1. 首页
  2. 问答
  3. 使用AJAX,PHP和MySql进行过滤

使用AJAX,PHP和MySql进行过滤

2013-10-20 82 views
0

我想问一下如何通过3个下拉列表单独过滤我的结果。例如,我将通过1个下拉列表过滤它,然后当我选择另一个下拉列表时,它将精炼结果与我选择第三个时相同。使用AJAX,PHP和MySql进行过滤

这里是我的代码filtering.php:

<?php 
$q=$_GET['q']; 
$a=$_GET['a']; 
$b=$_GET['b']; 

$con = mysql_connect('localhost', 'root', ''); 
if (!$con) 
{ 
die('Could not connect: ' . mysql_error($con)); 
} 

mysql_select_db("ooh", $con); 
$strSQL="SELECT * FROM files WHERE type = '".$q."' AND price = '".$a."' AND location = '".$b."'"; 
$rs = mysql_query($strSQL,$con); 

while($info = mysql_fetch_array($rs)) { 

Print "<div id='filtername' class='fluid'>"; 
Print "<img src='images/ad_mock4.jpg' alt=''/>"; 
Print "<div class='box'>"; 
Print "<h2>".$info['title']. "<h2>"; 
Print "<p>".$info['shortdescription']. "</p>"; 
Print "<p class='cat'><strong>Price:</strong>".$info['price'] . "</p>"; 
Print "<p class='cat'><strong>Duration:</strong>".$info['duration'] . "</p>"; 
Print "<p class='cat'><strong>Material:</strong>".$info['material'] . "</p>"; 
Print "<p class='cat'><strong>Type:</strong>".$info['type'] . "</p>"; 
Print "<p class='cat'><strong>Location:</strong>".$info['location'] . "</p>"; 
Print "<p class='cat'><strong>Size:</strong>".$info['size'] . "</p>"; 
Print "</div>"; 
</div> 
Print "<div align='center'><a href='landingpage.php?id=".$info['id']."' class='cssbutton2'>VIEW ITEM</a></div>"; 
} 
mysql_close(); 


?>

来源

2013-10-20 Jan Vincent Tagalicud

+0

那么问题在哪里呢?你有什么问题?这不工作吗? – geomagas

+0

**危险**:您正在使用[一个**过时的**数据库API](http://stackoverflow.com/q/12859942/19068),并应使用[现代替换](http:// php。净/手动/ EN/mysqlinfo.api.choosing.php)。你也**易受[SQL注入攻击](http://bobby-tables.com/)**,现代的API会使[防御]更容易(http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php)自己从。 – Quentin

+0

这实际上是有效的,但是您必须选择所有3个下拉列表才能过滤结果。即使我选择了1个下拉菜单,我的需求也需要显示结果,如果我选择另一个,它会改进结果。谢谢! –

回答

0

我张贴的提示这里是我的问题的答案,我知道了。我希望这有助于其他面临同样问题的人。感谢撰写评论和回答我的问题的人!

<?php 
$q=$_GET['q']; 
$a=$_GET['a']; 
$b=$_GET['b']; 

$con = mysql_connect('localhost', 'root', ''); 
if (!$con) 
{ 
die('Could not connect: ' . mysql_error($con)); 
} 

mysql_select_db("ooh", $con); 

if($q && $a && $b!='') 
{ 
$strSQL = "SELECT * FROM files WHERE type = '".$q."' AND price = '".$a."' AND location = '".$b."' ORDER BY id DESC"; 
} 

else if($q && $b && $a!='') 
{ 
$strSQL = "SELECT * FROM files WHERE type = '".$q."' AND location = '".$b."' AND price = '".$a."' ORDER BY id DESC"; 
} 

else if($a && $q && $b!='') 
{ 
$strSQL = "SELECT * FROM files WHERE price = '".$a."' AND type = '".$q."' AND location = '".$b."' ORDER BY id DESC"; 
} 

else if($a && $b && $q!='') 
{ 
$strSQL = "SELECT * FROM files WHERE price = '".$a."' AND location = '".$b."' AND type = '".$q."' ORDER BY id DESC"; 
} 

else if($b && $q && $a!='') 
{ 
$strSQL = "SELECT * FROM files WHERE location = '".$b."' AND type = '".$q."' AND price = '".$a."' ORDER BY id DESC"; 
} 

