如何使用表单正确过滤来自 MySQL 的结果?
How do I properly filter results from MySQL using a form?
筛选结果的正确方法是什么?到目前为止,我得到的是可以输入名字、姓氏、phone 和其他内容的表格。如何使语句忽略空输入字段而不是搜索空值?
我正在使用准备好的语句,当我过滤内容时,我使用 WHERE firstname = ? and lastname = ? 并且如果某些内容为空,则条件更改语句。我怎样才能避免做出数百个带条件的语句?
$stmt = $this->mysqli->prepare("SELECT * FROM cust");
if(!empty($firstname) && !empty($lastname)) {
$stmt = $this->mysqli->prepare("SELECT * FROM cust WHERE as_first = ? AND as_last = ?");
$stmt->bind_param("ss", $firstname, $lastname);
} else if(!empty($firstname) && empty($lastname)) {
$stmt = $this->mysqli->prepare("SELECT * FROM cust WHERE as_first = ?");
$stmt->bind_param("s", $firstname);
} else if(empty($firstname) && !empty($lastname)) {
$stmt = $this->mysqli->prepare("SELECT * FROM cust WHERE as_last = ?");
$stmt->bind_param("s", $lastname);
}
很遗憾,您应该编写自己的条件,例如:
$sql = 'SELECT...' // your original query
$sql .= !empty($phone) ? ' phone = :phone';
并手动绑定参数:
if (!empty($phone)) {
$stmt->bindParam(':phone', '%'.$phone.'%', PDO::PARAM_STR);
}
筛选结果的正确方法是什么?到目前为止,我得到的是可以输入名字、姓氏、phone 和其他内容的表格。如何使语句忽略空输入字段而不是搜索空值?
我正在使用准备好的语句,当我过滤内容时,我使用 WHERE firstname = ? and lastname = ? 并且如果某些内容为空,则条件更改语句。我怎样才能避免做出数百个带条件的语句?
$stmt = $this->mysqli->prepare("SELECT * FROM cust");
if(!empty($firstname) && !empty($lastname)) {
$stmt = $this->mysqli->prepare("SELECT * FROM cust WHERE as_first = ? AND as_last = ?");
$stmt->bind_param("ss", $firstname, $lastname);
} else if(!empty($firstname) && empty($lastname)) {
$stmt = $this->mysqli->prepare("SELECT * FROM cust WHERE as_first = ?");
$stmt->bind_param("s", $firstname);
} else if(empty($firstname) && !empty($lastname)) {
$stmt = $this->mysqli->prepare("SELECT * FROM cust WHERE as_last = ?");
$stmt->bind_param("s", $lastname);
}
很遗憾,您应该编写自己的条件,例如:
$sql = 'SELECT...' // your original query
$sql .= !empty($phone) ? ' phone = :phone';
并手动绑定参数:
if (!empty($phone)) {
$stmt->bindParam(':phone', '%'.$phone.'%', PDO::PARAM_STR);
}