![](/img/trans.png)
[英]Opencart filter module query statement, price and special price range
[英]Proper code to filter a price range in PHP / SQL Query
真的希望有人可以帮助我。 我正在构建一个PHP / MySQL搜索表单,希望该表单将允许用户搜索我们的Wine数据库并根据通过下拉菜单选择的价格范围来过滤结果。
该表格可以很好地搜索并返回准确结果的不错列表。 但是,它不会对结果进行价格过滤。
经过数天的搜索和试验,我将各种代码段融合在一起以达到目标,但总的来说,PHP对我来说仍然是一个谜。
这是我苦苦挣扎的正确编码和语法。
我如何编码此处发布的PHP以正确集成价格范围过滤器? 我怀疑我在sql查询中包含“ pricerange”是否偏离基础。
任何帮助将不胜感激。 请检查下面的代码块。
万分感谢!
<form method="post" action="winesearch.php?go" id="searchform">
<input type="text" size="35" name="user-entry"/>
<select name="pricerange" size="1" id="pricerange">
<option value="">Price Range </option>
<option value="1">$ 10 - $20</option>
<option value="2">$ 21 - $30</option>
<option value="3">$ 31 - $50</option>
<option value="4">$ 51 - $75</option>
<option value="5">$ 76 - $100</option>
<option value="6">$101 - $200</option>
<option value="7">$201 - Plus</option>
</select>
<input type="submit" name="submit" value="Wine Search"/>
</form>
<?php
if(isset($_POST['submit'])){
if(isset($_GET['go'])){
if(preg_match("/^[a-zA-Z0-9]+/", $_POST['user-entry'])){
$cob=$_POST['user-entry'];
$pricerange=$_POST['pricerange'];
//connect to the database
$db=mysql_connect ("server", "user", "pass") or die (mysql_error());
//-select the database to use
$mydb=mysql_select_db("db_name");
if($pricerange == 0) $pricerange = 1;
switch ($pricerange) {
case 1 : $pricerange = " where Price BETWEEN 10.00 AND 20.00 "; break;
case 2 : $pricerange = " where Price BETWEEN 21.00 AND 30.00 "; break;
case 3 : $pricerange = " where Price BETWEEN 31.00 AND 50.00 "; break;
case 4 : $pricerange = " where Price BETWEEN 51.00 AND 75.00 "; break;
case 5 : $pricerange = " where Price BETWEEN 76.00 AND 100.00 "; break;
case 6 : $pricerange = " where Price BETWEEN 101.00 AND 200.00 "; break;
case 7 : $pricerange = " where Price > 200.00 "; break;
}
//-query the database table
$sql="
SELECT ID,
CSPC,
Country,
Producer,
Wine,
Year,
Price
FROM winecellar WHERE
CSPC LIKE '%" . $cob . "%'
OR
Country LIKE '%" . $cob ."%'
OR
Producer LIKE '%" . $cob ."%'
OR
Wine LIKE '%" . $cob ."%'
OR
Year LIKE '%" . $cob ."%'
OR
Price LIKE '%" . $pricerange ."%'
";
//-run the query against the mysql query function
$result=mysql_query($sql);
//-create while loop and loop through result set
while($row=mysql_fetch_array($result)){
$CSPC=$row['CSPC'];
$Country=$row['Country'];
$Producer=$row['Producer'];
$Wine=$row['Wine'];
$Year=$row['Year'];
$Price=$row['Price'];
$ID=$row['ID'];
//-display the result of the array
echo "<ul>\n";
echo "<li>" . $CSPC . "</li>\n";
echo "<li>" . $Country . "</li>\n";
echo "<li>" . $Producer . "</li>\n";
echo "<li>" . $Wine . "</li>\n";
echo "<li>" . $Year . "</li>\n";
echo "<li>" . "<a href=" . $Price . ">" . "$" . $Price . "</a></li>\n";
echo "</ul>";
}
}
else{
echo "<p>Please enter a search query</p>";
}
}
}
?>
直到您将查询放在一起之前,您都拥有了它。 您不需要在下面的语句中使用“ where”,因为您在下面要构建的查询中已经具有了“ where”。
switch ($pricerange) {
case 1 : $pricerange = " Price BETWEEN 10.00 AND 20.00 "; break;
case 2 : $pricerange = " Price BETWEEN 21.00 AND 30.00 "; break;
case 3 : $pricerange = " Price BETWEEN 31.00 AND 50.00 "; break;
case 4 : $pricerange = " Price BETWEEN 51.00 AND 75.00 "; break;
case 5 : $pricerange = " Price BETWEEN 76.00 AND 100.00 "; break;
case 6 : $pricerange = " Price BETWEEN 101.00 AND 200.00 "; break;
case 6 : $pricerange = " Price > 200.00 "; break;
}
OR
Price LIKE '%" . $pricerange ."%'
应该
OR ". $pricerange ."
