0

我将一些值传递给一个函数,然后想创建一个 SQL 查询来在数据库中搜索这些值。

输入是下拉框,这意味着输入可以是我想创建为通配符的 ALL 或 *。

问题是你不能这样做:

$result = mysql_query("SELECT * FROM table WHERE something1='$something1' AND something2='*'") or die(mysql_error());

我已经开始,但无法弄清楚使其工作的逻辑循环。这是我到目前为止所拥有的:

public function search($something1, $something2, $something3, $something4, $something5) {

    //create query
    $query = "SELECT * FROM users";

    if ($something1== null and $something2== null and $something3== null and $something4== null and $something5== null) {
        //search all users
        break 
    } else  {

        //append where
         $query = $query . " WHERE "; 

                if ($something1!= null) {
                    $query = $query . "something1='$something1'"
                }
                if ($something2!= null) {
                    $query = $query . "something2='$something2'"
                }
                if ($something3!= null) {
                    $query = $query . "something3='$something3'"
                }
                if ($something4!= null) {
                    $query = $query . "something4='$something4'"
                }
                if ($something5!= null) {
                    $query = $query . "something5='$something5'"
                }

    $uuid = uniqid('', true);

    $result = mysql_query($query) or die(mysql_error());
}

这样做的问题是它只能按顺序工作。如果有人首先输入例如 something3,那么它不会在正确的位置添加 AND。

非常感谢任何帮助。

4

3 回答 3

0

这是一个动态构建 WHERE 子句的示例。我还展示了使用 PDO 和查询参数。您应该停止使用已弃用的mysqlAPI 并开始使用 PDO。

public function search($something1, $something2, $something3, $something4, $something5)
{
    $terms = array();
    $values = array();

    if (isset($something1)) {
       $terms[] = "something1 = ?";
       $values[] = $something1;
    }

    if (isset($something2)) {
       $terms[] = "something2 = ?";
       $values[] = $something2;
    }

    if (isset($something3)) {
       $terms[] = "something3 = ?";
       $values[] = $something3;
    }

    if (isset($something4)) {
       $terms[] = "something4 = ?";
       $values[] = $something4;
    }

    if (isset($something5)) {
       $terms[] = "something5 = ?";
       $values[] = $something5;
    }

    $query = "SELECT * FROM users ";

    if ($terms) {
        $query .= " WHERE " . join(" AND ", $terms);
    }

    if (defined('DEBUG') && DEBUG==1) {
      print $query . "\n";
      print_r($values);
      exit();
    }

    $stmt = $pdo->prepare($query);
    if ($stmt === false) { die(print_r($pdo->errorInfo(), true)); }

    $status = $stmt->execute($values);
    if ($status === false) { die(print_r($stmt->errorInfo(), true)); }
}

我已经测试了上述内容,并且可以正常工作。如果我为五个函数参数中的任何一个传递任何非空值,它就会为非空项创建一个 WHERE 子句。

测试:

define('DEBUG', 1);
search('one', 'two', null, null, 'five');

该测试的输出是:

SELECT * FROM users  WHERE something1 = ? AND something2 = ? AND something5 = ?
Array
(
    [0] => one
    [1] => two
    [2] => five
)

如果您需要它更加动态,请将数组而不是单个参数传递给函数。

于 2012-11-28T18:14:59.457 回答
0

我会做这样的事情

criteria = null
if ($something1!= null) {
      if($criteria != null)
      {
          $criteria = $criteria . " AND something1='$something1'"
      }
      else
      {
           $criteria = $criteria . " something1='$something1'"
      }
}
   ... other criteria


$query = $query . $criteria
于 2012-11-28T18:10:01.910 回答
0

尝试使用数组。

 function search($somethings){

     $query = "SELECT * FROM users";           
     $filters = '';
     if(is_array($somethings)){

        $i = 0;
        foreach($somethings as $key => $value){
           $filters .= ($i > 0) ? " AND $key = '$value' " : " $key = '$value'";
           $i++;
        }
     }
     $uuid = uniqid('', true);
     $query .= $filters;
     $result = mysql_query($query) or die(mysql_error());
 }

 // demo
 $som = array(
      "something1" => "value1",
      "something2" => "value2"
 ); 

 search( $som );
于 2012-11-28T18:20:36.233 回答