作为初学者,我一直在努力寻找解决以下情况的方法:
我有 3 个表:
Table 1: CITIES
id|city
1|London
2|Paris
Table 2: CATEGORIES
id|category
1|category1
2|category2
Table 3: PRODUCTS
id|city|category|name|keyword
1|1|1|product1|keyword1
2|1|1|product2|keyword2
现在我需要帮助 mysql select 来显示搜索结果,像这样:
<?php
$keyword = preg_replace('#[^a-zA-Z]#', '', $_GET['keyword']);
$city = preg_replace('#[^0-9]#', '', $_GET['city']);
$category = preg_replace('#[^0-9]#', '', $_GET['category']);
$result = mysqli_query($con,"SELECT * FROM products WHERE category = '$category' AND city = '$city' AND keyword LIKE '$keyword'");
while($row = mysqli_fetch_array($result)) {
$id = $row['id'];
$name = $row['name'];
$category = $row['category'];
$city = $row['city'];
}
?>
我的网址是:search.php?keyword=keyword&category=1&city=1
这工作正常,但如果缺少任何参数,则显示 0 个结果
sample: search.php?keyword=&category=&city=1
最佳答案
您需要下面的动态 sql 生成检查示例:
$query = "SELECT * FROM products WHERE 1=1"; // note default case, always true
if ($category)
$query .= " AND category = ".intval($category, 10); // note intval
if ($city)
$query .= " AND city = ".intval($city, 10);
if ($keyword)
$query .= " AND keyword LIKE '%" . mysqli_real_escape_string($keyword). "%'"; // note escaping
$result = mysqli_query($con, $query);
更新:您可以对 JOINS 查询使用相同的方法,检查一下:
$query = "SELECT *
FROM PRODUCTS
inner join
CATEGORIES on (PRODUCTS.category = CATEGORIES.id)
inner join
CITIES on (PRODUCTS.city = CITIES.id)
WHERE 1=1";
关于php - MySQL选择多条件,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23446873/