[英]handling multiple search queries with php/mysql
我建立了汽車經銷門戶,在我的搜索表單中有多個下拉菜單,我面臨的問題是,一旦用戶執行搜索而不顯示用戶搜索的內容,所有內容都會從數據庫中顯示出來。
我真的不能指出我在哪里弄錯了。 如果有人不能請我幫忙,我將不勝感激。
表單頁面如下。
<script>
function populate(s1,s2){
var s1 = document.getElementById(s1);
var s2 = document.getElementById(s2);
s2.innerHTML = "";
if(s1.value == "Honda"){
var optionArray = ["accord|Accord","pilot|Pilot","crv|CRV"];
} else if(s1.value == "Toyota"){
var optionArray = ["corolla|Corolla","camry|Camry","highlander|Highlander"];
} else if(s1.value == "Peugeot"){
var optionArray = ["206|206","307|307"];
}
for(var option in optionArray){
var pair = optionArray[option].split("|");
var newOption = document.createElement("option");
newOption.value = pair[0];
newOption.innerHTML = pair[1];
s2.options.add(newOption);
}
}
</script>
<form action="test2.php" method="get" name="search">
<select name="bodytype">
<option value="Saloon">Saloon</option>
<option value="SUV">SUV</option>
</select>
<select name="make" id="make" onchange="populate(this.id, 'model')">
<option selected>Any</option>
<option value="Toyota">Toyota</option>
<option value="Honda">Honda</option>
<option value="BMW">BMW</option>
</select>
<select name="model" id="model">
</select>
<select name="cost1">
<option selected>Any</option>
<option>10000</option>
<option>20000</option>
<option>30000</option>
<option>40000</option>
<option>50000</option>
<option>60000</option>
<option>70000</option>
<option>80000</option>
<option>90000</option>
<option>100000</option>
</select>
<select name="cost2">
<option selected>Any</option>
<option>10000</option>
<option>20000</option>
<option>30000</option>
<option>40000</option>
<option>50000</option>
<option>60000</option>
<option>70000</option>
<option>80000</option>
<option>90000</option>
<option>100000</option>
</select>
<select name="transmission">
<option selected>Any</option>
<option>Auto</option>
<option>Manual</option>
</select>
<input name="submit" type="submit">
</form>
這是表格處理頁面
include('functions/config.php');
if(isset($_GET['submit'])){
$query = "SELECT * FROM details WHERE 1=1"; // Grab All Records
if ( isset($_GET["bodytype"]) )
$query = $query . " AND bodytype = '%".$_GET["bodytype"]."%'"; // Filter on Body Type
if ( isset($_GET["make"]) )
$query = $query . " AND make = '%".$_GET["make"]."%'"; // Filter on Make
if ( isset($_GET["model"]) )
$query = $query . " AND model = '%".$_GET["model"]."%'"; // Filter Model
if ( isset($_GET["transmission"]) )
$query = $query . " AND transmission = '%".$_GET["transmission"]."%'"; // Filter on Transmission
$search_query = mysqli_query($connection, $query);
if(!$search_query){
die("QUERY FAILED" .mysqli_error($connection));
}
$count = mysqli_num_rows($search_query);
if($count == 0){
echo "no result";
}else{
while($row = mysqli_fetch_assoc($search_query)){
echo $row["bodytype"]."</br>";
echo $row["make"]."</br>";
echo $row["model"]."</br>";
/*echo $row["MinPrice"]."</br>";
echo $row["MaxPrice"]."</br>";*/
echo $row["transmission"]."</br>";
}
}
}
?>
如果這些get []中的一個是空白參數,則假定該字段不為null,則它將為該字段返回true,因為類似'%%'的值為true。
您只想對具有數據的獲取參數執行like語句。
這將是最一致的語法,但我建議也列出未列出的SQL Injection更新。
請注意,我已將過濾器從“或”更改為“與”
$query = "SELECT * FROM details WHERE 1=1"; // Grab All Records
if ( isset($_GET["bodytype"]) )
$query = $query . " AND bodytype = '%".$_GET["bodytype"]."%'"; // Filter on Body Type
if ( isset($_GET["make"]) )
$query = $query . " AND make = '%".$_GET["make"]."%'"; // Filter on Make
...
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.