祝大家新年快乐!

我有我刚开始时做的现有的php代码,我想知道是否有办法使其成为OOP,或者是否应该找到另一种重新创建它的方法。欢迎所有意见。

<?php
require("local_php.inc");
DatabaseConnect();

//Variables to post to results.php

$keyword=$_POST['keyword'];
$location=$_POST['location'];
$type=$_POST['type'];

//Query

$q1 = "SELECT ssearch.id, ssearch.Company, ssearch.Address, ssearch_state.state_location, ssearch.City, ssearch.Zip, ssearch.Phone, ssearch.Description, ssearch.Email,
ssearch_event.Event_name FROM

(ssearch LEFT OUTER JOIN ssearch_state ON ssearch.State = ssearch_state.id)

LEFT OUTER JOIN  ssearch_event ON ssearch.Event_id = ssearch_event.id

WHERE ssearch.Company LIKE '%$keyword%'";

if($location != "all")
{
 $q1 .= "AND ssearch_state.state_location ='$location' ";
}
if($type != "all")
{
 $q1 .= "AND ssearch_event.Event_name ='$type' ";
}
$q1 .= "ORDER BY ssearch.Company DESC LIMIT 0, 3;";
$result = mysql_query($q1);
$q1_total_rows = mysql_num_rows($result);

?>
<div id="content">
 <?php if($q1_total_rows >= 1) { ?>
 <?php while ($record = mysql_fetch_assoc($result)) { ?>
 <div id="table">
  <table width="379" height="64" border="0" align="left" bordercolor="#FFFF00" bgcolor="#FEFFD5">
   <tr>
    <td width="187"><p align="center" class="contentfontsmallsearch"><a href="display.php?ID=<?php echo $record["id"];?>"><?php echo $record["Company"];?></a></p></td>
    <td width="182"><p align="center" class="contentfontsmallsearch"><?php echo $record["Event_name"];?></p></td>
   </tr>
   <tr>
    <td><p align="center" class="contentfontsmallsearch"><?php echo $record["state_location"];?></p></td>
    <td><p align="center" class="contentfontsmallsearch"><?php echo $record["Description"];?></p></td>
   <tr>
  </table>
 </div>
 <?php } ?>
 <? } else { ?>
 <div id="table2">
 <h3 align="center" class="noresults">No Results</h3><br />
 <p align="center" class="contentfontsmallsearch">Please Try your Search Again</p><br />
 <form action="results.php" method="post" name="myform" id="myform">
  <table width="379" height="190" border="0" align="left" bordercolor="#FFFF00" bgcolor="#FEFFD5">
   <tr>
    <td width="143"><p align="center" class="contentfontsmallsearch">Keyword</p></td>
    <td width="226">
     <label>
       <input name="keyword" type="text" id="keyword" size="30" />
     </label>
    </td>
   </tr>
   <tr>
    <td><p align="center" class="contentfontsmallsearch">Location</p></td>
    <td>
     <select name="location">
       <option value="all" selected="selected">All Locations</option>
       <option value="Pennsylvania">Pennsylvania</option>
       <option value="New Jersey">New Jersey</option>
       <option value="Delaware">Delaware</option>
     </select>
    </td>
   <tr>
    <td width="143"><p align="center" class="contentfontsmallsearch">Event Type </p></td>
    <td>
     <select name="type">
       <option value="all" selected="selected">All Events</option>
       <option value="Rally Event">Rally Event</option>
       <option value="Awareness Event">Awareness Event</option>
       <option value="Donation Event">Donation Event</option>
     </select>
    </td>
   </tr>
   <tr>
    <td></td>
    <td><input type="submit" name="Submit2" value="Search" /></td>
   </tr>
  </table>
 </form>
 </div>
 <? } ?>
</div>

最佳答案

如果您首先确保它安全,我希望。读取mysql_real_escape_string输入变量时添加$_POST。就目前而言,您的代码完全依靠magic_quotes起作用。

第二步,您可以使此代码具有过程性。设计一个location_query()函数或其他东西。我认为没有直接结构可以使“使其成为OOP”而受益。

08-19 04:29