1. 首页
  2. 问答
  3. MySQL两个选择,但完全不同

MySQL两个选择,但完全不同

2012-02-09 55 views
0

好吧,我必须表格,他们是沿着相同的路线,但一个列出所有商店出售的商品,一个是我们出售的产品。MySQL两个选择,但完全不同

认为它像水果和蔬菜完全不同。

我需要解决的是,如果有7个水果,我们需要8个清单,然后去获得一个随机蔬菜,并显示在相同的结果。

这是我们的查询当前的样子。你会发现,我们可以发送$计数,我们为8发,但我们可能要提高到10,甚至使它4.

public function realcashoffers($state,$count) 
{ 
    $this->state = $state; 
    $this->number = $count; 
    //print count($this->JSONselect("business_stores","*",NULL,NULL),1); 
     print $this->JSONselect("approved_business, business_stores, Real_Cash_Offers"," *, group_concat(offer ORDER BY offer ASC SEPARATOR ',') as offers"," approved_business.id = business_stores.business_id AND Real_Cash_Offers.business_id = approved_business.id AND Real_Cash_Offers.storeid = business_stores.storeid AND business_stores.state = '{$this->state}'","GROUP BY id ORDER BY RAND(), approved_business.id DESC LIMIT {$this->number} "); 
}

这个 - > JSONselect去

//JSON select 
    public function JSONselect($table,$options,$where,$orderby) 
    { 
     $options = empty($options) ? "*" : $options; 
     $where = empty($where) ? "1=1" : $where; 
     $orderby = empty($orderby) ? "" : $orderby; 

     $qry = "SELECT $options FROM $table WHERE $where $orderby "; 
     //print $qry; 
     $result = mysql_query($qry) or die(json_encode(array("error",mysql_error()))); 

     while(($row = mysql_fetch_assoc($result))){ $resultArray[] = $row; } 

     //print json_encode($resultArray); 

     return count($resultArray) < 1 ? print "[".json_encode(array("error"=>"sorry"))."]" : json_encode($resultArray); 
    }

来源

2012-02-09 RussellHarrower

+1

'realca shoffers(“approved_business; drop table approved_business; - ”,“haha pwned”);' – CanSpice 2012-02-09 00:24:56

+0

不起作用,因为我们的设置已设置为用户名和密码不能丢失数据 – RussellHarrower 2012-02-09 00:39:09

+0

@RussellHarrower - 不想丢弃它离主题太远,但攻击者可以在不改变数据的情况下造成很大的损失。想象一下,能够注入一些加入查询的东西,从'users'表中获取用户名和密码到您现有的查询中。如果巧妙地完成,攻击者可能会让您打印该数据以进行屏幕显示。 – SimonMayer 2012-02-09 02:51:36

回答

0

如果我正确理解我认为你所寻找的东西是沿着这条线的;

更新的主要功能,以确定是否有足够的结果,并呼吁二次查询,如果没有

public function realcashoffers($state,$count) 
{ 
    $this->state = $state; 
    $this->number = $count;   
    $result = $this->JSONselect("approved_business, business_stores, Real_Cash_Offers"," *, group_concat(offer ORDER BY offer ASC SEPARATOR ',') as offers"," approved_business.id = business_stores.business_id AND Real_Cash_Offers.business_id = approved_business.id AND Real_Cash_Offers.storeid = business_stores.storeid AND business_stores.state = '{$this->state}'","GROUP BY id ORDER BY RAND(), approved_business.id DESC LIMIT {$this->number} "); 

    $remaining = count($result) - $count; 

    if ($remaining) { 
     $result = array_merge($result, $this->JSONselect(.. enter secondary call here using $remaining as the limit..); 

    } 

    $this->JSONprint($result); 
}

更新JSONselect返回,而不是负责将它们打印以及

public function JSONselect($table,$options,$where,$orderby) 
{ 
    $resultArray = array(); 
    $options = empty($options) ? "*" : $options; 
    $where = empty($where) ? "1=1" : $where; 
    $orderby = empty($orderby) ? "" : $orderby; 

    $qry = "SELECT $options FROM $table WHERE $where $orderby "; 
    //print $qry; 
    $result = mysql_query($qry) or die(json_encode(array("error",mysql_error()))); 

    while(($row = mysql_fetch_assoc($result))){ $resultArray[] = $row; } 

    //print json_encode($resultArray); 

    return $resultArray; 
}
结果

创建JSONprint将打印返回的结果

protected function JSONprint($resultArray) { 
    return count($resultArray) < 1 ? print "[".json_encode(array("error"=>"sorry"))."]" : json_encode($resultArray); 
}

来源

2012-02-09 02:46:12

相关问题

 相关问题