php - 在 PHP 中从 mysql 数据创建表

Question

我正在尝试制作一个项目，其中显示前 3 个月和当前月份..现在我的问题是我不知道在哪里或如何将此 mysql 数据反射(reflect)到 php 中的表中...任何人都可以教我请问？

如果我不能很好地向您解释系统，请原谅我，因为我只是一个努力的程序员..

表格应该是这样的: http://www.fileden.com/files/2011/7/27/3174077//1.JPG

这是我想要放入表中的 php 代码和 mysql 查询:

<form action="" method="post" class="niceform">
<fieldset>
    <legend>Job Orders</legend>\
    <table>
<tr>
<th>SSA</th>
<th>Months</th>
</tr>

         <?php

$datefrom= $_POST['timestamp'];
$dateto=$_POST['timestamp1'];

$parsemonth="";
$parseday ="01";

$conditionmonth=$parsemonth-3;


//january
if ($conditionmonth == '1'){

$sql="SELECT
a.specialist_partner_ID
,count(CASE WHEN a.receivedDate between DATE_SUB('2011-01-01', INTERVAL 3 MONTH) and         DATE_SUB('2011-09-30', INTERVAL 3 MONTH) THEN a.job_order_number ELSE null END) As December,
count(CASE WHEN a.receivedDate between DATE_SUB('2011-01-01', INTERVAL 2 MONTH) and  DATE_SUB('2011-09-30', INTERVAL 2 MONTH) THEN a.job_order_number ELSE null END) As November
,count(CASE WHEN a.receivedDate between DATE_SUB('2011-01-01', INTERVAL 1 MONTH) and   DATE_SUB('2011-09-30', INTERVAL 1 MONTH) THEN a.job_order_number ELSE null END) As October 
,count(CASE WHEN a.receivedDate between '2011-01-01' and  '2011-01-30'THEN a.job_order_number ELSE null END) As Jauary
,count(job_order_number) As Total
FROM jo_partner a
WHERE a.receivedDate BETWEEN '2011-01-01' AND '2011-12-31'
GROUP BY a.specialist_partner_ID";
}

//february
else if ($conditionmonth == '2'){

$sql="SELECT
a.specialist_partner_ID
,count(CASE WHEN a.receivedDate between DATE_SUB('2011-02-01', INTERVAL 11 MONTH) and    DATE_SUB('2011-02-29', INTERVAL 3 MONTH) THEN a.job_order_number ELSE null END) As November
,count(CASE WHEN a.receivedDate between DATE_SUB('2011-02-01', INTERVAL 10 MONTH) and  DATE_SUB('2011-02-29', INTERVAL 2 MONTH) THEN a.job_order_number ELSE null END) As December
,count(CASE WHEN a.receivedDate between DATE_SUB('2011-02-01', INTERVAL 9 MONTH) and  DATE_SUB('2011-02-29', INTERVAL 1 MONTH) THEN a.job_order_number ELSE null END) As January
,count(CASE WHEN a.receivedDate between '2011-02-01' and  '2011-02-29'THEN a.job_order_number ELSE null END) As February
,count(job_order_number) As Total
FROM jo_partner a
WHERE a.receivedDate BETWEEN '2011-01-01' AND '2011-12-31'
GROUP BY a.specialist_partner_ID";
}

//march
else if ($conditionmonth == '3')
{

$sql="SELECT
a.specialist_partner_ID
,count(CASE WHEN a.receivedDate between DATE_SUB('2011-03-01', INTERVAL 3 MONTH) and       DATE_SUB('2011-03-31', INTERVAL 3 MONTH) THEN a.job_order_number ELSE null END) As December
,count(CASE WHEN a.receivedDate between DATE_SUB('2011-03-01', INTERVAL 2 MONTH) and  DATE_SUB('2011-03-31', INTERVAL 2 MONTH) THEN a.job_order_number ELSE null END) As Jauary
,count(CASE WHEN a.receivedDate between DATE_SUB('2011-03-01', INTERVAL 1 MONTH) and  DATE_SUB('2011-03-31', INTERVAL 1 MONTH) THEN a.job_order_number ELSE null END) As February
,count(CASE WHEN a.receivedDate between '2011-03-01' and  '2011-03-31'THEN a.job_order_number ELSE null END) As March
,count(job_order_number) As Total
FROM jo_partner a
WHERE a.receivedDate BETWEEN '2011-01-01' AND '2011-12-31'
GROUP BY a.specialist_partner_ID";
}

依此类推...直到十二月

while ($row = mysql_fetch_row($sql)
{

} 
?>
  </tr></table>
</fieldset>

条件是当我选择一个月份来查看该月的报告时，除一月份外，只有一月份的数据才会可见，而最后 3 个月份的数据，除十二月和十一月外

Answer 1

假设表格是使用此类数据构建的:

<tr>
  <td>item1</td>
  <td>item2</td>
</tr>

使用 SQL 建表非常简单，只需使用表标签将数据括起来即可:

仅使用 SQL 代码，不推荐，因为它会留下 XSS 安全漏洞!
仅当您 100% 确定数据库中的数据安全时才使用此选项

/*escape all data coming from a user */
/*or even better just escape all incoming data *period* */
$SSAID = mysql_real_escape_string($_SESSION['SESS_SSA_ID']);

/*don't use 2 queries if you can do it in one */  
$result = mysql_query("SELECT CONCAT('<tr>',GROUP_CONCAT(
                              CONCAT('<td>',ug.group_name,</td>), SEPARATOR ' ')
                              ,'</tr>') as tablestring 
                      FROM user_group ug
                      INNER JOIN user u ON (ug.usr_group_ID = u.user_group_id)
                      WHERE u.SSA_ID = ''$SSAID' )";

$row = mysql_fetch_row($result);
echo "here comes the table";
echo $row['tablestring'];

此代码用 SQL 构造整个表。另一种选择是循环遍历这些值并在 while 循环中将表拼凑在一起:

使用 while 循环的代码示例，转义输出，防止 XSS

$result = mysql_query("SELECT ug.group_name 
                      FROM user_group ug
                      INNER JOIN user u ON (ug.usr_group_ID = u.user_group_id)
                      WHERE u.SSA_ID = ''$SSAID' )";
$table = "<tr>";
while ($row = mysql_fetch_row($result));
{
  $table .= "<td>".htmlspecialchars($row['group_name'], ENT_QUOTES, 'UTF-8')."</td>";
}
$table .= "</tr>";
echo "here comes the table";
echo $table;

要记住的要点

• 对注入(inject) SQL 语句的所有 $vars 使用 mysql_real_escape_string()。
• 始终使用 htmlspecialchars() 对回显到屏幕上的数据进行转义，以防止 XSS。
• 摆脱select *的习惯，只选择你需要的。
• 不要使用两个查询并使用 php 作为它们之间的信使，而应使用一个查询，请参阅有关 SQL 连接的教程。

链接
SQL注入(inject):How does the SQL injection from the "Bobby Tables" XKCD comic work?
XSS预防:How to prevent XSS with HTML/PHP?
php-MySQL 教程:http://www.tizag.com/mysqlTutorial/
group_concat:http://dev.mysql.com/doc/refman/5.0/en/group-by-functions.html#function_group-concat