添加高級搜索數據

Question

無法使用兩個不同的字段（名稱和性別）進行搜索，您可以使用更多輸入添加高級搜索嗎？ 將文件和代碼，以幫助您更好地瞭解在哪裏添加高級搜索開關輸入

訪問getdata.php

<?php 
 

 
if(isset($_GET['page'])){ 
 
    //Include pagination class file 
 
    include('Pagination.php'); 
 
    
 
    //Include database configuration file 
 
    include('dbConfig.php'); 
 
    
 
    $start = !empty($_GET['page'])?$_GET['page']:0; 
 
    $limit = 25; 
 
    //set conditions for search 
 
    $whereSQL = $orderSQL = ''; 
 
    $keywords = $_GET['keywords']; 
 
    $keyname = $_GET['keyname']; 
 
    $sortBy = $_GET['sortBy']; 
 

 
    if(!empty($keyname)){ 
 
     $whereSQL = "WHERE name LIKE '%".$keyname."%'"; 
 
    } 
 
    if(!empty($keywords)){ 
 
     $whereSQ = "WHERE member_group_id LIKE '".$keywords."'"; 
 
    } 
 

 
    if(!empty($sortBy)){ 
 
     $orderSQL = " ORDER BY name ".$sortBy; 
 
    }else{ 
 
     $orderSQL = " ORDER BY name DESC "; 
 
    } 
 

 
    //get number of rows 
 
    $queryNum = $db->query("SELECT COUNT(*) as name FROM ILFREE_core_members ".$whereSQL.$whereSQ.$orderSQL); 
 
    $resultNum = $queryNum->fetch_assoc(); 
 
    $rowCount = $resultNum['name']; 
 

 
    //initialize pagination class 
 
    $pagConfig = array(
 
     'currentPage' => $start, 
 
     'totalRows' => $rowCount, 
 
     'perPage' => $limit, 
 
     'link_func' => 'searchFilter' 
 
    ); 
 
    $pagination = new Pagination($pagConfig); 
 
    
 
    //get rows 
 
    $query = $db->query("SELECT * FROM ILFREE_core_members $whereSQL $whereSQ $orderSQL LIMIT $start,$limit"); 
 

 
    if($query->num_rows > 0){ ?> 
 
     <div class="GETs_list"> 
 
     <?php 
 
while($row = $query->fetch_assoc()){ 
 
$GroupID = $row["member_group_id"]; 
 
$IDgroup = array('29','77','62','83','46','43','73','58','68','2','78','63','82','45','42','71','52','67','27','76','60','81','44','41','70','56','65'); 
 
$GETID = $row['member_id']; 
 
$Name = $row["name"]; 
 
$photo = $row["pp_main_photo"]; 
 
$bannato = '7'; 
 

 

 
?> 
 
<div class="list_item"> 
 
<?php 
 
// name 
 

 
echo '<a href="http://www.ilfree.it/index.php?/profile/' . $GETID . '-' . $Name . '" title="Visualizza il profilo di ' . $Name . '" ><h2>' . $Name . '</h2></a>'; 
 

 
// foto 
 
if(empty($photo)) { if(in_array($GroupID, $IDgroup)) { 
 
echo '<a href="http://www.ilfree.it/index.php?/profile/' . $GETID . '-' . $Name . '" title="Visualizza il profilo di ' . $Name . '"><img src="http://www.ilfree.it/uploads/file/search_femmina.png"/></a>'; } 
 
elseif ($bannato == $GroupID) { 
 
echo '<a href="http://www.ilfree.it/index.php?/profile/' . $GETID . '-' . $Name . '" title="Visualizza il profilo di ' . $Name . '"><img src="http://www.ilfree.it/uploads/file/ban.png"/></a>'; } 
 
else { 
 
echo '<a href="http://www.ilfree.it/index.php?/profile/' . $GETID . '-' . $Name . '" title="Visualizza il profilo di ' . $Name . '"><img src="http://www.ilfree.it/uploads/file/search_maschio.png"/></a>'; } } 
 
else{ 
 
echo '<a href="http://www.ilfree.it/index.php?/profile/' . $GETID . '-' . $Name . '" title="Visualizza il profilo di ' . $Name . '"><img src="http://www.ilfree.it/uploads/profile_photos/' . $photo . '"/></a>'; 
 
} 
 

 

 

 

 

 

 

 

 
?> 
 

 

 

 

 

 

 
    
 
      
 

 

 
      
 

 
      
 
      </div> 
 
     <?php } ?> 
 
     </div> 
 
     <?php echo $pagination->createLinks(); ?> 
 
<?php } } ?>

的index.php

<!DOCTYPE HTML> 
 
<html lang="en"> 
 
<head> 
 

 

 
</head> 
 
<body> 
 

 

 

 