else if($b && $a && $q!='') 
{ 
$strSQL = "SELECT * FROM files WHERE location = '".$b."' AND price = '".$a."' AND type = '".$q."' ORDER BY id DESC"; 
} 

else if($q && $a!='') 
{ 
$strSQL = "SELECT * FROM files WHERE type = '".$q."' AND price = '".$a."' ORDER BY id DESC"; 
} 

else if($q && $b!='') 
{ 
$strSQL = "SELECT * FROM files WHERE type = '".$q."' AND location = '".$b."' ORDER BY id DESC"; 
} 

else if($a && $q!='') 
{ 
$strSQL = "SELECT * FROM files WHERE price = '".$a."' AND type = '".$q."' ORDER BY id DESC"; 
} 

else if($a && $b!='') 
{ 
$strSQL = "SELECT * FROM files WHERE price = '".$a."' AND location = '".$b."' ORDER BY id DESC"; 
} 

else if($b && $q!='') 
{ 
$strSQL = "SELECT * FROM files WHERE location = '".$b."' AND type = '".$q."' ORDER BY id DESC"; 
} 

else if($b && $a!='') 
{ 
$strSQL = "SELECT * FROM files WHERE location = '".$b."' AND price = '".$a."' ORDER BY id DESC"; 
} 

else if($q!='') 
{ 
$strSQL = "SELECT * FROM files WHERE type = '".$q."' ORDER BY id DESC"; 
} 

else if($a!='') 
{ 
$strSQL = "SELECT * FROM files WHERE price = '".$a."' ORDER BY id DESC"; 
} 

else if($b!='') 
{ 
$strSQL= "SELECT * FROM files WHERE location = '".$b."' ORDER BY id DESC"; 
} 

else 
{ 
$strSQL = "SELECT * from files ORDER BY id DESC"; 
} 

$rs = mysql_query($strSQL,$con); 

while($info = mysql_fetch_array($rs)) { 
Print "<div id='filtername' class='fluid'>"; 
Print "<img src='images/".$info['file']."' />"; 
Print "<div class='box'>"; 
Print "<h2>".$info['title']. "<h2>"; 
Print "<p>".$info['shortdescription']. "</p>"; 
Print "<p class='cat'><strong>Price:</strong>".$info['price'] . "</p>"; 
Print "<p class='cat'><strong>Duration:</strong>".$info['duration'] . "</p>"; 
Print "<p class='cat'><strong>Material:</strong>".$info['material'] . "</p>"; 
Print "<p class='cat'><strong>Type:</strong>".$info['type'] . "</p>"; 
Print "<p class='cat'><strong>Location:</strong>".$info['location'] . "</p>"; 
Print "<p class='cat'><strong>Size:</strong>".$info['size'] . "</p>"; 
Print "</div>"; 
Print "<div align='center' id='button' class='cssbutton2'><a href='landingpage.php?id=".$info['id']."'>VIEW ITEM</a></div>"; 
} 

mysql_close(); 
?>

来源

2013-10-23 04:55:35

0

您应该然而移动到PDO数据库查询, - 这里是如何解决自己的目标

$sql = array(); 

foreach($_GET as $k => $v){ 

    if(get_magic_quotes_gpc()){ 
    $v = stripslashes($v); 
    } 

    $v = addslashes(htmlspecialchars($v, ENT_QUOTES)); // or whatever 

    switch($k){ 

    case 'q': 

    $sql[] = "type = '".$v."'"; 

    break; 
    case 'a': 

    $sql[] = "price = '".$v."'"; 

    break; 
    case 'b': 

    $sql[] = "location = '".$v."'"; 

    break;   
    default: 

    } 

} 

// query part 
if(!empty($sql)){ 

    $strSQL = "SELECT * FROM files WHERE ".implode(' AND ', $sql).""; 

}

来源

2013-10-20 17:30:05 Tom

+0

感谢您的帮助!为了研究特定的代码或编程课程,你介意给我关键字在Google中进行搜索吗?尽管我在编程方面很新颖。谢谢! –

+0

PDO?看看http://wiki.hashphp.org/PDO_Tutorial_for_MySQL_Developers – Tom

相关问题

 相关问题