[英]Getting SQL error while submitting form via ajax
我有一個帶有一個輸入字段和一個提交按鈕的簡單表單。 當我點擊提交時,我收到錯誤
這是 php 中的查詢。 詢問:
//Using MySQLi
$stmt = $con->prepare("INSERT INTO `emailsubscribe`
(email,medium,country)VAlUE(?,?,?)"); // Use prepared statements.
$stmt-> bind_param("sss", $email, $medium, $country);
$stmt-> execute();
此表有 3 列 email,中等和國家。
$('#formoid').on('submit', function() { $.ajax({ type: "POST", url: "subscribe.php", data: $(this).serialize(), success: function(data){ $('.message').html(data).fadeIn(); } }); return false; });
<div class="message" style="color:black;"></div> <form action="subscribe.php" title="" method="post" id="formoid"> <input type="email" id="email" name="email" minlength="7" size="40" placeholder="Enter your email here.." required><br><br> <input type="hidden" name="medium" value="subbox" /> <input type="hidden" name="country" value="<?php echo $country; ?>" /> <input type="submit"> </form>
首先,讓我們總結一下 HTML 數據。
<div class="message"></div>
<form action="subscribe.php" name="subscribeForm">
<input type="email" name="emailsub" minlength="7" size="40" placeholder="Enter your email here.."><br><br>
<select name="medium">
<option value="">Select Medium</option>
<option value="english">English</option>
<option value="hindi">Hindi</option>
<option value="japanese">Japanese</option>
</select>
<br><br>
<select name="country">
<option value="">Select Country</option>
<option value="India">India</option>
<option value="USA">USA</option>
<option value="Japan">Japan</option>
</select><br><br>
<input type="submit" id="action">
</form>
下面的 AJAX 代碼采用表單詳細信息並發送給subscribe.php
。 請注意,下面的document.subscribeForm
采用您的表單字段變量並存儲在表單中。 對於 HTML 部分中的這個唯一name
值就足夠了。 因此,我沒有在 HTML 表單字段中添加任何id
字段。
$('#action').click(function() {
var form = document.subscribeForm;
var dataString = $(form).serialize();
$.ajax({
type: 'POST',
url: $(form).attr("action"),
data: dataString,
beforeSend: function(){
$('.message').hide();
$("#action").val('Please wait...');
},
success: function(data){
$('.message').html(data).fadeIn();
}
});
return false;
});
一旦數據被發送到subscribe.php
,現在是時候處理它了。
// Storing data in variables
$email = (!empty($_POST['emailsub'])?$_POST['emailsub']:null;
$medium = (!empty($_POST['medium'])?$_POST['medium']:null;
$country = (!empty($_POST['country'])?$_POST['country']:null;
if($_POST){
// Check if email submitted is empty or not. If yes, script will stop executing further.
if($email == null){
echo "Email is required";
exit();
}
// Check if medium submitted is empty or not. If yes, script will stop executing further.
if($medium == null){
echo "Medium is required";
exit();
}
// Check if country submitted is empty or not. If yes, script will stop executing further.
if($country == null){
echo "Country is required";
exit();
}
// All checks cleared. Process the data.
//Using MySQLi
$stmt = $con->prepare("INSERT INTO emailsubscribe(email, medium, country)VAlUES(?,?,?)"); // Use prepared statements.
$stmt-> bind_param($email, $medium, $country);
$stmt-> execute();
// Using PDO (Better: A big bonus is that you can use a readable `:name` instead of confusing `?`)
$stmt = $con->prepare("INSERT INTO emailsubscribe(email, medium, country)VAlUES(:email, :medium, :country)"); // Use prepared statements.
$stmt-> bindValue(':email', $email);
$stmt-> bindValue(':medium', $medium);
$stmt-> bindValue(':country', $country);
$stmt-> execute();
// Echo Message
if($stmt){
echo "Success";
}else{
echo "Error";
}
}
這是處理 forms 的正確方法。
首先,我沒有將您的表格中的任何媒體或國家視為輸入。 所以我改變了你的 HTML 代碼
$('#formoid').on('submit', function() { $.ajax({ type: "POST", url: "subscribe.php", data: $(this).serialize(), success: function(response) { $(this).hide(); //sets css display:none to form var message = "Thank you;". $('.container-fluid');html(message); } }); });
<form action="subscribe.php" title="" method="post" id="formoid"> <input type="email" id="emailsub" name="email" minlength="7" size="40" placeholder="Enter your email here.." required><br><br> <input type="text" id="" name="medium" size="40" placeholder="Enter here.." required> <input type="text" id="" name="country" size="40" placeholder="Enter here.." required> <input type="submit"> </form>
然后在您的subscribe.php
中執行以下操作。 請注意,我剛剛復制了您的確切 SQL 代碼。 使用准備好的語句或 PDO 以避免 SQL 注入
$qry = mysqli_query($con,"INSERT into `emailsubscribe` (email,medium,country) value ('".$_POST['email']."','".$_POST['medium']."','".$_POST['country']."')");
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.