【发布时间】:2022-06-10 16:40:15
【问题描述】:
我为类别、价格、促销和其他内容创建了一个过滤器。
所以,当我选择一个类别时:filter view
我选择并显示页面(所有人都明白我的意思是我是这里的新手哈哈)。
索引.php
<div class="container">
<div class="text-right w-100">
<a data-bs-toggle="collapse" href="#filter" role="button" aria-expanded="false" aria-controls="collapseExample">
<i class="fas fa-sort"></i>
</a>
</div>
<div class="collapse mt-2" id="filter">
<div class="card card-body">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="prix" value="prix" id="flexCheckDefault">
<label class="form-check-label" for="flexCheckDefault">
Prix : <i class="fa-solid fa-arrow-down-short-wide"></i> (général)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="prix" value="prix" id="flexCheckDefaultbas">
<label class="form-check-label" for="flexCheckDefaultbas">
Prix : <i class="fas fa-sort-amount-up-alt"></i> (général)
</label>
</div>
<div class="form-check border-top border-dark mt-2 pt-2">
<input class="form-check-input" type="checkbox" name="prix" value="prix" id="promotionBas">
<label class="form-check-label" for="promotionBas">
Promotions : <i class="fa-solid fa-arrow-down-short-wide"></i> (général)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="prix" value="prix" id="promotionHaut">
<label class="form-check-label" for="promotionHaut">
Promotions : <i class="fas fa-sort-amount-up-alt"></i> (général)
</label>
</div>
<div class="form-check border-top border-dark mt-2 pt-2">
<input class="form-check-input" type="checkbox" name="prix" value="prix" id="bricolage">
<label class="form-check-label" for="bricolage">
Catégorie : Bricolage
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="prix" value="prix" id="puericulture">
<label class="form-check-label" for="puericulture">
Catégorie : Puericulture
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="prix" value="prix" id="decoration">
<label class="form-check-label" for="decoration">
catégorie : Décoration
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="prix" value="prix" id="hightech">
<label class="form-check-label" for="hightech">
catégorie : High-Tech
</label>
</div>
</div>
包含.php
<?php
if(isset($_POST['categorie'])){
$categorie = $_POST['categorie'];
}
if (isset($categorie)) {
$sql = "SELECT * FROM test WHERE categorie = ($categorie) ORDER BY id DESC";
} else if (isset($_POST['prixbas']) == 'prixbas') {
$sql = "SELECT * FROM test ORDER BY CAST(prixactuel AS DECIMAL(18,2)) ASC";
} else if (isset($_POST['prixhaut']) == 'prixhaut') {
$sql = "SELECT * FROM test ORDER BY CAST(prixactuel AS DECIMAL(18,2)) DESC";
} else if (isset($_POST['promotionbas']) == 'promotionbas') {
$sql = "SELECT * FROM test ORDER BY pourcentage ASC";
} else if (isset($_POST['promotionhaut']) == 'promotionhaut') {
$sql = "SELECT * FROM test ORDER BY pourcentage DESC";
} else {
$sql = "SELECT * FROM test ORDER BY id DESC";
}
$result = $conn->query($sql);
//define total number of results you want per page
$results_per_page = 10;
//find the total number of results stored in the database
$number_of_result = mysqli_num_rows($result);
//determine the total number of pages available
$number_of_page = ceil($number_of_result / $results_per_page);
//determine which page number visitor is currently on
if (!isset($_GET['page'])) {
$page = 1;
} else {
$page = $_GET['page'];
}
//determine the sql LIMIT starting number for the results on the displaying page
$page_first_result = ($page - 1) * $results_per_page;
// Prev + Next
$prev = $page - 1;
$next = $page + 1;
//retrieve the selected results from database
$sql = "SELECT * FROM test ORDER BY id DESC LIMIT " . $page_first_result . ',' . $results_per_page;
$result = mysqli_query($conn, $sql);
$conn->close();
$number = 0;
【问题讨论】:
-
我对您的问题有疑问。你的问题是什么?
-
警告:您对SQL Injections 持开放态度,应该使用参数化的prepared statements,而不是手动构建查询。它们由PDO 或MySQLi 提供。永远不要相信任何形式的输入!即使您的查询仅由受信任的用户执行,you are still in risk of corrupting your data。 Escaping is not enough!