假如网站中,有一个价格字段trueprice,我希望根据价格从小到大,或从大到小进行点击筛选,或按热门,最新商品进行排序,效果图如下
列表模板上增加排序,myorder=hot注意,其中增加了一个虚拟字段myorder,这个字段后台并没有添加.他只是一个排序的标志符,需要最后排除掉.
另外,模板上用到了{dede:php}标签,需要在后台系统设置.系统基本参数,其它设置中,去掉对php模板标签的限制.
模板如下
<a class="ib padding-right" href="/plus/list.php?tid={dede:field.typeid/}&myorder=hot">{dede:php}if($_GET['myorder']=='hot'){echo '<span>最热</span>';}else{echo '最热';}{/dede:php}</a> <a class="ib padding-right" href="/plus/list.php?tid={dede:field.typeid/}&myorder=new">{dede:php}if($_GET['myorder']=='new'){echo '<span>最新</span>';}else{echo '最新';}{/dede:php}</a> <a class="ib padding-right" href="/plus/list.php?tid={dede:field.typeid/}&myorder=price_high">{dede:php}if($_GET['myorder']=='price_high'){echo '<span>价高</span>';}else{echo '价高';}{/dede:php}</a> <a class="ib padding-right"href="/plus/list.php?tid={dede:field.typeid/}&myorder=price_low">{dede:php}if($_GET['myorder']=='price_low'){echo '<span>价低</span>';}else{echo '价低';}{/dede:php}</a>首先,在自定义函数中\include\extend.func.php增加非法过滤函数
/*字符过滤函数*/ function snail_filter($str,$stype="inject") { if ($stype=="inject") { $str = str_replace( array( "select", "insert", "update", "delete", "alter", "cas", "union", "into", "load_file", "outfile", "create", "join", "where", "like", "drop", "modify", "rename", "'", "/*", "*", "../", "./"), array("","","","","","","","","","","","","","","","","","","","","",""), $str); } else if ($stype=="xss") { $farr = array("/\s+/" , "/<(\/?)(script|META|STYLE|HTML|HEAD|BODY|STYLE |i?frame|b|strong|style|html|img|P|o:p|iframe|u|em|strike|BR|div|a|TABLE|TBODY|object|tr|td|st1:chsdate|FONT|span|MARQUEE|body|title|\r\n|link|meta|\?|\%)([^>]*?)>/isU", "/(<[^>]*)on[a-zA-Z]+\s*=([^>]*>)/isU", ); $tarr = array(" ", "", "\\1\\2", ); $str = preg_replace($farr, $tarr, $str); $str = str_replace( array( "<", ">", "'", "\"", ";", "/*", "*", "../", "./"), array("<",">","","","","","","",""), $str); } return $str; }然后,在include/arc.listview.class.php里面增加排序判断及分页的定义,并排除myorder字段
一,修改CountRecord(),在第二行的下面
在if(empty(cfgneedtypeid2))cfgneedtypeid2))cfg_need_typeid2 = ‘N’的下面
增加
//新增,多条件筛选 ,获得附加表的相关信息 $addtable = $this->ChannelUnit->ChannelInfos['addtable']; if($addtable!="") { $addJoin = " LEFT JOIN `$addtable` ON arc.id = ".$addtable.'.aid '; $addField = ''; $fields = explode(',',$this->ChannelUnit->ChannelInfos['listfields']); foreach($fields as $k=>$v) { $nfields[$v] = $k; } if(is_array($this->ChannelUnit->ChannelFields) && !empty($this->ChannelUnit->ChannelFields)) { foreach($this->ChannelUnit->ChannelFields as $k=>$arr) { if(isset($nfields[$k])) { if(!empty($arr['rename'])) { $addField .= ','.$addtable.'.'.$k.' as '.$arr['rename']; } else { $addField .= ','.$addtable.'.'.$k; } } } } if (isset($_REQUEST['tid'])){ $myget=$_GET; unset($myget['myorder']);//删除一个字段 //删除数组中的个别元素,活动状态,进行中,刚结束等,这些值是根据结束时间动态判断的,所以,数据库中并不存在,需要过滤掉这个sql查询条件 foreach($_GET as $key => $value) { //过滤掉不在$addtable表格中的字段,本次不负责处理 //print_r($_GET);exit; $filtersql .= ($key!="q"&$key!="tid" && $key!="TotalResult" && $key!="PageNo") ? " AND $addtable.".snail_filter($key)." = '".snail_filter(urldecode($value))."'" : ''; } } } else { $addField = ''; $addJoin = ''; } //新增结束 //统计数据库记录二、继续找到
$cquery = "SELECT COUNT(*) AS dd FROMdede_arctinyarc WHERE ".$this->addSql;修改为
$cquery = "SELECT COUNT(*) AS dd FROM `dede_arctiny` arc $addJoin WHERE ".$this->addSql.$filtersql;