 
<div class="GET-search-panel"> 
 
    <input type="text" id="keyname" placeholder="name" onkeyup="searchFilter()"/> 
 

 
    <input type="text" id="keywords" placeholder="Type keywords to filter GETs" onkeyup="searchFilter()"/> 
 
    <select id="sortBy" onchange="searchFilter()"> 
 
     <option value="">Sort By</option> 
 
     <option value="asc">Ascending</option> 
 
     <option value="desc">Descending</option> 
 
    </select> 
 
</div> 
 
<div class="GET-wrapper"> 
 
    <div id="GETs_content"> 
 
    <?php 
 
    //Include pagination class file 
 
    include('Pagination.php'); 
 
    
 
    //Include database configuration file 
 
    include('dbConfig.php'); 
 
    
 
    $limit = 25; 
 

 
    //get number of rows 
 
    $queryNum = $db->query("SELECT COUNT(*) as ilfreexxx FROM ILFREE_core_members"); 
 
    $resultNum = $queryNum->fetch_assoc(); 
 
    $rowCount = $resultNum['ilfreexxx']; 
 
    
 
    //initialize pagination class 
 
    $pagConfig = array(
 
     'totalRows' => $rowCount, 
 
     'perPage' => $limit, 
 
     'link_func' => 'searchFilter' 
 
    ); 
 
    $pagination = new Pagination($pagConfig); 
 
    
 
    //get rows 
 
    $query = $db->query("SELECT * FROM ILFREE_core_members ORDER BY member_id DESC LIMIT $limit"); 
 
    
 
    if($query->num_rows > 0){ ?> 
 
     <div class="GETs_list"> 
 

 
      
 
<?php   
 

 
while($row = $query->fetch_assoc()){ 
 
$GroupID = $row["member_group_id"]; 
 
$IDgroup = array('29','77','62','83','46','43','73','58','68','2','78','63','82','45','42','71','52','67','27','76','60','81','44','41','70','56','65'); 
 
$GETID = $row['member_id']; 
 
$Name = $row["name"]; 
 
$photo = $row["pp_main_photo"]; 
 
$bannato = '7'; 
 

 

 
?> 
 
<div class="list_item"> 
 
<?php 
 
// name 
 

 
echo '<a href="http://www.ilfree.it/index.php?/profile/' . $GETID . '-' . $Name . '" title="Visualizza il profilo di ' . $Name . '" ><h2>' . $Name . '</h2></a>'; 
 

 
// foto 
 
if(empty($photo)) { if(in_array($GroupID, $IDgroup)) { 
 
echo '<a href="http://www.ilfree.it/index.php?/profile/' . $GETID . '-' . $Name . '" title="Visualizza il profilo di ' . $Name . '"><img src="http://www.ilfree.it/uploads/file/search_femmina.png"/></a>'; } 
 
elseif ($bannato == $GroupID) { 
 
echo '<a href="http://www.ilfree.it/index.php?/profile/' . $GETID . '-' . $Name . '" title="Visualizza il profilo di ' . $Name . '"><img src="http://www.ilfree.it/uploads/file/ban.png"/></a>'; } 
 
else { 
 
echo '<a href="http://www.ilfree.it/index.php?/profile/' . $GETID . '-' . $Name . '" title="Visualizza il profilo di ' . $Name . '"><img src="http://www.ilfree.it/uploads/file/search_maschio.png"/></a>'; } } 
 
else{ 
 
echo '<a href="http://www.ilfree.it/index.php?/profile/' . $GETID . '-' . $Name . '" title="Visualizza il profilo di ' . $Name . '"><img src="http://www.ilfree.it/uploads/profile_photos/' . $photo . '"/></a>'; 
 
} 
 

 

 

 

 

 

 

 

 
?> 
 

 

 

 

 

 

 
    
 
      
 

 

 
      
 

 
      
 
      </div> 
 
     <?php } ?> 
 
     </div> </div> 
 
     <?php echo $pagination->createLinks(); ?> 
 
    <?php } ?> 
 

 
</div> 
 

 
<style> 
 

 
body { 
 
    background: #e7e7e7 url(http://carpanelli-art.com/wp-content/themes/pacifico/images/bgs/bg_i_4.jpg) repeat; 
 
    font-family: "FS Albert Light", "Myriad Pro", "Helvetica Neue", Helvetica, Arial, sans-serif; 
 
} 
 
.GET-wrapper { 
 
    padding: 10px; 
 
    background: #fdfdfd; 
 
    width: 70%; 
 
    margin: 0 auto; 
 
    border-radius: 6px; 
 
} 
 
.list_item { 
 
    position: relative; 
 
    float: left; 
 
    border: 4px solid #f1f1f1; 
 
    margin: 4px; 
 
} 
 
.list_item:hover { 
 
     border: 4px solid #d6e9ff; 
 

