$randomvariable=$_GET['randomvariable'];
$search="SELECT * from objects
WHERE transactiontype='$randomvariable'
order by id DESC";
现在如果$randomvariable是空的(没有),我希望它返回所有行.目前,如果它是空的,则不返回任何内容,因为它基本上不会从所有行中搜索任何内容.
$randomvariable = ESACPE_MYSQL_STRING($_GET['randomvariable']);
$search =
"SELECT * FROM objects " .
(empty($randomvariable) ? "" : "WHERE transactiontype='$randomvariable' ") .
"ORDER BY id DESC";
对于ESCAPE_MYSQL_STRING您正在使用的任何MySQL驱动程序,转义字符串的相关函数在哪里.
另一种更模块化的方式:
$search = array(
"select" => "SELECT * FROM objects",
"where" => "WHERE transactiontype='$randomvariable'",
"order" => "ORDER BY id DESC"
);
if (empty($randomvariable)) {
unset($search["where"]);
}
$search = implode(' ', $search);
关于这一点的好处是,您可以轻松地添加,删除或更改任何情况的查询,轻松访问查询的任何部分.
您也可以CASE()在SQL中执行此操作,但它有点麻烦,您不应该期望良好的性能:
SELECT * FROM objects
WHERE transactiontype LIKE
CASE WHEN '$randomvariable' = '' THEN
'%'
ELSE
'$randomvariable'
END CASE
ORDER BY id DESC
另一种方法:
if ($_GET['randomvariable'] != "") {
$where = "transactiontype = " . $randomvariable;
} else {
$where = "1";
}
$search = "SELECT * from objects WHERE " . $where . " ORDER BY id DESC";
| 归档时间: |
|
| 查看次数: |
9209 次 |
| 最近记录: |