[英]Search and filter data using mysql and php
我剛剛開始學習 php 和 mysql,並且正在使用 php 和 Z81C3B080D537BF52EZA1 創建一個項目。 我在從數據庫中搜索和過濾數據時卡住了。 搜索基本上是一個組合搜索,並根據用戶輸入過濾數據。
這是我的代碼:
public function filterSearch(Request $request){
$new = $request->get('new');
$used = $request->get('used');
$registered = $request->get('registered');
$make = $request->get('make');
$model = $request->get('model');
$price = $request->get('price');
$city = $request->get('city');
$registration = $request->get('firstRegistration');
$query = DB::select("SELECT * FROM ads WHERE vehicleCond LIKE '".$new."' OR vehicleCond LIKE '".$used."' OR vehicleCond LIKE '".$registered."' ");
$decode = json_decode(json_encode($query),true);
$finalArr = array();
for($i=0; $i<count($decode); $i++){
if($make || $model || $registration){
if(($decode[$i]['make'] == $make) || ($decode[$i]['model'] == $model) || ($decode[$i]['registration'] == $registration)){
array_push($finalArr,$decode[$i]);
}
}else{
array_push($finalArr,$decode[$i]);
}
}
return response()->json(['success'=>$finalArr], 200);
}
結果不正確......對於單一選擇,它工作正常。 當我使用組合時,結果不正確。
我假設您需要您的查詢/過濾器是動態的。
您的 html 腳本可以遵循如下模式/格式:
<input type="checkbox" name="filter1" value="new">
<input type="checkbox" name="filter1" value="used">
<input type="checkbox" name="filter1" value="pre-registered">
<select name="filter2" id="">...</select>
<select name="filter3" id="">...</select>
在 Php 文件中,您可以對 append 使用一些條件查詢條件/過濾器:
$criteria = "";
if($request->get('filter1'))
{
$criteria .= " AND `filter1` = '".addslashes($request->get('filter1'))."'";
}
if($request->get('filter2'))
{
$criteria .= " AND `filter2` = '".addslashes($request->get('filter2'))."'";
}
//and so on...
//output
$query = DB::select("SELECT * FROM your_table WHERE 1 = 1 {$criteria}");
筆記:
You might need be cautious on forming $criteria as it might still have chance of getting Sql Injection using DB::select method, but i believe you can use the same logic to adapt using Laravel Eloquent method.
這是您的問題的解決方案
public function filterSearch(Request $request){
$make = $request->get('make');
$model = $request->get('model');
$price = $request->get('price');
$city = $request->get('city');
$registration = $request->get('firstRegistration');
$searchFields = [
'new',
'used',
'registered'
];
$query = DB::table('ads')->where(function ($query) use ($searchFields, $request) {
collect($searchFields)->each(function($field) use($likeCriteria, $query) {
$likeCriteria = $request->get($field);
if ($likeCriteria === '') {
$likeCriteria = '%';
}
$query->orWhere($field, 'like', '%' . $likeCriteria . '%');
});
})->get();
$decode = json_decode(json_encode($query),true);
$finalArr = array();
for($i=0; $i<count($decode); $i++){
if($make || $model || $registration){
if(($decode[$i]['make'] == $make) || ($decode[$i]['model'] == $model) || ($decode[$i]['registration'] == $registration)){
array_push($finalArr,$decode[$i]);
}
}else{
array_push($finalArr,$decode[$i]);
}
}
return response()->json(['success'=>$finalArr], 200);
}
$searchFields
,這樣我們就可以避免代碼重復並使用干凈的代碼。table
方法,然后使用查詢 function 移動where
的所有邏輯,並避免 SQL 注入。在此鏈接上,您可以了解更多信息: https://laravel.com/docs/7.x/queries#where-clauses
如果您有任何問題,請告訴我。
我會改變這個:
$new = $request->get('new');
$used = $request->get('used');
$registered = $request->get('registered');
$make = $request->get('make');
$model = $request->get('model');
$price = $request->get('price');
$city = $request->get('city');
$registration = $request->get('firstRegistration');
對此:
$new = (empty($request->get('new')) ? "%" : $request->get('new');
$used = (empty($request->get('used')) ? "%" : $request->get('used');
$registered = (empty($request->get('registered')) ? "%" : $request->get('registered');
$make = (empty($request->get('make')) ? "%" : $request->get('make');
$model = (empty($request->get('model')) ? "%" : $request->get('model');
$price = (empty($request->get('price')) ? "%" : $request->get('price');
$city = (empty($request->get('city')) ? "%" : $request->get('city');
$registration = (empty($request->get('firstRegistration')) ? "%" : $request->get('firstRegistration');
我會嘗試將查詢存儲到變量中,然后使用三元條件或三元 if 添加選擇 if isset 或不為空
$query=""SELECT * FROM ads WHERE 1=1 ";
$query.=(isset($new) && $new!='' ? " OR vehicleCond LIKE '%" . $new . "%'" : "");
$query.=(isset($used) && $used!='' ? " OR vehicleCond LIKE '%" . $used. "%'" : "");
$query.=(isset($registered) && $registered!='' ? " OR vehicleCond LIKE '%" . $registered. "%'" : "");
//and so on depends on your selection variables
//after that
$query = DB::select($query);
干杯
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.