当前位置: 文江博客话题详情

PHP if-then-else 语句不起作用

发布于 2024-08-14 19:31:38 字数 824 浏览 9 评论 0原文

我的网址是这样的:“inventory.php?sorting=1”等等。页面加载正常,但无法正确显示信息。

mysql_connect("localhost","user","pass"); 
mysql_select_db("database"); 

if ($sorting == 1){
$result = mysql_query("select * from vehicles ORDER BY year DSC");
}
elseif ($sorting == 2){
$result = mysql_query("select * from vehicles ORDER BY make DSC");
}
elseif ($sorting == 3){
$result = mysql_query("select * from vehicles ORDER BY miles DSC");
}
elseif ($sorting == 4){
$result = mysql_query("select * from vehicles ORDER BY downpay DSC");
}
elseif ($sorting == 5){
$result = mysql_query("select * from vehicles ORDER BY pricepay DSC");
}
elseif ($sorting == 6){
$result = mysql_query("select * from vehicles ORDER BY pricecash DSC");
}
else {
$result = mysql_query("select * from vehicles");
}

while($r=mysql_fetch_array($result))
原文

My url is something such as: "inventory.php?sorting=1" and so forth. Page loads fine but does not display the information properly.

mysql_connect("localhost","user","pass"); 
mysql_select_db("database"); 

if ($sorting == 1){
$result = mysql_query("select * from vehicles ORDER BY year DSC");
}
elseif ($sorting == 2){
$result = mysql_query("select * from vehicles ORDER BY make DSC");
}
elseif ($sorting == 3){
$result = mysql_query("select * from vehicles ORDER BY miles DSC");
}
elseif ($sorting == 4){
$result = mysql_query("select * from vehicles ORDER BY downpay DSC");
}
elseif ($sorting == 5){
$result = mysql_query("select * from vehicles ORDER BY pricepay DSC");
}
elseif ($sorting == 6){
$result = mysql_query("select * from vehicles ORDER BY pricecash DSC");
}
else {
$result = mysql_query("select * from vehicles");
}

while($r=mysql_fetch_array($result))

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(9

遗心遗梦遗幸福 2024-08-21 19:31:38

为什么不直接使用字段名称作为 GET 变量呢?

$sortField = $_GET['sorting'];
// Ensure we don't get any SQL injection:
$validFields = array('year', 'make', 'miles' ... 'pricecash');


$sql = "select * from vehicles";

if(in_array($sortField, $validFields)){
    $sql .= ' ORDER BY ' . $sortField .' DESC';
}

mysql_query($sql);

然后使用 inventory.php?sorting=year 等访问页面。

这使得 URL 更具可读性、可预测性,并且意味着您只需将新字段添加到数组中即可支持新字段,而无需编写新的 switch case。

Why not just use the field name as the GET variable?

$sortField = $_GET['sorting'];
// Ensure we don't get any SQL injection:
$validFields = array('year', 'make', 'miles' ... 'pricecash');


$sql = "select * from vehicles";

if(in_array($sortField, $validFields)){
    $sql .= ' ORDER BY ' . $sortField .' DESC';
}

mysql_query($sql);

and then access the page using inventory.php?sorting=year etc.

This makes the URL more readable, predicatable and means you can support new fields by just adding them to the array without needing to write new switch cases.

回复 原文
撩心不撩汉 2024-08-21 19:31:38

您需要将 $sorting 替换为 $_GET["sorting"]

但同时:

使用 switch 不是一个更好的主意吗陈述?

switch($_GET["sorting"]{
    case 1:
    $result = mysql_query("select * from vehicles ORDER BY year DSC");
    break;
case 2:

ETC。

You need to replace $sorting with $_GET["sorting"]

but, also:

Would it not be a better idea to use the switch statement?

switch($_GET["sorting"]{
    case 1:
    $result = mysql_query("select * from vehicles ORDER BY year DSC");
    break;
case 2:

etc.

回复 原文
旧时模样 2024-08-21 19:31:38

简短回答:将 $sorting 替换为 $_GET["sorting"],或添加 $sorting = $_GET['sorting' ]; 到代码顶部。

长答案:很久以前,register_globals用于自动使 URL 参数显示为变量。这会导致很多安全问题(上面的链接包含一个示例),因此最终被默认关闭(PHP 4.2.0)。在 PHP 6 中,此选项不再存在。因此,您需要通过 $_GET$_REQUEST 显式访问 URL GET 参数。

作为替代方案,您可以使用 import_request_variables 命令。

Short answer: Replace $sorting with $_GET["sorting"], or add $sorting = $_GET['sorting']; to the top of your code.

Long answer: A long time ago, register_globals was used to automatically make URL parameters appear as variables. This lead to a lot of security problems (the above link contains an example), so it was eventually turned off by default (PHP 4.2.0). In PHP 6, this option no longer exists. Thus, you need to explicitly access URL GET parameters through $_GET or $_REQUEST.

As an alternative, you can explicitly import your URL parameters into local variables by using the import_request_variables command.

