[英]Ajax send data using POST method, but PHP function does not INSERT them to the table
我在使用 POST 方法从 AJAX 接收数据时遇到问题。
起初,一切正常,但后来发生了一些事情,现在我找不到错误了。
如果我检查我的 AJAX 一切都正确调度,但 PHP 没有收到数据。 因此,它不会向数据库表中插入数据。
我的jQuery:
$('#button-send-review').click(function(e) {
e.preventDefault();
var th = $(this);
var name = $("#name_review").val();
var good = $("#good_review").val();
var bad = $("#bad_review").val();
var comment = $("#comment_review").val();
var iid = $("#button-send-review").attr("iid");
var add_review = $("#button-send-review").val();
if (name != "") {
var name_review = '1';
$("#name_review").css("borderColor", "#DBDBDB");
} else {
var name_review = '0';
$("#name_review").css("border", "2px solid #d20000");
}
if (good != "") {
var good_review = '1';
$("#good_review").css("borderColor", "#DBDBDB");
} else {
var good_review = '0';
$("#good_review").css("border", "2px solid #d20000");
}
if (bad != "") {
var bad_review = '1';
$("#bad_review").css("borderColor", "#DBDBDB");
} else {
var bad_review = '0';
$("#bad_review").css("border", "2px solid #d20000");
}
if (name_review == '1' && good_review == '1' && bad_review == '1') {
$.ajax({
type: "POST",
url: "./",
data: "goods_id=" + iid + "&name=" + name + "&good=" + good + "&bad=" + bad + "&comment=" + comment + "&add_review=" + add_review,
dataType: "html",
cache: false,
}).done(function() {
$(".success").addClass("visible");
setTimeout(function() {
// Done Functions
th.trigger("reset");
$(".success").removeClass("visible");
$.magnificPopup.close();
}, 3000);
});
}
});
我的控制器:
<?php
if ($_POST['add_review']) {
add_review();
}
?>
我的型号:
<?php
function add_review() {
global $link;
$goods_id = trim($_POST['goods_id']);
$name = trim($_POST['name']);
$good = trim($_POST['good']);
$bad = trim($_POST['bad']);
$comment = trim($_POST['comment']);
$goods_id = clear($goods_id);
$name = clear($name);
$good = clear($good);
$bad = clear($bad);
$comment = clear($comment);
$query = "INSERT INTO reviews(goods_id, name, good_reviews, bad_reviews, comment, date)
VALUES($goods_id, '$name', '$good', '$bad', '$comment', NOW())";
$res = mysqli_query($link, $query) or trigger_error($link->error . "[DB]");
return true;
}
?>
我的 HTML:
<div id="send-review" class="popup-form">
<div class="success">Thank you! <br>
Your review send for moderation.
</div>
<h4 id="title-review">The review would be posted soon.</h4>
<ul>
<li>
<label id="label-name"><span>Name *</span></label>
<input maxlength="15" type="text" id="name_review" placeholder="Enter your name..." style="border-color: rgb(219, 219, 219);" />
</li>
<li>
<label id="label-good"><span>Pros *</span></label>
<textarea id="good_review" placeholder="Enter pros..." style="border-color: rgb(219, 219, 219);"></textarea>
</li>
<li>
<label id="label-bad"><span>Cons *</span></label>
<textarea id="bad_review" placeholder="Enter cons..." style="border-color: rgb(219, 219, 219);"></textarea>
</li>
<li>
<label id="label-comment">Comment</label>
<textarea id="comment_review" placeholder="Your comment..."></textarea>
</li>
</ul>
<div class="button-wrap">
<button class="button" type="submit" id="button-send-review" name="add_review" value="Send" iid="92">Send</button>
</div>
<button title="Close (Esc)" type="button" class="mfp-close">×</button>
</div>
您的 $.ajax() 数据格式不正确;
应该像这个例子一样在你的接收器页面中接收 POST 字符串:
$.ajax({
method: "POST",
url: "some.php",
data: { name: "John", location: "Boston" }
});
并且请使用准备好的 SQL 语句来防止 SQL 注入。
ajax方法中的发帖格式不正确;
将ajax代码更改为:
<script>
$('#button-send-review').click(function (e) {
e.preventDefault();
var th = $(this);
var name = $("#name_review").val();
var good = $("#good_review").val();
var bad = $("#bad_review").val();
var comment = $("#comment_review").val();
var iid = $("#button-send-review").attr("iid");
var add_review = $("#button-send-review").val();
if (name != "")
{
var name_review = '1';
$("#name_review").css("borderColor", "#DBDBDB");
} else {
var name_review = '0';
$("#name_review").css("border", "2px solid #d20000");
}
if (good != "")
{
var good_review = '1';
$("#good_review").css("borderColor", "#DBDBDB");
} else {
var good_review = '0';
$("#good_review").css("border", "2px solid #d20000");
}
if (bad != "")
{
var bad_review = '1';
$("#bad_review").css("borderColor", "#DBDBDB");
} else {
var bad_review = '0';
$("#bad_review").css("border", "2px solid #d20000");
}
if (name_review == '1' && good_review == '1' && bad_review == '1')
{
$.ajax({
type: "POST",
url: "./",
data: {"goods_id":iid,"name":name,"good":good,"bad":bad, "comment":comment,"add_review":add_review},
dataType: "html",
cache: false,
}).done(function () {
$(".success").addClass("visible");
setTimeout(function () {
// Done Functions
th.trigger("reset");
$(".success").removeClass("visible");
$.magnificPopup.close();
}, 3000);
});
}
});
</script>
使用PDO停止 SQL 注入
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.