我的应用程序中有一个用于搜索功能的几个不同字段的表单。搜索参数可以有任何组合,所有组合都可以填充,或者只需1(或任何其他)。
截至目前,PHP代码的相关部分看起来像这样(实际上有效 - 但我担心并认为这是一个非常糟糕的设计/实现):
$whereClause = "";
if (!empty($_POST['searchAlias'])) {
$searchAlias = "%{$_POST['searchAlias']}%";
$whereClause .= " AND (users.alias LIKE ? OR users.alias LIKE ?)";
} else {
$searchAlias = "";
$whereClause .= " AND (users.alias LIKE ? OR users.alias LIKE ?)";
}
if (!empty($_POST['searchLink'])) {
$searchLink = "%{$_POST['searchLink']}%";
$whereClause .= " AND (posts.homepage LIKE ? OR posts.homepage LIKE ?)";
} else {
$searchLink = "";
$whereClause .= " AND (posts.homepage LIKE ? OR ? = '')";
}
if (!empty($_POST['searchComment'])) {
$searchComment = "%{$_POST['searchComment']}%";
$whereClause .= " AND (posts.comment LIKE ? OR posts.comment LIKE ?)";
} else {
$searchComment = "";
$whereClause .= " AND (posts.comment LIKE ? OR ? = '')";
}
if (!empty($_POST['searchCategory'])) {
$searchCategory = $_POST['searchCategory'];
$whereClause .= " AND (posts.category LIKE ? OR posts.category LIKE ?)";
} else {
$searchCategory = "";
$whereClause .= " AND (posts.category LIKE ? OR ? = '')";
}
$stmt = $connection->prepare("SELECT users.alias, posts.postId,
categories.category, posts.homepage, posts.comment, posts.timestamp,
posts.upvotes FROM ((posts INNER JOIN categories ON posts.category =
categories.id) INNER JOIN users ON posts.userId = users.userId)
WHERE 1=1 $whereClause ORDER BY postId DESC LIMIT 300");
$stmt->bind_param("ssssssss", $searchAlias,$searchAlias,
$searchLink,$searchLink, $searchComment,$searchComment,
$searchCategory,$searchCategory);
我应该补充一点,我还有2个日期输入字段(来自和迄今为止),它们也可以包含在搜索中,它们不会添加到当前的PHP代码中,因为我还没有修复它们。
正如您所看到的,我确保将表单数据中设置的参数附加到whereClause - 总是有两个?确保bind_param类型和变量始终保持不变。
所以,这是一个"可接受的"解决方案还是有什么办法可以让它更清洁,更简单?我已经尝试过寻找不同的解决方案,但我要么搜索不够好,要么不够聪明,无法理解解决方案。
感谢任何帮助或想法!
亲切的问候, 额肯
答案 0 :(得分:0)
如果/当添加其他搜索参数时,将PDO与命名参数一起使用可以使此任务更容易维护。它还可以容纳将值与多列进行比较的搜索参数,或者需要对搜索值进行类型转换。您可能需要考虑在LIKE条件的值之前和之后添加'%'。这可以通过将$ _POST值添加到数组并绑定数组值而不是$ _POST值来完成。
修改
我修改了我的第一个帖子以搜索匹配的日期,并允许添加通配符来进行比较。代码也可以很容易地修改,以允许在日期之间进行两次价值检查。
$postVals = array();
foreach($_POST as $varname => $varval) {
$postVals[$varname] = $varval;
}
$wherePieces = array();
$tests = array(
"searchAlias" => array("where" => "user.alias LIKE :searchAlias","addWildCard" => false),
"searchLink" => array("where" => "posts.homepage LIKE :searchLink","addWildCard" => true),
"searchComment" => array("where" => "posts.comment LIKE :searchComment","addWildCard" => true),
"searchCategory" => array("where" => "posts.category LIKE :searchCategory","addWildCard" => false),
"searchTimestamp" => array("where" => "CAST(posts.timestamp AS DATE) = CAST(:searchTimestamp AS DATE)","addWildCard" => false)
);
foreach($tests as $postname => $wherePart) {
if(isset($_POST[$postname]) && $_POST[$postname] != '') {
$wherePieces[] = $wherePart['where'];
}
}
$whereClause = "WHERE " . implode(" AND ",$wherePieces);
$qstr = "SELECT
users.alias,
posts.postId,
categories.category,
posts.homepage,
posts.comment,
posts.timestamp,
posts.upvotes
FROM posts
INNER JOIN categories
ON posts.category = categories.id
INNER JOIN users
ON posts.userId = users.userId)
$whereClause
ORDER BY postId DESC
LIMIT 300";
$stmt = $connection->prepare($qstr);
foreach($tests as $postname => $wherePart) {
if(isset($_POST[$postname]) && $_POST[$postname] != '') {
if($wherePart["addWildCard"]) {
$postVals[$postname] = '%'.$postVals[$postname].'%';
}
$stmt->bindParam(':'.$postname,$postVals[$postname]);
}
}
$stmt->execute();
注意:未经测试,可能有拼写错误。