如何处理三个以上的PHP GET变量从MySQL数据库中选择数据[重复]
This question already has an answer here:
- MySQL WHERE IN () 2 answers
I have a PHP page called get.php
that has access to MySQL Database.
I use one table called: MyTable
In the table I have more than on row.
Every info has an id
that I use to get the other info based on it:
$sql = "SELECT * FROM `MyTable` WHERE `id`='" . $_GET["var1"]'";
$result = $conn->query($sql);
.
.
.
So when I go to:
localhost/bb/t2/get.php?var1=1
I get the other info like Name of the info by fetching the rows.
BUT I want to deal with more than one variable:
localhost/bb/t2/get.php?var1=1&var2=2&var4=4&...
So I can get the info of every id
and not one only.
I want to handle any number of variables and get it's data.
Thank you!
</div>
First, it would be easier to use an array for specifying multiple ids in the URL:
http://localhost/bb/t2/get.php?var[]=1&var[]=2&var[]=4&...
This way, in your PHP code $_GET['var']
will be an array and will contain all values specified in the URL.
Next, you have to make sure all array items (the ids) are numeric. There are many solutions for this, for example skipping non-numeric values:
// make sure parameters are OK
if (is_array($_GET['var'])) {
// eliminate non-numeric values
$ids = array_filter($_GET['var'], function($item) {
return is_numeric($item);
});
}
else {
// invalid arguments; throw exception or do something else
}
Finally, you have to use WHERE IN in your query (and verify of course if there are actually some values in the $ids array before executing the SQL query):
if (!empty($ids)) {
$sql = "SELECT * FROM `MyTable` WHERE `id` IN (" . implode(",", $ids) . ")";
}
else {
//TODO: no numeric ids specified, do something else...
}
It is unclear whether you want to use the variables to determine what fields you are selecting, or to use them to determine what id's are being searched for. Either way it sounds like you just want to be able to pass any number of queries in the urls query string to get what you are looking for.
PHP can actually parse arrays from the query string if composed properly.
Here is an example.
http://localhost/index.php?query1[]=var1&query1[]=var2&query1[]=var3
Note the []
after each query name. This is what the contents of $_GET would be in PHP.
$_GET = [
"query1" => [
"var1",
"var2",
"var3"
]
];
Now you can just get whatever fields or id's from the database that are listed in the array.