include/ecapp.base.php line:840
/**
* 获取查询条件
*
* @author Garbin
* @param none
* @return void
*/
function _get_query_conditions($query_item){
$str = '';
$query = array();
foreach ($query_item as $options)
{
if (is_string($options))
{
$field = $options;
$options['field'] = $field;
$options['name'] = $field;
}
!isset($options['equal']) && $options['equal'] = '=';
!isset($options['assoc']) && $options['assoc'] = 'AND';
!isset($options['type']) && $options['type'] = 'string';
!isset($options['name']) && $options['name'] = $options['field'];
!isset($options['handler']) && $options['handler'] = 'trim';
if (isset($_GET[$options['name']]))
{
$input = $_GET[$options['name']];
$handler = $options['handler'];
$value = ($input == '' ? $input : $handler($input));
if ($value === '' || $value === false) //若未输入,未选择,或者经过$handler处理失败就跳过
{
continue;
}
strtoupper($options['equal']) == 'LIKE' && $value = "%{$value}%";
if ($options['type'] != 'numeric')
{
$value = "'{$value}'"; //加上单引号,安全第一
}
else
{
$value = floatval($value); //安全起见,将其转换成浮点型
}
$str .= " {$options['assoc']} {$options['field']} {$options['equal']} {$value}";
$query[$options['name']] = $input;
}
}
$this->assign('query', stripslashes_deep($query));
return $str;
}
调用:
$conditions = $this->_get_query_conditions (
array (
array ('field' => $field,'equal' => 'LIKE', 'name' => 'search_name' ),
array ('field' => 'status', 'equal' => '=', 'type' => 'numeric' ),
array ('field' => 'is_contactseller', 'equal' => '=', 'type' => 'numeric' ),
array ('field' => 'add_time', 'name' => 'add_time_from', 'equal' => '>=', 'handler' => 'gmstr2time' ),
array ('field' => 'add_time', 'name' => 'add_time_to', 'equal' => '<=', 'handler' => 'gmstr2time_end' ),
array ('field' => 'order_amount', 'name' => 'order_amount_from', 'equal' => '>=', 'type' => 'numeric' ),
array ('field' => 'order_amount', 'name' => 'order_amount_to', 'equal' => '<=', 'type' => 'numeric' )
)
);
不能立刻拿来使用,只是参考。