[英]send special characters with ajax and receive them correctly to php
i've got a javascript function which get some datas on parameter and try to save them on a postgreSQL database. 我有一个javascript函数,该函数获取一些参数数据,并尝试将它们保存在postgreSQL数据库中。 This is the javascript ajax function 这是javascript ajax函数
function insertCalendarEvents(calendar_group, event_name, event_datestart, event_datestop, event_timestart, event_timestop, event_info, onfinish) {
var request;
if(window.XMLHttpRequest)
request = new XMLHttpRequest();
else
request = new ActiveXObject("Microsoft.XMLHTTP");
request.onreadystatechange = function() {
if (request.readyState == 4 && request.status == 200) {alert(request.responseText);
if(request.responseText.substr(0, 6) == "error ")
alert(errorName[request.responseText.substr(6)]);
else {
var event_id = 7;
onfinish(event_id);
}
}
}
var params = "action=insertCalendarEvents&calendar_group=" + calendar_group + "&event_name=" + encodeURIComponent(event_name) + "&event_datestart=" + event_datestart + "&event_datestop=" + event_datestop + "&event_timestart=" + event_timestart + "&event_timestop=" + event_timestop + "&event_info=" + event_info;
request.open("GET", "php/calendar.php?" + params, true);
request.setRequestHeader("If-Modified-Since", "Sat, 1 Jan 2000 00:00:00 GMT");
request.setRequestHeader("Content-type", "application/x-www-form-urlencoded; charset=UTF-8");
request.send();
}
And this is the php function: 这是php函数:
if($action == "insertCalendarEvents") {
$calendar_group = $_GET["calendar_group"];
$event_name = "'" . htmlspecialchars(urldecode($_GET["event_name"])) . "'";
$event_datestart = "'" . $_GET["event_datestart"] . "'";
$event_datestop = "'" . $_GET["event_datestop"] . "'";
$event_timestart = $_GET["event_timestart"] != "" ? "'" . $_GET["event_timestart"] . "'" : "null";
$event_timestop = $_GET["event_timestop"] != "" ? "'" . $_GET["event_timestop"] . "'" : "null";
$event_info = "'" . $_GET["event_info"] . "'";
echo $event_name;
require_once("connect.php");
$query = "INSERT INTO calendar_events (calendar_group, event_name, event_datestart, event_datestop, event_timestart, event_timestop, event_info) VALUES (" . $calendar_group . ", " . $event_name . ", " . $event_datestart . ", " . $event_datestop . ", " . $event_timestart . ", " . $event_timestop . ", " . $event_info . ")";
$result = pg_query($connect, $query);
if(!$result)
die("error 1"); // query error
$query = "SELECT currval('events_event_id_seq')";
$result = pg_query($connect, $query);
if(!$result)
die("error 1"); // query error
$row = pg_fetch_row($result);
echo $row[0];
}
Problem is when i try to add special chars (right now i test only on event_name parameter) like + or newline and so, it doesnt work, on + it replaces it with space, newline doesnt do anything. 问题是,当我尝试添加特殊字符(现在我仅在event_name参数上进行测试)时,例如+或换行符,因此,它不起作用,在+上将其替换为空格,换行符不起作用。
Encode Data Before You send to server 在发送到服务器之前对数据进行编码
I also had problem like you have now but this function i implemented solved my problem 我也遇到了像您现在这样的问题,但是我实现的此功能解决了我的问题
function encode(val){
var eVal;
if(!encodeURIComponent){
eVal=escape(val);
eVal=eVal.replace(/@/g,"%40");
eVal=eVal.replace(/\//g,"%2F");
eVal=eVal.replace(/\+/g,"%2B");
eVal=eVal.replace(/'/g,"%60");
eVal=eVal.replace(/"/g,"%22");
eVal=eVal.replace(/`/g,"%27");
eVal=eVal.replace(/&/g,"%26");
}else{
eVal=encodeURIComponent(val);
eVal=eVal.replace(/~/g,"%7E");
eVal=eVal.replace(/!/g,"%21");
eVal=eVal.replace(/\(/g,"%28");
eVal=eVal.replace(/\)/g,"%29");
eVal=eVal.replace(/'/g,"%27");
eVal=eVal.replace(/"/g,"%22");
eVal=eVal.replace(/`/g,"%27");
eVal=eVal.replace(/&/g,"%26");
}
return eVal.replace(/\%20/g,"+");
}
You need to pass the data through encodeURIComponent
before adding it to the query string. 您需要先将数据通过encodeURIComponent
传递,然后再将其添加到查询字符串中。
Also get rid of these lines: 也摆脱这些行:
request.setRequestHeader("If-Modified-Since", "Sat, 1 Jan 2000 00:00:00 GMT");
I'd be surprised if that was not always true. 如果那并非总是如此,我会感到惊讶。
request.setRequestHeader("Content-type", "application/x-www-form-urlencoded; charset=UTF-8");
You aren't making a POST request. 您没有发出POST请求。 There is no message body to describe the content-type of. 没有消息正文来描述其内容类型。
在通过Ajax发送参数之前,应在参数上使用encodeURI()
使用POST,它应该可以安全地传递您的数据,并且更合理地用于从客户端更新内容
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.