0
你好,我让我的过滤系统是一个简单的只有位置和价格范围现在设置一切看起来像这样:
所以我的问题是最小和最大价格范围过滤器不工作位置过滤器正在工作,因为它应该是我面临的唯一问题是最小和最大价格没有任何错误或警告,但食客没有任何反应。过滤系统不工作
PHP上面的代码:
$cat1 = '';
if(isset($_GET["catid"])){
$p1 = '';
$p2 = '';
$catid = $_GET["catid"];
$l1 = substr($catid,0,1);
$l2 = substr($catid,1,1);
$p1 = "CAT".$l1;
if(!empty($l2)){
$p2 = "CAT".$l1."-".$l2;
$p3 = $p2;
}
$cat1 = @$lang[$p1];
$cat2 = @$lang[$p2];
}
$postid = '';
$userid = '';
$pricemin = '';
$pricemax = '';
$location = '';
if(isset($_POST["filter"])){
$pricemin = $_POST["min"];
$pricemax = $_POST["max"];
$location = $_POST["location"];
}
主要页面代码:
<div class="fp">
<div class="filter">
<b style="padding-left: 10px;">Filters:</b>
<form class="filterform" action="" method="post"><br>
Location: <br>
<input name="location" ><br>
Price Range:<br>
Min:<input type="text" name="min" size="5"> Max:<input type="text" name="max" size="5"><br><br>
<input class="submit-button" type="submit" name="filter" value="Filter">
</form>
</div>
<div class="posts">
<div id="adcat"><?php
if(!empty($cat2)){
?>
<a href="cat.php?catid=<?php echo $l1; ?>" ><?php echo $cat1." » "; ?></a><span><?php echo $cat2; ?></span>
<?php
} else {
echo "<font color='grey'>".$cat1."</font>";
}
?>
</div><br><br>
<div id="detailformscat">
<?php
if(empty($p1) && empty($p2)){
$sql = "SELECT * FROM posts p JOIN images i ON p.id = i.postid ";
if(!empty($location)){
$sql .= "AND location='$location'";
}
if(!empty($min)){
$sql.= "AND price>='$min' ";
}
if(!empty($max)){
$sql.= "AND price<='$max' ";
}
} else if(!empty($p2)){
$sql = "SELECT * FROM posts p JOIN images i ON p.id = i.postid WHERE catid='$p2' ";
if(!empty($location)){
$sql .= "AND location='$location'";
}
if(!empty($min)){
$sql.= "AND price>='$min' ";
}
if(!empty($max)){
$sql.= "AND price<='$max' ";
}
} else {
$sql = "SELECT * FROM posts p JOIN images i ON p.id = i.postid WHERE p.catid LIKE '$p1%' ";
if(!empty($location)){
$sql .= "AND location='$location'";
}
if(!empty($min)){
$sql.= "AND price>='$min' ";
}
if(!empty($max)){
$sql.= "AND price<='$max' ";
}
}
$res = mysqli_query($connect,$sql);
while ($row = mysqli_fetch_assoc($res)) {
$postid = $row["postid"];
?>
<div id="ads">
<div id="adfavcat">
<?php if(!isset($_SESSION["userid"])) { ?>
<a href="post.php?login=false" ><img src="image/+fav.png" width="40px" height="40px"></a>
<?php } else {
$userid = $_SESSION["userid"];
$sql2 = "SELECT * FROM fav WHERE userid='$userid' AND postid='$postid' ";
$res2 = mysqli_query($connect,$sql2);
$rowcount = mysqli_num_rows($res2);
if ($rowcount > 0){ ?>
<a href="cat.php?catid=<?php echo $catid; ?>&delete&id=<?php echo $postid?>" ><img src="image/xfav.png" width="40px" height="40px"></a>
<?php
} else { ?>
<a href="cat.php?catid=<?php echo $catid; ?>&add&id=<?php echo $postid; ?>" ><img src="image/+fav.png" width="40px" height="40px"></a>
<?php }
} ?>
</div>
<div id="titlepic">
<a href="review.php?id=<?php echo $postid; ?>"><?php echo $row["title"]; ?></a><br>
<a href="review.php?id=<?php echo $postid; ?>"><img src="<?php if(!empty($row["path1"])) { echo $row["path1"]; } else echo "image/noimage.png"; ?>" height="100px" width="150px"></a>
</div>
<div id="datescat">
<b>Date Added:</b> <?php echo date('m/d/Y H:i', $row["dateadded"]); ?><br>
<b>Renew Date:</b> <?php if($row["renewdate"] > 0){ echo date('m/d/Y H:i', $row["renewdate"]); } ?><br>
<b>Location:</b> <?php echo $row["location"]; ?><br>
<b>Price:</b> <?php echo $row["price"]."£"; ?><br>
</div>
</div>
<hr width="100%">
<?php
}
?>
</div>
</div>
</div>
你进入的一个,同样的价格 – yahoo5000
**警告**:当使用'mysqli'时,你应该使用[参数化查询](http://php.net/manual/en/mysqli。 quickstart.prepared-statements.php)和['bind_param'](http://php.net/manual/en/mysqli-stmt.bind-param.php)将用户数据添加到您的查询中。 **不要**使用字符串插值或连接来完成此操作,因为您创建了严重的[SQL注入漏洞](http://bobby-tables.com/)。 **绝不**将'$ _POST'或'$ _GET'数据直接放入查询中,如果有人试图利用您的错误,这会非常有害。 – tadman
有多少结果(应用过滤器之前) – Strawberry