos WHERE GameType=\"{$_POST['GameType']}\" AND Instructor=\"{$_POST['Instructor']}\"";
$result = mysql_query($SQL);
while ($db_field = mysql_fetch_assoc($result)) {
echo $db_field['ShortDescription'] . ", ";
echo $db_field['LongDescription'] . ", ";
echo $db_field['GameType'] . ", ";
echo $db_field['NumberOfPlayers'] . ", ";
echo $db_field['Instructor'] . ", ";
echo $db_field['Stakes'] . ", ";
echo $db_field['UserPermissionLevel'] . ", ";
echo $db_field['DateCreated'] . "<BR>";
}
mysql_close($db_handle);
}
else {
print "Database NOT Found ";
mysql_close($db_handle);
}
?>
3 个解决方案
解决方案1
3 2010-03-27 05:57:13
Last week, I implemented a solution to a problem similar to this by using a technique found on mikesdotnetting . 上周,我通过使用mikesdotnetting上的技术实现了与此类似的问题的解决方案。 In it, he describes testing for a null entry from the user in the WHERE clause, then moving to criteria matching. 在其中,他描述了在WHERE子句中测试用户的空条目,然后转移到条件匹配。
So, to liken it to your example: 所以,把它比作你的例子:
"SELECT * FROM Videos
WHERE (GameType IS NULL OR GameType = $_POST['GameType'])
AND (Intructor IS NULL OR Instructor = $_POST['Instructor'])"
Also note that this technique will require you to nullify your selected option in your : 另请注意,此技术将要求您在以下内容中取消选定的选项:
<OPTION VALUE=''>Choose Game Type</option>
解决方案2
1 2010-03-27 05:47:26
you can do something like this: 你可以这样做:
$w=array();
if (!empty($_GET['rooms'])) $w[]="rooms='".mysql_real_escape_string($_GET['rooms'])."'";
if (!empty($_GET['space'])) $w[]="space='".mysql_real_escape_string($_GET['space'])."'";
if (!empty($_GET['max_price'])) $w[]="price < '".mysql_real_escape_string($_GET['max_price'])."'";
if (count($w)) $where="WHERE ".implode(' AND ',$w); else $where='';
$query="select * from table $where";
Note that this code has written for the empty value ( <OPTION VALUE=''> ) 请注意,此代码已为空值编写( <OPTION VALUE=''> )
Also note that your code suffer terribly from the SQL injection 另请注意,您的代码会受到SQL注入的严重影响
解决方案3
0 2010-03-27 05:50:09
如果选择“any”,则在PHP中构建SQL查询,从而省略where子句中的部分。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.