允许未选择选项的 Sql 搜索

Question

我有一个包含三个搜索选项的表单。

SELECT users.* FROM users WHERE users.genre = ? AND users.country = ? AND users.city = ?

此查询仅在满足所有三个条件时才返回结果

SELECT users.* FROM users WHERE users.genre = ? OR users.country = ? OR users.city = ?

仅当正确满足一个条件时，此查询才会返回结果

我需要做的是：

如果有人为国家/地区提交“澳大利亚”并将流派和城市留空，他们将获得澳大利亚的所有结果。

(city=Australia&genre=&country=)

如果有人为国家/地区提交“澳大利亚”，为流派提交“摇滚”并且留空，他们将获得澳大利亚和“摇滚”的所有结果。

(city=Australia&genre=&rockcountry=)

目前，如果我在表单上留空值，它不会给我任何结果，因为我认为它正在搜索 MySQL 中的空单元格？

感谢

 <php
$Recordset1 = new WA_MySQLi_RS("Recordset1",$alpha,1);
$Recordset1->setQuery("SELECT users.* FROM users WHERE users.genre = ? AND users.country = ? AND users.city = ?");
$Recordset1->bindParam("s", "".((isset($_POST["genre"]))?$_POST["genre"]:"")  ."", "-1"); //WAQB_Param1
$Recordset1->bindParam("s", "".((isset($_POST["country"]))?$_POST["country"]:"")  ."", "-1"); //WAQB_Param2
$Recordset1->bindParam("s", "".((isset($_POST["city"]))?$_POST["city"]:"")  ."", "-1"); //WAQB_Param3
$Recordset1->execute();
?>

认为这可能有效

<?php
if ((isset($_POST["country"]) && $_POST["country"] != '')) 
{?>
<?php
$Recordset1 = new WA_MySQLi_RS("Recordset1",$alpha,1);
$Recordset1->setQuery("SELECT users.* FROM users WHERE users.country = ?");
$Recordset1->bindParam("s", "".((isset($_POST["country"]))?$_POST["country"]:"")  ."", "-1"); //WAQB_Param2
$Recordset1->execute();
?>
<?php } ?>

<?php
if ((isset($_POST["country"]) && $_POST["country"] != '') && (isset($_POST["city"]) && $_POST["city"] != '')) 
{?>
<?php
$Recordset1 = new WA_MySQLi_RS("Recordset1",$alpha,1);
$Recordset1->setQuery("SELECT users.* FROM users WHERE users.genre = ? AND users.country = ? AND users.city = ?");
$Recordset1->bindParam("s", "".((isset($_POST["country"]))?$_POST["country"]:"")  ."", "-1"); //WAQB_Param2
$Recordset1->bindParam("s", "".((isset($_POST["city"]))?$_POST["city"]:"")  ."", "-1"); //WAQB_Param3
$Recordset1->execute();
?>
<?php } ?>


<?php
if ((isset($_POST["country"]) && $_POST["country"] != '') && (isset($_POST["city"]) && $_POST["city"] != '') && (isset($_POST["genre"]) && $_POST["genre"] != '')) 
{?>
<?php
$Recordset1 = new WA_MySQLi_RS("Recordset1",$alpha,1);
$Recordset1->setQuery("SELECT users.* FROM users WHERE users.genre = ? AND users.country = ? AND users.city = ?");
$Recordset1->bindParam("s", "".((isset($_POST["genre"]))?$_POST["genre"]:"")  ."", "-1"); //WAQB_Param1
$Recordset1->bindParam("s", "".((isset($_POST["country"]))?$_POST["country"]:"")  ."", "-1"); //WAQB_Param2
$Recordset1->bindParam("s", "".((isset($_POST["city"]))?$_POST["city"]:"")  ."", "-1"); //WAQB_Param3
$Recordset1->execute();
?>
<?php } ?>

但它非常冗长，并没有涵盖所有搜索选项，例如如果用户选择国家和类型，除非我为每个特定的搜索编写代码，否则上面不会涵盖。

Answer 1

考虑动态构建 WHERE 子句：

$sql = "SELECT * WHERE ";
if (isset($_POST["genre"]) {
    $sql .= 'users.genre = :genre OR ';
}
... same for other criteria

// chop off the extra ' OR ' on the end (simpler than tracking when to add one above)
$sql = substr($sql, -4);

$Recordset1->setQuery($sql);
if (isset($_POST["genre"])) {
    $Recordset1->bindParam(':genre', $_POST["genre"], PDO::PARAM_STR);
}
... same for other criteria

旁注，我不确定为什么您的代码中散布着所有这些 ?> </php 对。他们除了伤害什么都做不了。