PHP 与MySQL - 进行可过滤搜索(提供示例)
我正在利用 PHP 和 MySQL 搭建一个练习网站来复制(或非常相似)此网站。截至目前,我的可搜索字段包括:租金(最小-最大)、租赁类型(任何、公寓、房屋)、卧室数量(任何、1+、2+、3+、4+)
我没有到目前为止,在整理代码方面遇到了麻烦,我只是担心扩展问题,并想知道什么是最佳实践。另外,任何关于如何复制我链接的网站上的“侧边栏过滤器搜索”的建议(eBay 也有非常类似的东西)都会很棒。
这是我遇到的一个岔路口:我是单独处理 MySQL 查询中的每个字段过滤器,还是调用表中的所有项目,然后在 PHP 中过滤它们?
$sql = "SELECT * FROM properties ";
$properties = Property::find_by_sql($sql);
$matched_properties = array();
foreach($properties as $property):
if ($min_rent <= $property->rent && $property->rent <= $max_rent) {
$matched_properties[] = $property;
}
endforeach;
上面的代码从 MySQL 的“properties”表中提取所有内容,并创建一个 Property 类(基本 CRUD 类)数组。
如果我听起来很混乱,我很抱歉,但我的主要问题是如何复制过滤后的搜索,例如 上的搜索这个网站 还是 eBay.com?我走的路正确吗?
谢谢
I'm putting together a practice site utilizing PHP and MySQL to replicate (or closely resemble) this site. As of right now my searchable fields include: Rent (min-max), Type of rental (any, apartment, house), Number of Bedrooms (any, 1+, 2+, 3+, 4+)
I'm not having trouble with putting together the code thus far, I'm just worried about scaling issues and want to know what is considered best practice. Also, any advice for how to replicate the 'Sidebar filter search' that is on the site I linked (eBay also has something very similar) would be awesome.
Here is where I've hit a fork in the road: Do I individually process each field filter in a MySQL query or do I call all items in a table and then filter them in PHP?
$sql = "SELECT * FROM properties ";
$properties = Property::find_by_sql($sql);
$matched_properties = array();
foreach($properties as $property):
if ($min_rent <= $property->rent && $property->rent <= $max_rent) {
$matched_properties[] = $property;
}
endforeach;
The code above pulls everything from 'properties' table in MySQL and makes a Property classes (basic CRUD class) array.
Apologies if I sound jumbled, but my main question is How can I replicate a filtered search such as that on this site OR eBay.com? And am I on the right path?
Thank you
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
一般来说,在 PHP 中处理时需要从数据库中提取的数据越少越好。您需要编写的代码更少,产生的错误更少,通过软件堆栈传输的数据更少等等。您可能需要阅读如何编写更复杂的 SQL 查询。以下将是您提供的代码片段的更有效版本:
不过为了安全起见,您需要确保
$min_rent和$max_rent被验证为真实的数字。 (提示:通过is_numeric()传递输入,如果此函数返回false,则抛出错误。)否则,黑客可以执行所谓的 代码注入,输入 SQL 查询字符串的其他片段来代替“min_rent”或“max_rent”,以使您的查询执行大量操作不受欢迎的事情。至于实现像爱荷华大学网站这样的过滤机制,问题在于侧边栏中有链接或表单,单击后会刷新页面。您可以通过多种方式做到这一点。最酷的方法可能是使用 AJAX 自动更新主内容窗口。爱荷华大学网站似乎没有这样做,因为当我单击侧边栏中的各种过滤器链接时,整个页面都会刷新,而不仅仅是主要内容区域。
jQuery 是一个非常有用的 JavaScript 库,可以帮助您以最少的编码执行 AJAX。一探究竟。基本上,您需要构建过滤器侧边栏,以便单击的每个链接都会引发对服务器的 AJAX 查询,该查询会根据用户选择的过滤器提取更新的数据集。当 AJAX 调用返回结果时,您可以使用 JavaScript 和/或 jQuery 方法根据需要将数据注入到页面中。
祝你好运!
Generally speaking, the less data you have to pull from your database to process in PHP, the better. Less code you have to write, less resulting bugs, less data to transfer through the software stack, etc. etc. You may need to read up on how to write more complex SQL queries. The following would be a much more efficient version of the code snippet you gave:
For security though, you'd need to make sure
$min_rentand$max_rentare validated as real numbers. (Hint: pass the inputs throughis_numeric()and throw an error if this function returnsfalse.) Otherwise a hacker could perform what's known as a Code Injection, entering other snippets of SQL query strings in place of "min_rent" or "max_rent" to make your query do lots of undesirable things.As for implementing a filtering mechanism like that U of Iowa site, it's a matter of having links or a form in the sidebar that refreshes the page when clicked. You can do this several ways. The coolest way is probably using AJAX to automatically update the main content window. The U of Iowa site doesn't seem to be doing this, because when I click various filter links in the sidebar, the entire page refreshes instead of just the main content area.
jQuery is a really helpful JavaScript library that can help you do AJAX with minimal coding. Check it out. Basically, you'll want to build your filter sidebar so that each link clicked causes an AJAX query to your server, which pulls in an updated data set based on the user's selected filters. When the result comes back from the AJAX call, you can use JavaScript and/or jQuery methods to inject the data as needed into your page.
Good luck!