Php 使用多个参数设置SQL查询
我需要使用从URL提取的多个参数设置SQL查询。到目前为止,我只能让它工作的URL中只有一个项目 我的默认查询是拉入所有内容Php 使用多个参数设置SQL查询,php,mysql,sql,Php,Mysql,Sql,我需要使用从URL提取的多个参数设置SQL查询。到目前为止,我只能让它工作的URL中只有一个项目 我的默认查询是拉入所有内容 $sql = "SELECT "; $sql .= "* "; $sql .= "FROM "; $sql .= "cms_site_content "; $sql .= "WHERE "; $sql .= "1"; 然后,我检查是否有任何内容通过URL传递并检索它 if (isset($_GET["d"])) { $d=$_GET["d"]; 在if语句中,我将作
$sql = "SELECT ";
$sql .= "* ";
$sql .= "FROM ";
$sql .= "cms_site_content ";
$sql .= "WHERE ";
$sql .= "1";
if (isset($_GET["d"])) {
$d=$_GET["d"];
$newD = explode(',',$d);
$countD = count($newD);
foreach($newD as $discipline) {
if ($countD == 1) {
$sql .= " AND";
$sql .= " discipline='".$discipline."'";
}
SELECT * FROM cms_site_content WHERE 1 AND discipline="value"
SELECT * FROM cms_site_content WHERE 1 AND discipline="value OR discipline="value2" OR discipline="value3"
有没有更有效的方法来写这个?我不知道如何在foreach语句中插入OR 假设您的查询的其余部分是得体的。只需将所有规程值存储在一个数组中,如下所示,然后将
$production\u字符串$sql$discipline_ary = array('option1', 'option2', 'option3');
$discipline_string = "";
for($i=0; $i < count($discipline_ary); $i++){
$discipline_string .= " discipline = '" . $discipline[$i] . "' ";
if($i+1 == count($discipline_ary)){
break;
}else{
$discipline_string .= " OR "
}
}
$production\u ari=array('option1','option2','option3');
$PRODUCTION_string=“”;
对于($i=0;$i$production\u字符串$sql$discipline_ary = array('option1', 'option2', 'option3');
$discipline_string = "";
for($i=0; $i < count($discipline_ary); $i++){
$discipline_string .= " discipline = '" . $discipline[$i] . "' ";
if($i+1 == count($discipline_ary)){
break;
}else{
$discipline_string .= " OR "
}
}
$production\u ari=array('option1','option2','option3');
$PRODUCTION_string=“”;
对于($i=0;$i$production\u字符串$sql$discipline_ary = array('option1', 'option2', 'option3');
$discipline_string = "";
for($i=0; $i < count($discipline_ary); $i++){
$discipline_string .= " discipline = '" . $discipline[$i] . "' ";
if($i+1 == count($discipline_ary)){
break;
}else{
$discipline_string .= " OR "
}
}
$production\u ari=array('option1','option2','option3');
$PRODUCTION_string=“”;
对于($i=0;$i$production\u字符串$sql$discipline_ary = array('option1', 'option2', 'option3');
$discipline_string = "";
for($i=0; $i < count($discipline_ary); $i++){
$discipline_string .= " discipline = '" . $discipline[$i] . "' ";
if($i+1 == count($discipline_ary)){
break;
}else{
$discipline_string .= " OR "
}
}
$production\u ari=array('option1','option2','option3');
$PRODUCTION_string=“”;
对于($i=0;$i$discipline_arr = array();
foreach($newD as $discipline) {
$discipline_arr[] = $discipline;
// by the way, don't forget to escape for sql injection
// mysql_escape_string is the depracated one, u can use that if u have no
// other choice
}
将所有规程值保存在数组中
$discipline_arr = array();
foreach($newD as $discipline) {
$discipline_arr[] = $discipline;
// by the way, don't forget to escape for sql injection
// mysql_escape_string is the depracated one, u can use that if u have no
// other choice
}
将所有规程值保存在数组中
$discipline_arr = array();
foreach($newD as $discipline) {
$discipline_arr[] = $discipline;
// by the way, don't forget to escape for sql injection
// mysql_escape_string is the depracated one, u can use that if u have no
// other choice
}
将所有规程值保存在数组中
$discipline_arr = array();
foreach($newD as $discipline) {
$discipline_arr[] = $discipline;
// by the way, don't forget to escape for sql injection
// mysql_escape_string is the depracated one, u can use that if u have no
// other choice
}
有很多很棒的库和框架可以为您完成所有这些,包括安全性,为什么要重新发明轮子?您应该阅读如何将PDO与MySQL结合使用:您可以使用圆括号进行“块”检查(
SELECT*FROM cms\u site\u content,其中1和(规程=“value”或规程=“value2”)1和规程='option1'或规程='option2'或规程='option3'SELECT*FROM cms\u site\u content,其中1和(学科=“值”或学科=“值2”)1和规程='option1'或规程='option2'或规程='option3'SELECT*FROM cms\u site\u content,其中1和(学科=“值”或学科=“值2”)1