從PHP中傳遞的值動態創建一個SQL語句

Question

我將一些值傳遞給一個函數，然後想要創建一個SQL查詢以在數據庫中搜索這些值。

這個輸入是下拉框，這意味着輸入可以是ALL或*我想創建的通配符。

的問題是，你不能做：

$result = mysql_query("SELECT * FROM table WHERE something1='$something1' AND something2='*'") or die(mysql_error()); 

我已經做了開始，但無法找出邏輯循環，使其工作。這是我到目前爲止：

public function search($something1, $something2, $something3, $something4, $something5) { 

    //create query 
    $query = "SELECT * FROM users"; 

    if ($something1== null and $something2== null and $something3== null and $something4== null and $something5== null) { 
     //search all users 
     break 
    } else { 

     //append where 
     $query = $query . " WHERE "; 

       if ($something1!= null) { 
        $query = $query . "something1='$something1'" 
       } 
       if ($something2!= null) { 
        $query = $query . "something2='$something2'" 
       } 
       if ($something3!= null) { 
        $query = $query . "something3='$something3'" 
       } 
       if ($something4!= null) { 
        $query = $query . "something4='$something4'" 
       } 
       if ($something5!= null) { 
        $query = $query . "something5='$something5'" 
       } 

    $uuid = uniqid('', true); 

    $result = mysql_query($query) or die(mysql_error()); 
} 

這個問題是，它只能按順序工作。如果有人先輸入例如something3，那麼它不會在正確的位置添加AND。

任何幫助非常感謝。

Answer 1

我會做這樣的事情

criteria = null 
if ($something1!= null) { 
     if($criteria != null) 
     { 
      $criteria = $criteria . " AND something1='$something1'" 
     } 
     else 
     { 
      $criteria = $criteria . " something1='$something1'" 
     } 
} 
    ... other criteria 


$query = $query . $criteria 

Answer 2

下面是動態生成的WHERE子句的例子。我還展示了使用PDO和查詢參數。您應該停止使用已棄用的mysql API並開始使用PDO。

public function search($something1, $something2, $something3, $something4, $something5) 
{ 
    $terms = array(); 
    $values = array(); 

    if (isset($something1)) { 
     $terms[] = "something1 = ?"; 
     $values[] = $something1; 
    } 

    if (isset($something2)) { 
     $terms[] = "something2 = ?"; 
     $values[] = $something2; 
    } 

    if (isset($something3)) { 
     $terms[] = "something3 = ?"; 
     $values[] = $something3; 
    } 

    if (isset($something4)) { 
     $terms[] = "something4 = ?"; 
     $values[] = $something4; 
    } 

    if (isset($something5)) { 
     $terms[] = "something5 = ?"; 
     $values[] = $something5; 
    } 

    $query = "SELECT * FROM users "; 

    if ($terms) { 
     $query .= " WHERE " . join(" AND ", $terms); 
    } 

    if (defined('DEBUG') && DEBUG==1) { 
     print $query . "\n"; 
     print_r($values); 
     exit(); 
    } 

    $stmt = $pdo->prepare($query); 
    if ($stmt === false) { die(print_r($pdo->errorInfo(), true)); } 

    $status = $stmt->execute($values); 
    if ($status === false) { die(print_r($stmt->errorInfo(), true)); } 
} 

我已經測試了上述，它的工作原理。如果我爲五個函數參數中的任何一個傳遞任何非空值，它將僅爲非空的條件創建一個WHERE子句。

測試用：

define('DEBUG', 1); 
search('one', 'two', null, null, 'five'); 

輸出本次測試的是：

SELECT * FROM users WHERE something1 = ? AND something2 = ? AND something5 = ? 
Array 
(
    [0] => one 
    [1] => two 
    [2] => five 
) 

如果您需要這是更有活力，數組傳遞給函數，而不是單獨的參數。

Answer 3

嘗試使用數組。

function search($somethings){ 

    $query = "SELECT * FROM users";   
    $filters = ''; 
    if(is_array($somethings)){ 

     $i = 0; 
     foreach($somethings as $key => $value){ 
      $filters .= ($i > 0) ? " AND $key = '$value' " : " $key = '$value'"; 
      $i++; 
     } 
    } 
    $uuid = uniqid('', true); 
    $query .= $filters; 
    $result = mysql_query($query) or die(mysql_error()); 
} 

// demo 
$som = array(
     "something1" => "value1", 
     "something2" => "value2" 
); 

search($som);