 
} 
 
.list_item a { 
 
    text-decoration: none; 
 
    color: #b1b1b1; 
 
    font-size: 10px; 
 
    text-align: center; 
 

 
} 
 
.list_item a:hover { 
 
     color: #8a8a8a; 
 
} 
 
.list_item img { 
 
    width: 200px; 
 
    height: 220px; 
 
    display: list-item; 
 
} 
 

 
.list_item h2 { 
 
    position: relative; 
 
    margin: 0; 
 
    background: #f4f5f9; 
 
    border-bottom: 1px solid #f1f1f1; 
 
    color: #3f4752; 
 
    text-shadow: -1px -1px 0 #fff; 
 
} 
 
#GETs_content { 
 
    width: 70%; 
 
     margin: 0 auto; 
 
} 
 
.GETs_list {display: inline-block;} 
 
div.pagination { 
 
    font-family: "Lucida Sans", Geneva, Verdana, sans-serif; 
 
    padding:20px; 
 
    margin:7px; 
 
    display: inline-block; 
 
} 
 
div.pagination a { 
 
    margin: 2px; 
 
    padding: 0.5em 0.64em 0.43em 0.64em; 
 
    background-color: #ee4e4e; 
 
    text-decoration: none; 
 
    color: #fff; 
 
} 
 
div.pagination a:hover, div.pagination a:active { 
 
    padding: 0.5em 0.64em 0.43em 0.64em; 
 
    margin: 2px; 
 
    background-color: #de1818; 
 
    color: #fff; 
 
} 
 
div.pagination span.current { 
 
    padding: 0.5em 0.64em 0.43em 0.64em; 
 
    margin: 2px; 
 
    background-color: #f6efcc; 
 
    color: #6d643c; 
 
} 
 
div.pagination span.disabled { 
 
    display:none; 
 
} 
 
</style> 
 
      <!-- JavaScript --> 
 
     <script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script> 
 

 
<script> 
 
function searchFilter(page_num) { 
 
    page_num = page_num?page_num:0; 
 
    var keywords = $('#keywords').val(); 
 
    var keyname = $('#keyname').val(); 
 
    var sortBy = $('#sortBy').val(); 
 
    $.ajax({ 
 
     type: 'GET', 
 
     url: 'getData.php', 
 
     data:'page='+page_num+'&keyname='+keyname+'&keywords='+keywords+'&sortBy='+sortBy, 
 
     beforeSend: function() { 
 
      $('.loading-overlay').show(); 
 
     }, 
 
     success: function (html) { 
 
      $('#GETs_content').html(html); 
 
      $('.loading-overlay').fadeOut("slow"); 
 
     } 
 
    }); 
 
} 
 
</script> 
 
</body> 
 
</html>

我急切地尋找您的幫助

Answer 1

您可以使用所有條件子句構建數組，然後將該數組格式化爲合適的SQL where子句。但需要提及的是，您並不是逃避對SQL的輸入，並且容易受到SQL注入攻擊。以下是一個非常簡單的查詢生成器的示例代碼。

$start = !empty($_GET['page'])?$_GET['page']:0; 
$limit = 25; 

# Build array of orderings 
$orderQueries = []; 
if (isset($_GET['sortBy']) && !empty($_GET['sortBy'])) { 
    $sortBy = $_GET['sortBy']; 
    $orderQueries[] = "name $sortBy"; 
} else { 
    $orderQueries[] = "name DESC"; 
} 

# Build array of conditionals 
$whereQueries = []; 
if (isset($_GET['name']) && !empty($_GET['name'])) { 
    $name = $_GET['name']; 
    $whereQueries[] = "name LIKE '%$name%'"; 
} 
if (isset($_GET['age']) && !empty($_GET['age'])) { 
    $age = $_GET['age']; 
    $whereQueries[] = "age = $age"; 
} 
if (isset($_GET['keywords']) && !empty($_GET['keywords'])) { 
    $keywords = $_GET['keywords']; 
    $whereQueries[] = "member_group_id LIKE '$keywords'"; 
} 

# Construct "WHERE ..." part of query 
$whereSQL = 'WHERE '; 
$firstLoop = true; 
foreach ($whereQueries as $q) { 
    if (!$firstLoop) { # Avoid prepending "AND" on the first loop 
     $firstLoop = false; 
     $q = " AND $q"; 
    } 
    $whereSQL .= $q; 
} 

# Construct "ORDER BY ..." part of query 
$orderSQL = 'ORDER BY '; 
$firstLoop = true; 
foreach ($orderQueries as $q) { 
    if (!$firstLoop) { 
     $firstLoop = false; 
     $q = ", $q"; # Avoid prepending "," on the first loop 
    } 
    $orderSQL .= " $q" 
} 
$query = $db->query("SELECT * FROM ILFREE_core_members $whereSQL $orderSQL LIMIT $start,$limit");