1. 首頁
  2. 問答
  3. MySQL兩個選擇,但完全不同

MySQL兩個選擇,但完全不同

2012-02-09 56 views
0

好吧,我必須表格,他們是沿着相同的路線,但一個列出所有商店出售的商品,一個是我們出售的產品。MySQL兩個選擇,但完全不同

認爲它像水果和蔬菜完全不同。

我需要解決的是,如果有7個水果,我們需要8個清單,然後去獲得一個隨機蔬菜,並顯示在相同的結果。

這是我們的查詢當前的樣子。你會發現,我們可以發送$計數,我們爲8發,但我們可能要提高到10,甚至使它4.

public function realcashoffers($state,$count) 
{ 
    $this->state = $state; 
    $this->number = $count; 
    //print count($this->JSONselect("business_stores","*",NULL,NULL),1); 
     print $this->JSONselect("approved_business, business_stores, Real_Cash_Offers"," *, group_concat(offer ORDER BY offer ASC SEPARATOR ',') as offers"," approved_business.id = business_stores.business_id AND Real_Cash_Offers.business_id = approved_business.id AND Real_Cash_Offers.storeid = business_stores.storeid AND business_stores.state = '{$this->state}'","GROUP BY id ORDER BY RAND(), approved_business.id DESC LIMIT {$this->number} "); 
}

這個 - > JSONselect去

//JSON select 
    public function JSONselect($table,$options,$where,$orderby) 
    { 
     $options = empty($options) ? "*" : $options; 
     $where = empty($where) ? "1=1" : $where; 
     $orderby = empty($orderby) ? "" : $orderby; 

     $qry = "SELECT $options FROM $table WHERE $where $orderby "; 
     //print $qry; 
     $result = mysql_query($qry) or die(json_encode(array("error",mysql_error()))); 

     while(($row = mysql_fetch_assoc($result))){ $resultArray[] = $row; } 

     //print json_encode($resultArray); 

     return count($resultArray) < 1 ? print "[".json_encode(array("error"=>"sorry"))."]" : json_encode($resultArray); 
    }

來源

2012-02-09 RussellHarrower

+1

'realca shoffers(「approved_business; drop table approved_business; - 」,「haha pwned」);' – CanSpice 2012-02-09 00:24:56

+0

不起作用,因爲我們的設置已設置爲用戶名和密碼不能丟失數據 – RussellHarrower 2012-02-09 00:39:09

+0

@RussellHarrower - 不想丟棄它離主題太遠,但攻擊者可以在不改變數據的情況下造成很大的損失。想象一下,能夠注入一些加入查詢的東西,從'users'表中獲取用戶名和密碼到您現有的查詢中。如果巧妙地完成,攻擊者可能會讓您打印該數據以進行屏幕顯示。 – SimonMayer 2012-02-09 02:51:36

回答

0

如果我正確理解我認爲你所尋找的東西是沿着這條線的;

更新的主要功能,以確定是否有足夠的結果,並呼籲二次查詢,如果沒有

public function realcashoffers($state,$count) 
{ 
    $this->state = $state; 
    $this->number = $count;   
    $result = $this->JSONselect("approved_business, business_stores, Real_Cash_Offers"," *, group_concat(offer ORDER BY offer ASC SEPARATOR ',') as offers"," approved_business.id = business_stores.business_id AND Real_Cash_Offers.business_id = approved_business.id AND Real_Cash_Offers.storeid = business_stores.storeid AND business_stores.state = '{$this->state}'","GROUP BY id ORDER BY RAND(), approved_business.id DESC LIMIT {$this->number} "); 

    $remaining = count($result) - $count; 

    if ($remaining) { 
     $result = array_merge($result, $this->JSONselect(.. enter secondary call here using $remaining as the limit..); 

    } 

    $this->JSONprint($result); 
}

更新JSONselect返回,而不是負責將它們打印以及

public function JSONselect($table,$options,$where,$orderby) 
{ 
    $resultArray = array(); 
    $options = empty($options) ? "*" : $options; 
    $where = empty($where) ? "1=1" : $where; 
    $orderby = empty($orderby) ? "" : $orderby; 

    $qry = "SELECT $options FROM $table WHERE $where $orderby "; 
    //print $qry; 
    $result = mysql_query($qry) or die(json_encode(array("error",mysql_error()))); 

    while(($row = mysql_fetch_assoc($result))){ $resultArray[] = $row; } 

    //print json_encode($resultArray); 

    return $resultArray; 
}
結果

創建JSONprint將打印返回的結果

protected function JSONprint($resultArray) { 
    return count($resultArray) < 1 ? print "[".json_encode(array("error"=>"sorry"))."]" : json_encode($resultArray); 
}

來源

2012-02-09 02:46:12

相關問題

 相關問題