0

我有 2 个表单都指向相同的 functions.php 页面

1 个表单有 2 个输入字段,Vechile TypePricing,另一个表单有 3 个输入类型,Vechile Type PricingCoverage Region

if ($_POST['vehicleType'] == 'lgv' && $_POST['pricing'] == 'fixed' ) {
    // Query 
}
else if ($_POST['vehicleType'] == 'lgv' && $_POST['pricing'] == 'pump' ) {
    // Query 
}
else if ($_POST['vehicleType'] == 'lgv' && $_POST['pricing'] == 'fixed' && $_POST['coverageRegion'] == 'national' ) {
    // Query 
}
else if ($_POST['vehicleType'] == 'lgv' && $_POST['pricing'] == 'pump' && $_POST['coverageRegion'] == 'international'  ) {
    // Query 
}       

现在我上面的语句不起作用,我是 PHP 新手,所以请原谅我的天真,但我只希望前 2 个查询从主页运行,其中只设置了 2 个变量,而后 2 个查询在另一种形式时运行填写。

有没有办法说如果没有设置coverageRegion,运行前2个?

4

3 回答 3

2

我会这样做:

我会这样做:

$where = array('1 = 1');
if(isset($_POST['vehicleType'])) {
    $where[] = "vehicleType = '" . mysql_real_escape_string($_POST['vehicleType']) . "'";
}
if(isset($_POST['pricing'])) {
    $where[] = "pricing = '" . mysql_real_escape_string($_POST['pricing']) . "'";
}
if(isset($_POST['coverageRegion'])) {
    $where[] = "coverageRegion = '" . mysql_real_escape_string($_POST['coverageRegion']) . "'";
}

// some more stuff
// if(isset($_POST['integerColumn'])) {
//     $where[] = "integerColumn = " . intval($_POST['integerColumn']);
// }
// if(count($where) == 1) {
//     die("You must specify at least one search criteria");
// }

$query = 'SELECT * FROM table WHERE ' . implode(' AND ', $where);
于 2012-04-16T10:19:00.847 回答
1
if (!isset($_POST['coverageRegion']))
{
    //run first two
    if ($_POST['vehicleType'] == 'lgv' && $_POST['pricing'] == 'fixed' )
    {
        // Query 
    }
    else if ($_POST['vehicleType'] == 'lgv' && $_POST['pricing'] == 'pump' )
    {
        // Query 
    }
}
else
{
    // run other two
    if ($_POST['vehicleType'] == 'lgv' && $_POST['pricing'] == 'fixed' && $_POST['coverageRegion'] == 'national' )
    {
        // Query 
    }
    else if ($_POST['vehicleType'] == 'lgv' && $_POST['pricing'] == 'pump' && $_POST['coverageRegion'] == 'international'  )
    {
        // Query 
    }
}
于 2012-04-16T10:08:37.210 回答
0

我会这样做:

$vehicle_types = array( 'lgv', 'hgv', 'plg', );
$pricings = array( 'fixed', 'pump', );
$regions = array( 'national', 'international', );
// Variables to search for
$params = array();
// Column names in the table
$conditions = array();

$qry = 'SELECT column1, column2, column3 FROM tablename';

// Add vehicle type to query
if ( ( isset( $_POST['vehicleType'] ) )
  && ( in_array( $_POST['vehicleType'], $vehicle_types ) ) ) {
    $params[] = $_POST['vehicleType'];
    $conditions[] = 'vehicleType = ?';
}

// Add pricing to query
if ( ( isset( $_POST['pricing'] ) )
  && ( in_array( $_POST['pricing'], $pricings ) ) ) {
    $params[] = $_POST['pricing'];
    $conditions[] = 'pricing = ?';
}

// Add region to query
if ( ( isset( $_POST['coverageRegion'] ) )
  && ( in_array( $_POST['coverageRegion'], $regions ) ) ) {
    $params[] = $_POST['coverageRegion'];
    $conditions[] = 'region = ?';
}

if ( count( $params ) ) {
    $qry .= ' WHERE ' . implode( ' AND ', $conditions );
    // Connect to database using PDO
    $db = new PDO( 'mysql:dbname=testdb;host=127.0.0.1', 'user', 'pass' );
    $stmt = $db->prepare( $qry );
    $stmt->execute( $params );
    $result = $stmt->fetchAll();
    print_r( $result );
}

好处:

  • 没有if/else意大利面
  • 将来易于添加更多选项
  • mysql_real_escape_string由于PDO准备好的报表,因此不需要
  • 检查是否只接受允许的变量$_POST
于 2012-04-16T10:38:30.107 回答