1

我从如下查询字符串中获取数据,其中country, state and sub可能未设置所有 3 个。

有时可能是

http://www.example.com/index.php?country=US&state=california&sub=sanjose

http://www.example.com/index.php?country=US&state=california

http://www.example.com/index.php?country=US

然后我做:

$stmt = $conn->prepare('select username from arraytest where country = :country and state = :state and sub = :sub');
    $stmt->bindParam(':country', $_GET['country']);
    $stmt->bindParam(':state', $_GET['state']);
    $stmt->bindParam(':sub', $_GET['sub'])
    $stmt->execute();

    while($rows = $stmt->fetch()) {
        echo $rows['username'];
        echo '<br>';
    }

这只有在所有三个都绑定时才有效。如果没有收到任何一个,则不返回任何结果。

即使这三个都没有绑定,是否有可能让它工作?

例子

http://www.example.com/index.php?country=US将显示结果

select username from arraytest where country = US

http://www.example.com/index.php?country=US&state=california将显示结果

select username from arraytest where country = US and state = california

http://www.example.com/index.php?country=US&state=california&sub=sanjose将显示结果

select username from arraytest where country = US and state=california and sub=sanjose

4

3 回答 3

2

像这样的事情应该这样做;

$sql = 'select username from arraytest where country = :country';

if(isset($_GET['state')) {
  $sql .= ' and state = :state';

if(isset($_GET['sub')) {
  $sql .= ' and sub = :sub';

$stmt = $conn->prepare($sql);

$stmt->bindParam(':country', isset($_GET['country']) ? $_GET['country'] : 'US');

if(isset($_GET['state')) {
  $stmt->bindParam(':state', $_GET['state']);

if(isset($_GET['sub')) {
  $stmt->bindParam(':sub', $_GET['sub']);

编辑:如果它在很多地方使用,你可能想要做一个简单的功能,比如;

function buildstmt($conn, $base, $params, $arr) {
  $prefix = ' WHERE ';
  foreach($params as $param=>$value) {
    if(isset($arr[$param])) $value = $arr[$param];
    if($value != null) {
      $base .= $prefix.$param.'=:'.$param;
      $prefix = ' AND ';
    }
  }
  $stmt = $conn->prepare($sql);
  foreach($params as $param=>$value) {
    if(isset($arr[$param])) $value = $arr[$param];
    if($value != null)
      $stmt->bindParam(':'.$param, $value);
  }
  return $stmt;
}

然后你可以称它为;

$stmt = buildstmt($conn, 'select username from arraytest',
                  array('country'=>'US', 'state'=>null, 'sub'=>null), $_GET);
$stmt->execute();
于 2013-06-29T08:18:41.833 回答
0

sql有条件地准备

$sql = 'SELECT `username` FROM `arraytest` WHERE 1';

if(!empty($_GET['country'])) {
  $sql .= ' AND country = :country ';
}
if(!empty($_GET['state'])) {
  $sql .= ' AND state = :state ';
}
if(!empty($_GET['sub'])) {
  $sql .= ' AND sub = :sub ';
}

$stmt = $conn->prepare($sql);

像这样bindParam

if(!empty($_GET['country'])) {
  $stmt->bindParam(':country', $_GET['country']);
}
if(!empty($_GET['state'])) {
  $stmt->bindParam(':state', $_GET['state']);
}
if(!empty($_GET['sub'])) {
  $stmt->bindParam(':sub', $_GET['sub']);
}

$stmt->execute();
于 2013-06-29T08:17:40.607 回答
-1

我想出了这个:

$sql = 'select userName from arraytest where ';

if(!empty($_GET['country'])){ 
    echo 'Country Set <br>';
    $sql .= 'country = :country';
    $exe[':country'] = $_GET['country'];
} else { echo 'Country not set';}

if(!empty($_GET['state'])){ 
    echo 'State Set <br>';
    $sql .= ' and state = :state';
    $exe[':state'] = $_GET['state'];
} else { echo 'State not set';}

if(!empty($_GET['sub'])){ 
    echo 'Sub Set <br>';
    $sql .= ' and sub = :sub';
    $exe[':sub'] = $_GET['sub'];
}else{ echo 'Sub not set';}

print_r($exe);
$stmt = $conn->prepare($sql);

$stmt->execute($exe);

while($rows = $stmt->fetch()) {
    echo $rows['userName'];
    echo '<br>';
}
于 2013-06-29T09:44:19.760 回答