1

以下代码适用于第一页。它是基于来自表单的用户输入的查询。我有2个问题。第一个是当我单击下一页时,我得到未定义的索引和未定义的变量错误,这意味着变量未通过。第二个问题是如何根据表单中用户填写/选择的值进行查询和分页?一些用户可能不会填写所有值。这是我的代码: 注意:表单方法是 GET。我也尝试过请求和发布。都是一样的错误。提前谢谢各位。

<?php   

    if (isset($_POST['Submit'])) 
    $name = mysql_real_escape_string($_GET['name']);
    $email = mysql_real_escape_string($_GET['email']);
    $age = mysql_real_escape_string($_GET['age']);
    $height = mysql_real_escape_string($_GET['height']);

    include_once "conn.php"; //connect to db and table

    $rs = mysql_query("SELECT COUNT(*) FROM people WHERE name='$name' AND email='$email' AND age='$age' AND height='$height'"); 
    $rw = mysql_fetch_array($rs);
    $numrows = $rw[0];
if ($numrows== 0) die("No Results Found");

$rowsperpage = 7;

$totalpages = ceil($numrows / $rowsperpage);


if (isset($_GET['currentpage']) && is_numeric($_GET['currentpage'])) {

   $currentpage = (int) $_GET['currentpage'];
} else {

   $currentpage = 1;
} 
if ($currentpage > $totalpages) {

   $currentpage = $totalpages;
} 
if ($currentpage < 1) {

   $currentpage = 1;
} 
$offset = ($currentpage - 1) * $rowsperpage;

    $query = mysql_query("SELECT * FROM people WHERE name='$name' AND email='$email' AND age='$age' AND height='$height' ORDER BY time DESC LIMIT $offset, $rowsperpage"); 

//print my tables here 

while($row = mysql_fetch_array($query)) 
               {       
                   $uniqueid = $row['age'];
//output stuff here   
               }
//close sql
$range = 3;
if ($currentpage > 1) {
   echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=1&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'> Go To Page 1</a> ";

   $prevpage = $currentpage - 1;

   echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$prevpage&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'> Previous Page</a>";
} 
for ($x = ($currentpage - $range); $x < (($currentpage + $range) + 1); $x++) {

   if (($x > 0) && ($x <= $totalpages)) {

      if ($x == $currentpage) {

         echo " &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font size=4 color=red>[<b>$x</b>] </font>";

      } else {

         echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$x&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'>$x</a>";
      } 
   }  
}        
if ($currentpage != $totalpages) {

   $nextpage = $currentpage + 1;

   echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$nextpage&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'>Next Page</font></a>";

   echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$totalpages&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'>Last Page</a> ";
} 

?>
4

1 回答 1

0

表单作为 GET 提交。因为这个,POST 变量没有设置。而且您没有定义第一个变量(缺少括号?)。此外,Submit是唯一带有大写字母的提交值。这是故意的吗?

if (isset($_GET['Submit'])) {
    $name = mysql_real_escape_string($_GET['name']);
    $email = mysql_real_escape_string($_GET['email']);
    $age = mysql_real_escape_string($_GET['age']);
    $height = mysql_real_escape_string($_GET['height']);
}

更理想的是,因为您想要省略值,您可能想要单独检查每个变量是否存在。如果未设置(或为),请不要在 WHERE 子句中添加该字段。

$name = isset($_GET['name']) ? mysql_real_escape_string($_GET['name']) : null;
// ... process the other fields in same way ...

或跨越多行:编辑:刚刚注意到我)在下面的两个块中缺少一个结束。

$name = null;
if (isset($_GET['name'])) {
    $name = mysql_real_escape_string($_GET['name']);
}

// ... process the other fields in same way ...

甚至:

$name = null;
if (isset($_GET['name']))
    $name = mysql_real_escape_string($_GET['name']);

// ... process the other fields in same way ...

动态查询

然后,使您的查询更加动态。就像,将所有可用的 WHERE 参数添加到数组中。它使事情变得更容易。

// Store conditions in array
$whereConditions = array();

if (!empty($name)) {
    $whereConditions['name'] = $name;
}

if (!empty($email)) {
    $whereConditions['email'] = $email;
}

if ($age && $age > 0) {
    $whereConditions['age'] = $age;
}

if ($height && $height > 0) {
    $whereConditions['height'] = $height;
}

// Start building your query dynamically
$query = 'SELECT * FROM people';


// Making things easier here. Just flatten your array down.
$conditions = array();
foreach ($whereConditions as $field => $value) {
    $conditions[] = sprintf("%s = '%s'", $field, $value);
}

// Join all conditions with AND
$where = implode(' AND ', $conditions);

// Add where clause, if there are conditions
if (!empty($where)) {
    $query .= ' WHERE ' . $where;
}

$query .= " ORDER BY time DESC LIMIT {$offset}, {$rowsperpage}";

最后的笔记

如果您允许用户输入,请记住使用准备好的查询。并且mysql_扩展名已被弃用。切换到mysqli_PDO

于 2013-07-21T07:36:14.463 回答