回复 原文
稍尽春風 2024-08-21 19:31:38

为了让它变得更好,你可以这样做:

$sortBy = '';
switch($_GET["sorting"]{
  case 1:
    $sortBy = 'year';
    break;
  case 2:
    $sortBy = 'make';
    break;
  //...
}  

if(!empty($sortBy)) {
  $result = mysql_query('select * from vehicles ORDER BY ' . $sortBy . ' DSC');
}
else {
  $result = mysql_query('select * from vehicles');
}

这样,如果有一天你必须改变你的查询,你只需要在某一时刻改变它。

And to make it nicer, you can do this:

$sortBy = '';
switch($_GET["sorting"]{
  case 1:
    $sortBy = 'year';
    break;
  case 2:
    $sortBy = 'make';
    break;
  //...
}  

if(!empty($sortBy)) {
  $result = mysql_query('select * from vehicles ORDER BY ' . $sortBy . ' DSC');
}
else {
  $result = mysql_query('select * from vehicles');
}

This way, you only have to change your query at one point if you have to change it someday.

回复 原文
栩栩如生 2024-08-21 19:31:38

有一些地方吗

$sorting = $_GET['sorting'];

你的代码中 ?它不会自动获取它的值。

Is there some

$sorting = $_GET['sorting'];

somewhere in your code? It won't get it's value automatically.

回复 原文
白昼 2024-08-21 19:31:38

在代码开头添加此行。

$sorting = $_REQUEST['sorting'];

Add this line at the start of your code.

$sorting = $_REQUEST['sorting'];
回复 原文
你丑哭了我 2024-08-21 19:31:38

您需要从 $_GET 数组中获取 $sorting 变量。我还将其重写为 switch 语句,如下所示:

switch($_GET['sorting'])
{
  case 1:
    $result = mysql_query("select * from vehicles ORDER BY year DSC");
  brek;

  case 2:
    $result = mysql_query("select * from vehicles ORDER BY make DSC");
  break;

  ...

  default:
    $result = mysql_query("select * from vehicles");
  break;
}

You need to get the $sorting variable from the $_GET array. I would also rewrite it as a switch statement like this:

switch($_GET['sorting'])
{
  case 1:
    $result = mysql_query("select * from vehicles ORDER BY year DSC");
  brek;

  case 2:
    $result = mysql_query("select * from vehicles ORDER BY make DSC");
  break;

  ...

  default:
    $result = mysql_query("select * from vehicles");
  break;
}
回复 原文
执着的年纪 2024-08-21 19:31:38

为什么不使用 switch

switch ($sorting) {
    case 1:
        $result = mysql_query("select * from vehicles ORDER BY year DSC");
        break;
    case 2:
        $result = mysql_query("select * from vehicles ORDER BY make DSC");
        break;
    // ...
    default:
        $result = mysql_query("select * from vehicles");
        break;
}

另外,请确保分配了 $sorting

$sorting = $_GET['sorting']; // Place somewhere before the switch

Why not use switch:

switch ($sorting) {
    case 1:
        $result = mysql_query("select * from vehicles ORDER BY year DSC");
        break;
    case 2:
        $result = mysql_query("select * from vehicles ORDER BY make DSC");
        break;
    // ...
    default:
        $result = mysql_query("select * from vehicles");
        break;
}

Also, make sure $sorting is assigned:

$sorting = $_GET['sorting']; // Place somewhere before the switch
回复 原文
离去的眼神 2024-08-21 19:31:38

如果可以通过 get传入,则可以使用 $_GET['sorting']$_REQUEST['sorting'] >post,但为什么不这样做呢?

$query = "SELECT * FROM `vehicles`";

$sort_values = array( 1 => 'year', 'make', 'miles', 'downpay', 'pricepay', 'pricecash' );
$sort_number = $_GET['sorting'];
if( $sort_number <= count($sort_values) ) {
    $query .= " ORDER BY `{$sort_values[ $sort_number ]}` DESC";
}

$result = mysql_query($query);

请注意,数组的 1 => 部分是因为您对查询列表进行了 1 索引。
if 语句的 <= 部分也是出于这个原因——如果您对其进行 0 索引,则只需使用 < 即可。

看起来可能还不是这样,但您很快就会发现尝试找到编写更少代码的方法是值得的。使用数组意味着您不必复制/粘贴任何代码(重复编写 $result = mysql_query(...); 等),并且几乎可以毫不费力地将新列添加到表中,如果您需要显示更多信息。

人们甚至可以直接从数据库中获取列名,并避免再次接触此代码。

you can use $_GET['sorting'] or $_REQUEST['sorting'] if it could come in by either get or post, but why not do this?

$query = "SELECT * FROM `vehicles`";

$sort_values = array( 1 => 'year', 'make', 'miles', 'downpay', 'pricepay', 'pricecash' );
$sort_number = $_GET['sorting'];
if( $sort_number <= count($sort_values) ) {
    $query .= " ORDER BY `{$sort_values[ $sort_number ]}` DESC";
}

$result = mysql_query($query);

note that the 1 => portion of the array is because you 1-indexed your list of queries.
the reason for the <= portion of the if statement is for that reason too -- if you 0-indexed it, you would just use <.

It may not seem like it yet, but you'll quickly find out that it's worth it to try and find ways to write less code. Using the array means you don't have to copy / paste any code (repeatedly writing $result = mysql_query(...);, etc) and it is virtually effortless to add new columns to your table, should you ever need to display more information.

One might even fetch the column names from the database directly and avoid ever touching this code again.

回复 原文
~没有更多了~

关于作者

梦幻的味道

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

游缘惊梦

文章 0 评论 0

小兔几

文章 0 评论 0

Glik

文章 0 评论 0

生生漫

文章 0 评论 0

Luxian

文章 0 评论 0

Champion-Ming

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文