Я сделал поиск по базе, он работает, сделал некоторые проверки, скажите, что не так?
index.php
<?php
header('Content-Type: text/html; charset=utf-8');
error_reporting(-1);
require_once 'App/db.php';
use App\classes\Db as Db;
$con = new Db();
try{
$sth3 = $con->myPrepare();
}
catch(PDOException $e){
echo $e->getMessage();
exit();
}
$searchForm = [];
if(!empty($_GET['author']) || !empty($_GET['name']) || !empty($_GET['isbn'])){
$searchForm[] = trim(htmlspecialchars($_GET['name']));
$searchForm[] = trim(htmlspecialchars($_GET['author']));
$searchForm[] = trim(htmlspecialchars($_GET['isbn']));
$need = '';
$needSql = '';
if(!empty($searchForm[0])){
$need = $searchForm[0];
$needSql = 'name';
}
if(!empty($searchForm[1])){
$need = $searchForm[1];
$needSql = 'author';
}
if(!empty($searchForm[2])){
$need = $searchForm[2];
$needSql = 'isbn';
}
$sth = $con->SearchPrepare($needSql, $need);
require_once 'html.php';
while($bookName = $sth->fetch()){
if($bookName['name']){
echo '<tr>';
echo'<td>' . $bookName['name'] . '</td>';
echo'<td>' . $bookName['author'] . '</td>';
echo'<td>' . $bookName['year'] . '</td>';
echo'<td>' . $bookName['genre'] . '</td>';
echo'<td>' . $bookName['isbn'] . '</td>';
echo '</tr>';
}
}
echo '</table>';
echo '</body>';
echo '</html>';
}
else{
require_once 'html.php';
foreach($sth3 as $book){
echo '<tr>';
echo'<td>' . $book['name'] . '</td>';
echo'<td>' . $book['author'] . '</td>';
echo'<td>' . $book['year'] . '</td>';
echo'<td>' . $book['genre'] . '</td>';
echo'<td>' . $book['isbn'] . '</td>';
echo '</tr>';
}
}
echo '</table>';
echo '</body>';
echo '</html>';
db.php
<?php
namespace App\classes;
class Db{
protected $pdo;
private $sql = 'SELECT * FROM `books`';
protected $statement;
public function __construct(){
try{
$this->pdo = new \PDO('mysql:host=localhost; dbname=dz; charset=utf8', 'root', '');
$this->pdo->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e){
echo $e->getMessage();
}
}
public function getSql(){
return $this->sql;
}
public function myPrepare(){
$this->statement = $this->pdo->prepare($this->sql);
$res = $this->statement->execute();
if(false !== $res){
$books = $this->statement->fetchAll();
return $books;
}
return [];
}
public function SearchPrepare($needSql, $need){
$sth2 = $this->pdo->prepare('SELECT * FROM `books` WHERE `'.$needSql.'` LIKE :search');
$sth2->execute([':search'=>'%'.$need.'%%']);
return $sth2;
}
}
html.php
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<style>
h1{margin:0; margin-bottom: 21px;}
form{margin-bottom: 1em;}
table{
border-spacing: 0;
border-collapse: collapse;
}
.gray{background: #eee;}
table td, table th{
border: 1px solid #ccc;
padding: 5px;
}
</style>
</head>
<body>
<h1>Библиотека успешного человека</h1>
<form>
<input type="text" name="isbn" placeholder="ISBN">
<input type="text" name="name" placeholder="Название книги">
<input type="text" name="author" placeholder="Автор книги">
<input type="submit" value="Поиск">
</form>
<table>
<tr class="gray">
<th>Название</th>
<th>Автор</th>
<th>Год выпуска</th>
<th>Жанр</th>
<th>ISBN</th>
</tr>
