0
你好,我讓我的過濾系統是一個簡單的只有位置和價格範圍現在設置一切看起來像這樣:
所以我的問題是最小和最大價格範圍過濾器不工作位置過濾器正在工作,因爲它應該是我面臨的唯一問題是最小和最大價格沒有任何錯誤或警告,但食客沒有任何反應。過濾系統不工作
PHP上面的代碼:
$cat1 = '';
if(isset($_GET["catid"])){
$p1 = '';
$p2 = '';
$catid = $_GET["catid"];
$l1 = substr($catid,0,1);
$l2 = substr($catid,1,1);
$p1 = "CAT".$l1;
if(!empty($l2)){
$p2 = "CAT".$l1."-".$l2;
$p3 = $p2;
}
$cat1 = @$lang[$p1];
$cat2 = @$lang[$p2];
}
$postid = '';
$userid = '';
$pricemin = '';
$pricemax = '';
$location = '';
if(isset($_POST["filter"])){
$pricemin = $_POST["min"];
$pricemax = $_POST["max"];
$location = $_POST["location"];
}
主要頁面代碼:
<div class="fp">
<div class="filter">
<b style="padding-left: 10px;">Filters:</b>
<form class="filterform" action="" method="post"><br>
Location: <br>
<input name="location" ><br>
Price Range:<br>
Min:<input type="text" name="min" size="5"> Max:<input type="text" name="max" size="5"><br><br>
<input class="submit-button" type="submit" name="filter" value="Filter">
</form>
</div>
<div class="posts">
<div id="adcat"><?php
if(!empty($cat2)){
?>
<a href="cat.php?catid=<?php echo $l1; ?>" ><?php echo $cat1." » "; ?></a><span><?php echo $cat2; ?></span>
<?php
} else {
echo "<font color='grey'>".$cat1."</font>";
}
?>
</div><br><br>
<div id="detailformscat">
<?php
if(empty($p1) && empty($p2)){
$sql = "SELECT * FROM posts p JOIN images i ON p.id = i.postid ";
if(!empty($location)){
$sql .= "AND location='$location'";
}
if(!empty($min)){
$sql.= "AND price>='$min' ";
}
if(!empty($max)){
$sql.= "AND price<='$max' ";
}
} else if(!empty($p2)){
$sql = "SELECT * FROM posts p JOIN images i ON p.id = i.postid WHERE catid='$p2' ";
if(!empty($location)){
$sql .= "AND location='$location'";
}
if(!empty($min)){
$sql.= "AND price>='$min' ";
}
if(!empty($max)){
$sql.= "AND price<='$max' ";
}
} else {
$sql = "SELECT * FROM posts p JOIN images i ON p.id = i.postid WHERE p.catid LIKE '$p1%' ";
if(!empty($location)){
$sql .= "AND location='$location'";
}
if(!empty($min)){
$sql.= "AND price>='$min' ";
}
if(!empty($max)){
$sql.= "AND price<='$max' ";
}
}
$res = mysqli_query($connect,$sql);
while ($row = mysqli_fetch_assoc($res)) {
$postid = $row["postid"];
?>
<div id="ads">
<div id="adfavcat">
<?php if(!isset($_SESSION["userid"])) { ?>
<a href="post.php?login=false" ><img src="image/+fav.png" width="40px" height="40px"></a>
<?php } else {
$userid = $_SESSION["userid"];
$sql2 = "SELECT * FROM fav WHERE userid='$userid' AND postid='$postid' ";
$res2 = mysqli_query($connect,$sql2);
$rowcount = mysqli_num_rows($res2);
if ($rowcount > 0){ ?>
<a href="cat.php?catid=<?php echo $catid; ?>&delete&id=<?php echo $postid?>" ><img src="image/xfav.png" width="40px" height="40px"></a>
<?php
} else { ?>
<a href="cat.php?catid=<?php echo $catid; ?>&add&id=<?php echo $postid; ?>" ><img src="image/+fav.png" width="40px" height="40px"></a>
<?php }
} ?>
</div>
<div id="titlepic">
<a href="review.php?id=<?php echo $postid; ?>"><?php echo $row["title"]; ?></a><br>
<a href="review.php?id=<?php echo $postid; ?>"><img src="<?php if(!empty($row["path1"])) { echo $row["path1"]; } else echo "image/noimage.png"; ?>" height="100px" width="150px"></a>
</div>
<div id="datescat">
<b>Date Added:</b> <?php echo date('m/d/Y H:i', $row["dateadded"]); ?><br>
<b>Renew Date:</b> <?php if($row["renewdate"] > 0){ echo date('m/d/Y H:i', $row["renewdate"]); } ?><br>
<b>Location:</b> <?php echo $row["location"]; ?><br>
<b>Price:</b> <?php echo $row["price"]."£"; ?><br>
</div>
</div>
<hr width="100%">
<?php
}
?>
</div>
</div>
</div>
你進入的一個,同樣的價格 – yahoo5000
**警告**:當使用'mysqli'時,你應該使用[參數化查詢](http://php.net/manual/en/mysqli。 quickstart.prepared-statements.php)和['bind_param'](http://php.net/manual/en/mysqli-stmt.bind-param.php)將用戶數據添加到您的查詢中。 **不要**使用字符串插值或連接來完成此操作,因爲您創建了嚴重的[SQL注入漏洞](http://bobby-tables.com/)。 **絕不**將'$ _POST'或'$ _GET'數據直接放入查詢中,如果有人試圖利用您的錯誤,這會非常有害。 – tadman
有多少結果(應用過濾器之前) – Strawberry