0
我正在運行兩個變量下拉查詢搜索,但似乎遇到if語句時遇到條件時不會執行的問題。特別是當兩個下拉列表位於缺省選定選項時,返回值爲NULL。如果條件滿足時條件不執行(條件:兩個變量都爲NULL)
請參閱下面的代碼。
代碼爲兩個下拉列表:
print("<form action='patients.php' method='get'>");
// csSelection & sfSelection declaration of arrays to populate dropdown selection
$csSelection=array("","","","","");
$sfSelection=array("","","","","");
if(isset($_REQUEST['search'])) {
if (isset($_GET['cs'])) {
$csSelection=array("","","","","");
$cs= $_GET['cs'];
if ($cs=='1') {$csSelection[1]='selected';}
else if ($cs=='2') {$csSelection[2]='selected';}
else if ($cs=='3') {$csSelection[3]='selected';}
else if ($cs=='4') {$csSelection[4]='selected';}
else if ($cs=='0') {$csSelection[0]='selected';}
//var_dump($cs);
//var_dump($csSelection);
}
if (isset($_GET['sf'])) {
$sfSelection=array("","","","","");
$sf = $_GET['sf'];
if ($sf=='Analyzed') {$sfSelection[1]='selected';}
else if ($sf=='New Case') {$sfSelection[2]='selected';}
else if ($sf=='Updated Case') {$sfSelection[3]='selected';}
else if ($sf=='None') {$sfSelection[4]='selected';}
else if ($sf=='0') {$sfSelection[0]='selected';}
}
}
// Case status dropdown list
print("<select name='cs'>
<option ".$csSelection[0]." value=''>--Select Case Status--</option>
<option value='1' ".$csSelection[1].">Pass</option>
<option value='2' ".$csSelection[2].">Failed</option>
<option value='3' ".$csSelection[3].">Pass With Error</option>
<option value='4' ".$csSelection[4].">Indeterminate</option>
</select>");
// Case Flag dropdown list
print("<select name='sf'>
<option ".$sfSelection[0]." value=''>--Select Flagged Status--</option>
<option value='Analyzed' ".$sfSelection[1].">Analyzed Case</option>
<option value='New Case' ".$sfSelection[2].">New Case</option>
<option value='Updated Case' ".$sfSelection[3].">Updated Case (New Images)</option>
<option value='None' ".$sfSelection[4].">No Status Flag</option>
</select>");
print("<input type='submit' name='search' value='Search'></form>");
如果語句。 else if (($cs==NULL) && ($sf==NULL))聲明有問題,它不返回任何內容。
if (isset($_GET['cs']) && isset($_GET['sf'])) {
$cs= $_GET['cs'];
$sf= $_GET['sf'];
var_dump($cs);
var_dump($sf);
if (($sf==NULL) && ($cs!==NULL)) {
$sql = "SELECT patientid, sub_status_lookup.CASE_STATUS, sub_status_lookup.SUB_STATUS, count(DISTINCT caseid) as cases_count, cases.comments, date_mod, caseid, user_mod, status_flag FROM cases, sub_status_lookup
Where cases.status = sub_status_lookup.SUB_ID and sub_status_lookup.STATUS_ID = '".$cs."'
Group By patientid, cases.status";
} else if (($sf!==NULL) && ($cs==NULL)) {
$sql = "SELECT patientid, sub_status_lookup.CASE_STATUS, sub_status_lookup.SUB_STATUS, count(DISTINCT caseid) as cases_count, cases.comments, date_mod, caseid, user_mod, status_flag FROM cases, sub_status_lookup
Where cases.status = sub_status_lookup.SUB_ID and cases.status_flag = '".$sf."'
Group By patientid, cases.status";
//var_dump($sql);
} else if (($cs!==NULL) && ($sf!==NULL)){
$sql = "SELECT patientid, sub_status_lookup.CASE_STATUS, sub_status_lookup.SUB_STATUS, count(DISTINCT caseid) as cases_count, cases.comments, date_mod, caseid, user_mod, status_flag FROM cases, sub_status_lookup
Where cases.status = sub_status_lookup.SUB_ID and sub_status_lookup.STATUS_ID = '".$cs."' and cases.status_flag = '".$sf."'
Group By patientid, cases.status";
} else if (($cs==NULL) && ($sf==NULL)) {
var_dump($sql); // This does not print out when both $cs and $sf are on the default NULL
$sql = "SELECT patientid, sub_status_lookup.CASE_STATUS, sub_status_lookup.SUB_STATUS, count(caseid) as cases_count, cases.comments, date_mod, caseid, user_mod, status_flag FROM cases, sub_status_lookup
Where cases.status = sub_status_lookup.SUB_ID
Group By patientid, cases.status ";
}
}
更新:感謝您的意見!我確實將最後一條語句從if(isset)條件移入else語句。但是,它仍然不起作用,我發現當兩者都爲NULL時,不要去else語句。它執行第一個if語句,條件爲:(($sf==NULL) && ($cs!==NULL)) $ cs和$ sf值從URL抓取:patients.php?cs = & sf = & search = Search。我該如何補救?
通過使用未經過濾的$ _GET值而不使用預準備語句,您有SQL注入漏洞。你也應該使用'elseif'而不是'else if'。 – doublesharp
這是一段美麗的代碼。你能突出重點嗎? –
或者可能只是提供一個簡化的測試用例? – Basic