通过PHP MYSQL页面传递多个变量

时间:2022-09-26 10:56:39

The following code is working fine for the first page. It is a query based on user input from a form. I have 2 issues. The first one is when i click next page i get undefined index and undefined variable error which means the variables are not passed. The second question is how can i make a query and paginate it based on the user filled/selected values in the form? Some users may not fill all the values. Here is my code: NB: The form method is GET. I have tried REQUEST and POST too. All the same error. Thanks in advance guys.

以下代码适用于第一页。它是基于表单的用户输入的查询。我有2个问题。第一个是当我点击下一页时,我得到未定义的索引和未定义的变量错误,这意味着不传递变量。第二个问题是我如何根据表单中的用户填充/选择值进行查询并对其进行分页?某些用户可能无法填写所有值。这是我的代码:NB:表单方法是GET。我也尝试了REQUEST和POST。所有相同的错误。先谢谢你们。

<?php   

    if (isset($_POST['Submit'])) 
    $name = mysql_real_escape_string($_GET['name']);
    $email = mysql_real_escape_string($_GET['email']);
    $age = mysql_real_escape_string($_GET['age']);
    $height = mysql_real_escape_string($_GET['height']);

    include_once "conn.php"; //connect to db and table

    $rs = mysql_query("SELECT COUNT(*) FROM people WHERE name='$name' AND email='$email' AND age='$age' AND height='$height'"); 
    $rw = mysql_fetch_array($rs);
    $numrows = $rw[0];
if ($numrows== 0) die("No Results Found");

$rowsperpage = 7;

$totalpages = ceil($numrows / $rowsperpage);


if (isset($_GET['currentpage']) && is_numeric($_GET['currentpage'])) {

   $currentpage = (int) $_GET['currentpage'];
} else {

   $currentpage = 1;
} 
if ($currentpage > $totalpages) {

   $currentpage = $totalpages;
} 
if ($currentpage < 1) {

   $currentpage = 1;
} 
$offset = ($currentpage - 1) * $rowsperpage;

    $query = mysql_query("SELECT * FROM people WHERE name='$name' AND email='$email' AND age='$age' AND height='$height' ORDER BY time DESC LIMIT $offset, $rowsperpage"); 

//print my tables here 

while($row = mysql_fetch_array($query)) 
               {       
                   $uniqueid = $row['age'];
//output stuff here   
               }
//close sql
$range = 3;
if ($currentpage > 1) {
   echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=1&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'> Go To Page 1</a> ";

   $prevpage = $currentpage - 1;

   echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$prevpage&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'> Previous Page</a>";
} 
for ($x = ($currentpage - $range); $x < (($currentpage + $range) + 1); $x++) {

   if (($x > 0) && ($x <= $totalpages)) {

      if ($x == $currentpage) {

         echo " &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font size=4 color=red>[<b>$x</b>] </font>";

      } else {

         echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$x&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'>$x</a>";
      } 
   }  
}        
if ($currentpage != $totalpages) {

   $nextpage = $currentpage + 1;

   echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$nextpage&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'>Next Page</font></a>";

   echo "<a href='{$_SERVER['PHP_SELF']}?currentpage=$totalpages&amp;name=$name&amp;email=$email&amp;age=$age&amp;height=$height'>Last Page</a> ";
} 

?>

1 个解决方案

#1


0  

The form submits as GET. Because this one, the POST variable isn't set. And you're not defining the first variable (missing brackets?). Furthermore, Submit is the only submitted value with a capital. Is this intentional?

表单提交为GET。因为这个,没有设置POST变量。而你没有定义第一个变量(缺少括号?)。此外,提交是唯一提交资金的值。这是故意的吗?

if (isset($_GET['Submit'])) {
    $name = mysql_real_escape_string($_GET['name']);
    $email = mysql_real_escape_string($_GET['email']);
    $age = mysql_real_escape_string($_GET['age']);
    $height = mysql_real_escape_string($_GET['height']);
}

More ideally, because you want to ommit values, you'll probably want to check each variable individually for existence. And if it's not set (or empty), don't add that field in your WHERE clause.

更理想的情况是,因为您想要省略值,您可能希望单独检查每个变量是否存在。如果它未设置(或为空),请不要在WHERE子句中添加该字段。

$name = isset($_GET['name']) ? mysql_real_escape_string($_GET['name']) : null;
// ... process the other fields in same way ...

or spanned over multiple lines: EDIT: just noticed I was missing a closing ) in the two blocks below.

