祝大家新年快乐!
我有我刚开始时做的现有的php代码,我想知道是否有办法使其成为OOP,或者是否应该找到另一种重新创建它的方法。欢迎所有意见。
<?php
require("local_php.inc");
DatabaseConnect();
//Variables to post to results.php
$keyword=$_POST['keyword'];
$location=$_POST['location'];
$type=$_POST['type'];
//Query
$q1 = "SELECT ssearch.id, ssearch.Company, ssearch.Address, ssearch_state.state_location, ssearch.City, ssearch.Zip, ssearch.Phone, ssearch.Description, ssearch.Email,
ssearch_event.Event_name FROM
(ssearch LEFT OUTER JOIN ssearch_state ON ssearch.State = ssearch_state.id)
LEFT OUTER JOIN ssearch_event ON ssearch.Event_id = ssearch_event.id
WHERE ssearch.Company LIKE '%$keyword%'";
if($location != "all")
{
$q1 .= "AND ssearch_state.state_location ='$location' ";
}
if($type != "all")
{
$q1 .= "AND ssearch_event.Event_name ='$type' ";
}
$q1 .= "ORDER BY ssearch.Company DESC LIMIT 0, 3;";
$result = mysql_query($q1);
$q1_total_rows = mysql_num_rows($result);
?>
<div id="content">
<?php if($q1_total_rows >= 1) { ?>
<?php while ($record = mysql_fetch_assoc($result)) { ?>
<div id="table">
<table width="379" height="64" border="0" align="left" bordercolor="#FFFF00" bgcolor="#FEFFD5">
<tr>
<td width="187"><p align="center" class="contentfontsmallsearch"><a href="display.php?ID=<?php echo $record["id"];?>"><?php echo $record["Company"];?></a></p></td>
<td width="182"><p align="center" class="contentfontsmallsearch"><?php echo $record["Event_name"];?></p></td>
</tr>
<tr>
<td><p align="center" class="contentfontsmallsearch"><?php echo $record["state_location"];?></p></td>
<td><p align="center" class="contentfontsmallsearch"><?php echo $record["Description"];?></p></td>
<tr>
</table>
</div>
<?php } ?>
<? } else { ?>
<div id="table2">
<h3 align="center" class="noresults">No Results</h3><br />
<p align="center" class="contentfontsmallsearch">Please Try your Search Again</p><br />
<form action="results.php" method="post" name="myform" id="myform">
<table width="379" height="190" border="0" align="left" bordercolor="#FFFF00" bgcolor="#FEFFD5">
<tr>
<td width="143"><p align="center" class="contentfontsmallsearch">Keyword</p></td>
<td width="226">
<label>
<input name="keyword" type="text" id="keyword" size="30" />
</label>
</td>
</tr>
<tr>
<td><p align="center" class="contentfontsmallsearch">Location</p></td>
<td>
<select name="location">
<option value="all" selected="selected">All Locations</option>
<option value="Pennsylvania">Pennsylvania</option>
<option value="New Jersey">New Jersey</option>
<option value="Delaware">Delaware</option>
</select>
</td>
<tr>
<td width="143"><p align="center" class="contentfontsmallsearch">Event Type </p></td>
<td>
<select name="type">
<option value="all" selected="selected">All Events</option>
<option value="Rally Event">Rally Event</option>
<option value="Awareness Event">Awareness Event</option>
<option value="Donation Event">Donation Event</option>
</select>
</td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="Submit2" value="Search" /></td>
</tr>
</table>
</form>
</div>
<? } ?>
</div>
最佳答案
如果您首先确保它安全,我希望。读取mysql_real_escape_string
输入变量时添加$_POST
。就目前而言,您的代码完全依靠magic_quotes起作用。
第二步,您可以使此代码具有过程性。设计一个location_query()
函数或其他东西。我认为没有直接结构可以使“使其成为OOP”而受益。