1. 首頁
  2. 問答
  3. 從PHP中的數據庫中選擇字符串

從PHP中的數據庫中選擇字符串

2012-09-09 41 views
0

我有一個網頁,您可以搜索數據庫。用戶可以在5個不同的字段上搜索,並通過via post發送輸入。點擊搜索時,某些字段可以爲空。有沒有一個很好的選擇陳述我可以使用,而不是一大堆if語句。從PHP中的數據庫中選擇字符串

$Country = $_POST['Country']; 
$Gender = $_POST['Gender']; 
$lastName = $_POST['lastName']; 
$firstName = $_POST['firstName']; 
$sport = $_POST['sport']; 

//selects sport and country 
    if (($lastName == null) && ($firstName == null) && ($Gender == null)) 
    { 
    $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON   (tblAthletes.countryCode = tblCountry.countryCode) WHERE (name = '$Country') AND (sport ='$sport') "; 
    } 


    //selects country and gender and sport 
    if (($lastName == null) && ($firstName == null)) 
    { 

     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (name = '$Country') AND (gender ='$Gender') AND (sport = '$sport')"; 
    } 


    //selects country and last and first name 
    else if ($Gender == null) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (name = '$Country') AND (firstName LIKE '%$firstName%') AND (lastName LIKE '%$lastName%') AND (sport = '$sport') "; 
    } 

    //selects sport, gender, last name and country 
    else if ($firstName == null) 
    { 
    $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (name = '$Country') AND (sport ='$sport') AND (gender ='$Gender') AND (lastName LIKE '%$lastName%') "; 
    } 

    //selects sport, gender, first name and country 
    else if ($lastName == null) 
    { 
    $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (name = '$Country') AND (sport ='$sport') AND (gender ='$Gender') AND (firstName LIKE '%$firstName%') "; 
    } 

    //selects just country 
if (($Gender == null) && ($lastName == null) && ($firstName == null) && ($sport == null)) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (name ='$Country') "; 
    } 


     //selects just sport 
    else if (($lastName == null) && ($firstName == null) && ($Gender == null) && ($Country == 'country')) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (sport = '$sport') ORDER BY sport "; 
    } 

     //selects just last name 
    else if (($sport == null) && ($firstName == null) && ($Gender == null) && ($Country == 'country')) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (lastName = '$lastName') ORDER BY sport "; 
    } 

    //selects gender and last name 
    else if (($Country == 'country') && ($firstName == null)) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (lastName LIKE '%$lastName%') AND (gender LIKE '%$Gender%') AND (sport = '$sport') "; 

    } 


    //selects gender and first name 
    else if (($Country == 'country') && ($lastName == null)) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (firstName LIKE '%$firstName%') AND (gender = '$Gender') AND (sport = '$sport') "; 

    } 


    //selects country, sport and first name 
    else if (($Gender == null) && ($lastName == null)) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (firstName LIKE '%$firstName%') AND (sport = '$sport') AND (name = '$Country') "; 

    } 


    //selects last name, sport and first name 
    else if (($Gender == null) && ($Country == 'country')) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (firstName LIKE '%$firstName%') AND (sport = '$sport') AND (lastName LIKE '%$lastName%') "; 

    } 
    // selects sport and gender 
    else if (($Country == null) && ($lastName == null) && ($firstName == null)) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (gender = '%Gender%') AND (sport = '$sport') "; 
    } 

    // selects gender 
    else if (($Country == null) && ($lastName == null) && ($firstName == null) && ($sport == null)) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (gender = '%Gender%') "; 
    } 

    // selects country and last name 
    else if (($Gender == null) && ($firstName == null) && ($sport == null)) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (name = '$Country') AND (lastName LIKE '%$lastName%') "; 
    } 


    // selects country and first name 
else if (($Gender == null) && ($lastName == null) && ($sport == null)) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (name = '$Country') AND (firstName LIKE '%$firstName%') "; 
    } 


     // selects all 
    else if (($Gender == null) && ($firstName == null) && ($sport == null) && ($lastName == null) && ($Country == 'country')) 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode)"; 
    } 
    // selects if all feilds full 
    else 
    { 
     $selectString = "SELECT * FROM tblCountry JOIN tblAthletes ON (tblAthletes.countryCode = tblCountry.countryCode) WHERE (name = '$Country') AND (gender ='$Gender') AND (lastName LIKE '%$lastName%') AND (firstName LIKE '%$firstName%') ORDER BY lastName "; 
    } 

    $result = mysql_query($selectString); 


    while($row = mysql_fetch_assoc($result)) 
    { 
    echo"<tr>"; 
     foreach($row as $index=>$value) 
     { 
      if(($index == 'flagImage')||($index == 'atheleteImage')) 
      { 
       //Gets images 
       echo"<td><img title='competitor' alt='' src='images/$value' width='80' height='80'/></td>"; 
      } 
     else 
      { 
       echo("<td>$value</td>"); 
      } 
     } 
    echo"</tr>"; 
    } 
    echo"</table>"; 
    echo"</div>"; 

}

來源

2012-09-09 Stephen Sugrue

+1

您有任何解決方案嗎或只是希望我們做你的工作? – zerkms

+0

我有一大堆if語句 –

+0

這樣顯示它,所以我們可以幫助你改進它,而不僅僅是爲你做你的工作。 – zerkms

回答

1

試着這麼做

SELECT 
    * 
FROM 
    your_table_here 
WHERE 
     (('' = :country) OR country = :country) 
    AND (('' = :gender) OR gender = :gender) 
    AND (('' = :lastName) OR lastName = :lastName) 
    AND (('' = :firstName) OR firstName = :firstName) 
    AND (('' = :sport) OR sport = :sport) 
;

可以適應這個以檢查NULL值,而不是空字符串,使用IS_NULL(:國家)等等,而不是 ''=:國家。

,當然:Remeber to sanitize your database inputs.

編輯: 與IS NULL:

SELECT 
    * 
FROM 
    your_table_here 
WHERE 
     (IS NULL(:country) OR country = :country) 
    AND (IS NULL(:gender) OR gender = :gender) 
    AND (IS NULL(:lastName) OR lastName = :lastName) 
    AND (IS NULL(:firstName) OR firstName = :firstName) 
    AND (IS NULL(:sport) OR sport = :sport)

;

來源

2012-09-09 23:48:48 Jost

+0

我遇到了IS_NULL的問題,請您爲我擴展一下嗎? –

0

是。

SELECT `Country`, `Gender`, `lastName`, `firstName`, `sport` FROM TABLE_NAME WHERE Country='$country'...etc

確保您使用mysqliPDO。傳統的mysql函數有主要的安全漏洞。

來源

2012-09-09 23:48:56 SomeKittens

相關問題

 相關問題