或跨越多行:编辑:刚刚注意到我在下面的两个街区中错过了一个收盘。

$name = null;
if (isset($_GET['name'])) {
    $name = mysql_real_escape_string($_GET['name']);
}

// ... process the other fields in same way ...

or even:

$name = null;
if (isset($_GET['name']))
    $name = mysql_real_escape_string($_GET['name']);

// ... process the other fields in same way ...

Dynamic query

Then, make your query a bit more dynamic. Like, adding all your available WHERE parameters to an array. It makes things easier.

然后,让您的查询更具动态性。比如,将所有可用的WHERE参数添加到数组中。它使事情变得更容易。

// Store conditions in array
$whereConditions = array();

if (!empty($name)) {
    $whereConditions['name'] = $name;
}

if (!empty($email)) {
    $whereConditions['email'] = $email;
}

if ($age && $age > 0) {
    $whereConditions['age'] = $age;
}

if ($height && $height > 0) {
    $whereConditions['height'] = $height;
}

// Start building your query dynamically
$query = 'SELECT * FROM people';


// Making things easier here. Just flatten your array down.
$conditions = array();
foreach ($whereConditions as $field => $value) {
    $conditions[] = sprintf("%s = '%s'", $field, $value);
}

// Join all conditions with AND
$where = implode(' AND ', $conditions);

// Add where clause, if there are conditions
if (!empty($where)) {
    $query .= ' WHERE ' . $where;
}

$query .= " ORDER BY time DESC LIMIT {$offset}, {$rowsperpage}";

Final notes

Keep in mind to use prepared queries if you're allowing user input. And the mysql_ extension is deprecated. Switch to mysqli_ or PDO.

如果您允许用户输入,请记住使用准备好的查询。并且不推荐使用mysql_扩展。切换到mysqli_或PDO。

#1


0  

The form submits as GET. Because this one, the POST variable isn't set. And you're not defining the first variable (missing brackets?). Furthermore, Submit is the only submitted value with a capital. Is this intentional?

表单提交为GET。因为这个,没有设置POST变量。而你没有定义第一个变量(缺少括号?)。此外,提交是唯一提交资金的值。这是故意的吗?

if (isset($_GET['Submit'])) {
    $name = mysql_real_escape_string($_GET['name']);
    $email = mysql_real_escape_string($_GET['email']);
    $age = mysql_real_escape_string($_GET['age']);
    $height = mysql_real_escape_string($_GET['height']);
}

More ideally, because you want to ommit values, you'll probably want to check each variable individually for existence. And if it's not set (or empty), don't add that field in your WHERE clause.

更理想的情况是,因为您想要省略值,您可能希望单独检查每个变量是否存在。如果它未设置(或为空),请不要在WHERE子句中添加该字段。

$name = isset($_GET['name']) ? mysql_real_escape_string($_GET['name']) : null;
// ... process the other fields in same way ...

or spanned over multiple lines: EDIT: just noticed I was missing a closing ) in the two blocks below.

或跨越多行:编辑:刚刚注意到我在下面的两个街区中错过了一个收盘。

$name = null;
if (isset($_GET['name'])) {
    $name = mysql_real_escape_string($_GET['name']);
}

// ... process the other fields in same way ...

or even:

$name = null;
if (isset($_GET['name']))
    $name = mysql_real_escape_string($_GET['name']);

// ... process the other fields in same way ...

Dynamic query

Then, make your query a bit more dynamic. Like, adding all your available WHERE parameters to an array. It makes things easier.

然后,让您的查询更具动态性。比如,将所有可用的WHERE参数添加到数组中。它使事情变得更容易。

// Store conditions in array
$whereConditions = array();

if (!empty($name)) {
    $whereConditions['name'] = $name;
}

if (!empty($email)) {
    $whereConditions['email'] = $email;
}

if ($age && $age > 0) {
    $whereConditions['age'] = $age;
}

if ($height && $height > 0) {
    $whereConditions['height'] = $height;
}

// Start building your query dynamically
$query = 'SELECT * FROM people';


// Making things easier here. Just flatten your array down.
$conditions = array();
foreach ($whereConditions as $field => $value) {
    $conditions[] = sprintf("%s = '%s'", $field, $value);
}

// Join all conditions with AND
$where = implode(' AND ', $conditions);

// Add where clause, if there are conditions
if (!empty($where)) {
    $query .= ' WHERE ' . $where;
}

$query .= " ORDER BY time DESC LIMIT {$offset}, {$rowsperpage}";

Final notes

Keep in mind to use prepared queries if you're allowing user input. And the mysql_ extension is deprecated. Switch to mysqli_ or PDO.

如果您允许用户输入,请记住使用准备好的查询。并且不推荐使用mysql_扩展。切换到mysqli_或PDO。