因为您已经在构建之间的语句。
<?php
if(isset($_POST['submit'])){
if(isset($_GET['go'])){
// improved the filter to support space and -
// Also closed critical security breache (SQL-injection)
if(preg_match("/^[a-zA-Z0-9 -]+$/", $_POST['user-entry'])){
$cob=$_POST['user-entry'];
$pricerange=$_POST['pricerange'];
//connect to the database
$db=mysql_connect ("server", "user", "pass") or die (mysql_error());
//-select the database to use
$mydb=mysql_select_db("db_name");
switch ($pricerange) {
case 2 : $pricerange = " AND Price BETWEEN 21.00 AND 30.00 "; break;
case 3 : $pricerange = " AND Price BETWEEN 31.00 AND 50.00 "; break;
case 4 : $pricerange = " AND Price BETWEEN 51.00 AND 75.00 "; break;
case 5 : $pricerange = " AND Price BETWEEN 76.00 AND 100.00 "; break;
case 6 : $pricerange = " AND Price BETWEEN 101.00 AND 200.00 "; break;
case 7 : $pricerange = " AND Price > 200.00 "; break;
default : $pricerange = " AND Price BETWEEN 10.00 AND 20.00 "; // covers all other cases
}
//-query the database table
$sql="
SELECT ID,
CSPC,
Country,
Producer,
Wine,
Year,
Price
FROM winecellar WHERE
(CSPC LIKE '%" . $cob . "%'
OR
Country LIKE '%" . $cob ."%'
OR
Producer LIKE '%" . $cob ."%'
OR
Wine LIKE '%" . $cob ."%'
OR
Year LIKE '%" . $cob ."%')
" . $pricerange;
//-run the query against the mysql query function
$result=mysql_query($sql);
//-create while loop and loop through result set
while($row=mysql_fetch_array($result)){
$CSPC=$row['CSPC'];
$Country=$row['Country'];
$Producer=$row['Producer'];
$Wine=$row['Wine'];
$Year=$row['Year'];
$Price=$row['Price'];
$ID=$row['ID'];
//-display the result of the array
echo "<ul>\n";
echo "<li>" . $CSPC . "</li>\n";
echo "<li>" . $Country . "</li>\n";
echo "<li>" . $Producer . "</li>\n";
echo "<li>" . $Wine . "</li>\n";
echo "<li>" . $Year . "</li>\n";
echo "<li>" . "<a href=" . $Price . ">" . "$" . $Price . "</a></li>\n";
echo "</ul>";
}
}
else{
echo "<p>Please enter a search query</p>";
}
}
}
?>
我会在运行之前回显您的sql查询,以便您可以看到它的外观。 但是看来,对于价格范围部分,SQL部分是错误的。 现在看起来像这样:
OR Price LIKE '% where price BETWEEN 10.00 AND 20.00 %'
我认为您希望它看起来像:
OR PRICE BETWEEN 10.00 AND 20.00
您是否希望它是“或”或“与”?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.