将表单值从PHP文件传递到另一个PHP文件
[英]Pass form values from PHP file to another PHP file
问题描述
I make a pop-up form like this, in home.php : 
我在home.php中制作了一个这样的弹出表单:
<script src="js/submit.js"></script>
.........
.........
.........
<div id="abc">
<!-- Popup Div Starts Here -->
<div id="popupContact">
<!-- Form -->
<form action="#" id="form" method="post" name="form">
<input id="month" name="month" placeholder="MONTH" type="text">
<a href="javascript:%20check_empty()" id="submit">ADD</a>
</form>
</div>
<!-- Popup Div Ends Here -->
</div>
I fill the form. 我填写表格。 When I click 'ADD' button, it runs javascript function. 当我单击“添加”按钮时,它将运行javascript函数。 The code in submit.js : Submit.js中的代码:
function check_empty() {
if (document.getElementById('month').value == ""){
alert("Fill column!");
} else {
document.getElementById('form').submit();
$.get("application/insertdata.php");
return false;
}
}
//Function To Display Popup
function div_show() {
document.getElementById('abc').style.display = "block";
}
//Function to Hide Popup
function div_hide(){
document.getElementById('abc').style.display = "none";
}
I want to run query in insertdata.php as below. 我想在insertdata.php中运行查询,如下所示。 It needs the value from 'month'. 它需要“月”中的值。
<?php
require("phpsqlajax_dbinfo.php");
$conn = mysqli_connect('localhost', $username, $password, $database);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$data = isset($_POST['month']);
$monthstring = mysqli_real_escape_string($conn, $data);
$sql = "INSERT INTO `databasea`.`tablea` (`MONTH`, `TEST`) VALUES ('". $monthstring ."', 'xxx');";
mysqli_query($conn, $sql);
mysqli_close($conn);
?>
The query run successfully, and row is added in my table. 查询成功运行,并且行已添加到我的表中。 'TEST' column is added with 'xxx'. “测试”列中添加了“ xxx”。 But in 'MONTH' column, it generates no value, just empty. 但是在“ MONTH”列中,它不产生任何值,只是空的。
So, how to get the 'month' value? 那么,如何获得“月”值呢? Thank you. 谢谢。
3 个解决方案
解决方案1
4 已采纳 2016-06-24 13:14:08
Since you're using JavaScript/jQuery there is no real need for inline code in your HTML, so let's start there by removing the inline JavaScript: 由于您使用的是JavaScript / jQuery,因此在HTML中实际上不需要内联代码,因此让我们从删除内联JavaScript开始:
<script src="js/submit.js"></script>
.........
.........
.........
<form action="#" id="form" method="post" name="form">
<input id="month" name="month" placeholder="MONTH" type="text">
<a href="#" id="submit">ADD</a>
</form>
Much cleaner, no? 清洁得多,不是吗? You weren't passing any data in your function call which may have caused problems for you down the line. 您没有在函数调用中传递任何可能给您带来麻烦的数据。
Now a simpler setup in your JavaScript/jQuery in which we'll capture the click event and pass the data via $.post : 现在,在JavaScript / jQuery中进行一个更简单的设置,在该设置中,我们将捕获click事件并通过$.post传递数据:
$('#submit').click(function(event) {
event.preventDefault(); // prevent the default click action
var month = $('#month').val();
if('' == month) {
alert('fill the column!');
} else {
$.post("application/insertdata.php", {month: month}); // notice how the data is passed
}
});
So far, so good, the code is much tighter and more readable and it actually posts the data from the form to the AJAX call. 到目前为止,到目前为止,代码更加紧密,可读性强,并且实际上将数据从表单发布到AJAX调用中。
Finally the PHP, testing to see if the variable month is set properly: 最后是PHP,测试以查看变量month是否设置正确:
<?php
require("phpsqlajax_dbinfo.php");
$conn = mysqli_connect('localhost', $username, $password, $database);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
if(isset($_POST['month'])) {
$data = $_POST['month'];
$monthstring = mysqli_real_escape_string($conn, $data);
$sql = "INSERT INTO `databasea`.`tablea` (`MONTH`, `TEST`) VALUES ('". $monthstring ."', 'xxx');";
mysqli_query($conn, $sql);
}
mysqli_close($conn);
?>
NOTE : I am concerned that you might have more than one of these forms on your page and you may be duplicating ID's which will not work and the duplicate ID's will need to be removed. 注意 :我担心您的页面上可能有多个以上表格,并且您可能正在重复使用ID,但这些ID无法使用,并且需要删除重复的ID。 If this is the case the jQuery code I've written needs to be changed. 如果是这种情况,则需要更改我编写的jQuery代码。 Here is one way to do that: 这是一种方法:
$('a').click(function(event) {
event.preventDefault(); // prevent the default click action
var month = $(this).prev('input').val(); // get the input next to the link
if('' == month) {
alert('fill the column!');
} else {
$.post("application/insertdata.php", {month: month});
}
});
As I stated in comments Little Bobby says your script is at risk for SQL Injection Attacks. 正如我在评论中所述, Little Bobby说您的脚本有遭受SQL注入攻击的危险。 Learn about prepared statements for MySQLi . 了解有关MySQLi的 准备好的语句。 Even escaping the string is not safe! 即使转义字符串也不安全! Changing to prepared statements will make your code cleaner and safer. 更改为准备好的语句将使您的代码更干净,更安全。
解决方案2
2 2016-06-24 12:57:04
Hi use $data = $_POST['month']; 嗨,使用$data = $_POST['month'];
isset will return true or false not value of month isset将返回true或false而不是month的值
解决方案3
2 2016-06-24 12:57:41
Replace 更换
$data = isset($_POST['month']);
by 通过
if(isset($_POST['month'])) {
$data=$_POST['month'];
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.