我有五个文本框,它们与我的sql数据库中的自己的字段相关联。我要做的是从mysql数据库中获取数据,这取决于用户在文本框中输入的内容。问题是,如果文本框为空,则不会输出任何记录,因为该文本框试图将"作为一段数据"发布。如何实现它,以便如果文本框为空,它将查找该字段中的所有(或任何数据)。例如,如果SessionID文本框为空,则选择所有的SessionID。下面是我当前的代码:
<body>
<form action="exam_interface.php" method="post" name="sessionform"> <!-- This will post the form to its own page"-->
<p>Session ID: <input type="text" name="sessionid" /></p> <!-- Enter Session Id here-->
<p>Module Number: <input type="text" name="moduleid" /></p> <!-- Enter Module Id here-->
<p>Teacher Username: <input type="text" name="teacherid" /></p> <!-- Enter Teacher here-->
<p>Student Username: <input type="text" name="studentid" /></p> <!-- Enter User Id here-->
<p>Grade: <input type="text" name="grade" /></p> <!-- Enter Grade here-->
<p><input type="submit" value="Submit" /></p>
</form>
<?php
$username="u0867587";
$password="31may90";
$database="mobile_app";
$sessionid = $_POST['sessionid'];
$moduleid = $_POST['moduleid'];
$teacherid = $_POST['teacherid'];
$studentid = $_POST['studentid'];
$grade = $_POST['grade'];
mysql_connect('localhost',$username,$password);
@mysql_select_db($database) or die("Unable to select database");
$result = mysql_query("SELECT * FROM Module m INNER JOIN Session s ON m.ModuleId = s.ModuleId JOIN Grade_Report gr ON s.SessionId = gr.SessionId JOIN Student st ON gr.StudentId = st.StudentId WHERE gr.SessionId = '$sessionid' AND m.ModuleId = '$moduleid' AND s.TeacherId = '$teacherid' AND gr.StudentId = '$studentid' AND gr.Grade = '$grade'");
$num=mysql_numrows($result);
echo "<table border='1'>
<tr>
<th>Student Id</th>
<th>Forename</th>
<th>Session Id</th>
<th>Grade</th>
<th>Mark</th>
<th>Module</th>
<th>Teacher</th>
</tr>";
while ($row = mysql_fetch_array($result)){
echo "<tr>";
echo "<td>" . $row['StudentId'] . "</td>";
echo "<td>" . $row['Forename'] . "</td>";
echo "<td>" . $row['SessionId'] . "</td>";
echo "<td>" . $row['Grade'] . "</td>";
echo "<td>" . $row['Mark'] . "</td>";
echo "<td>" . $row['ModuleName'] . "</td>";
echo "<td>" . $row['TeacherId'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysql_close();
?>
谢谢
最简单的方法是根据提交的内容动态构建查询的WHERE部分,这样,如果有问题的字段为空,WHERE语句的那部分将不存在。
以这个例子为例,它有两个可能的输入$_POST['foo']和$_POST['bar']:
<?php
//bind vars to be used in filtering - if blank they are false
$foo = (!empty($_POST['foo']) ? mysql_real_escape_string($_POST['foo']) : false);
$bar = (!empty($_POST['bar']) ? mysql_real_escape_string($_POST['bar']) : false);
//base query: 1=1 will always be true and not filter anything
$query = "SELECT * FROM `my_table` WHERE 1=1"
if($foo){
$query.=" AND `foo` = ".$foo);
}
if($bar)
{
$query.=" AND `bar` = ".$bar;
}
$r = mysql_query($query);
?>
如果你想要一个偷懒的解决方案,这样你就不会一次创建一个查询字段,你可以添加这个:
foreach ($_POST as $key=>$value)
{
if (empty($value))
{
$_POST[$key] = '%';
}
}
在块之前,您从post中获取数据,并将查询中的where后的每个等号(=)替换为keywork LIKE
,但推荐的解决方案是picus给你的,注意你应该过滤用户输入,并在查询
如果输入的值为空,则需要短路逻辑,例如:
为每个谓词构建where时,而不是
AND m.ModuleId = '$moduleid'
AND ('$moduleid' = '' OR m.ModuleId = '$moduleid')
这应该短路列=值检查
动态构建查询,不要在查询的WHERE子句中添加空变量:
<?php
// Map database attributes to POST variables
$postVars = array(
'gr.SessionId' => 'sessionid',
'm.ModuleId' => 'moduleid',
's.TeacherId' => 'teacherid',
'gr.StudentId' => 'studentid',
'gr.Grade' => 'grade'
);
// Determine the parts of the WHERE clause
$whereParts = array();
foreach ($postVars as $attributeName => $postVar) {
if (isset($_POST[$postVar]) && !empty($_POST[$postVar])) {
$whereParts[] = $attributeName . " = " . mysql_real_escape_string($_POST[$postVar]);
}
}
// Create the WHERE clause if there are parts
$whereClause = "";
if (! empty($whereParts)) {
$whereClause = " WHERE " . implode(" AND ", $whereParts);
}
// Construct the complete query
$query = "SELECT * FROM table" . $whereClause;
添加了从数据库属性名到POST变量名的映射,因为在问题中提供的代码中,这些变量名不相等。