当我单独拉取每个潜在客户状态时(?潜在客户状态=新,?潜在客户状态=热等),它们会起作用,但是当尝试获取全部时,我似乎无法让它工作。如您所见,页面上的默认值是新潜在客户。
`$query = "SELECT * FROM contacts WHERE contacttype IN ('New','Buyer','Seller','Buyer / Seller','Investor') AND leadstatus = 'New' ORDER BY date DESC";
if(isset($_GET['leadstatus']) && in_array($_GET['leadstatus'], array('New', 'Hot', 'Warm', 'Cold', 'Rejected', 'Closed')))
{
$status = $_GET['leadstatus'];
$query = "SELECT * FROM contacts WHERE leadstatus = '".$status."' ORDER BY contacts.date DESC";
}`
以下是我尝试过的一些字符串,但没有运气:
?leadstatus=New&leadstatus=Hot&leadstatus=Warm&leadstatus=Rejected&leadstatus=Cold - Only pulls last listed, which is Cold
?leadstatus[]=New&leadstatus=[]Hot&leadstatus[]=Warm&leadstatus[]=Rejected&leadstatus[]=Cold - Returns default, which is New
?leadstatus=New&Hot&Warm&Rejected&Cold
- 返回默认值,即"新建"
if(isset($_GET['leadstatus']) && $_GET['leadstatus'] == "all") {
$query = "SELECT * FROM contacts ORDER BY contacts.date DESC";
} else if (in_array($_GET['leadstatus'], array('New', 'Hot', 'Warm', 'Cold', 'Rejected', 'Closed'))) {
$status = $_GET['leadstatus'];
$query = "SELECT * FROM contacts WHERE leadstatus = '".$status."' ORDER BY contacts.date DESC";
}
然后,使潜在客户状态 = 全部。
试试这个:
if(isset($_GET['leadstatus']) && in_array($_GET['leadstatus'], array('New', 'Hot', 'Warm', 'Cold', 'Rejected', 'Closed')))
{
$status = $_GET['leadstatus'];
if(!empty($status)) {
$query = "SELECT * FROM contacts WHERE leadstatus = '".$status."' ORDER BY contacts.date DESC";
} else {
$query = "SELECT * FROM contacts ORDER BY contacts.date DESC";
}
}`
但是,我是否也可以建议您使用参数化查询? 你在这里对SQL注入攻击持开放态度。
像这样的东西应该匹配多个条件,允许您一次混合和匹配多个,而不是 1 个或全部。
$status = join(',',$_GET['leadstatus']);
$query = "SELECT * FROM contacts WHERE leadstatus IN($status) ORDER BY contacts.date DESC";