我想做一个INSERT查询在我的php文件的用户被放入组#3。我知道PHP可以检查按钮是否按下或是否设置了某些内容,但如何检查AJAX发送和传递的值呢?
<div class="change_group_button">
<a class="change_group" href="javascript:void(0)">Change User
Permission</a>
</div><br>
<div id="light" class="change_group_popup">
<a class="close" href="javascript:void(0)">Close</a>
<div class="group_success" style="color: red;"></div><br>
<form id="update_group" action="" method="POST" accept-charset="utf-8">
<div class="field">
<label for="group">Group</label>
<input type="hidden" value="<?php echo $approved_id; ?>" id="approved_id" name="id" />
<input type="hidden" value="<?php echo $approved_firstname; ?>" id="approved_firstname" name="firstname" />
<input type="hidden" value="<?php echo $approved_lastname; ?>" id="approved_lastname" name="lastname" />
<input type="hidden" value="<?php echo $approved_username; ?>" id="approved_username" name="username" />
<input type="hidden" value="<?php echo $approved_email; ?>" id="approved_email" name="email" />
<select id='group_id' name='group' required>
<option value=''><?php echo htmlentities($group); ?></option>
<option value="1">Bench</option>
<option value="2">Spectator</option>
<option value="3">Team Member</option>
<option value="4">Commissioner</option>
</select>
</div>
<input type="submit" value="submit" name="group">
</form>
$('#update_group').on('submit', function (event) {
event.preventDefault();
$.ajax({
url: 'user_group_update.php',
type: 'POST',
data: {
id: $("#approved_id").val(), //id
firstname: $("#approved_firstname").val(), //firstname
lastname: $("#approved_lastname").val(), //lastname
username: $("#approved_username").val(), //username
email: $("#approved_email").val(), //email
// update_group: $("#group_id").val() //group level
update_group: $(this).find( "#group_id option:selected" ).val()
},
success: function (data) {
//do something with the data that got returned
$(".group_success").fadeIn();
$(".group_success").show();
$('.group_success').html('User Permission Level Changed!');
$('.group_success').delay(5000).fadeOut(400);
alert(data);
},
error: function(jqXHR, textStatus,errorThrown )
{
// alert on an http error
alert( textStatus + errorThrown );
}
});
return false;
});
在我的PHP文件中,我从表单.
中获得这些字段$approved_id = $_POST['id'];
//test - delete if it doesn't work
$approved_firstname = $_POST['firstname'];
$approved_lastname = $_POST['lastname'];
$approved_username = $_POST['username'];
$approved_email = $_POST['email'];
$change_group = $_POST['update_group'];
在接收POST的PHP文件中,您可以执行值检查:
$approved_id = $_POST['id'];
if($approved_id == '3')
{
//do something
}
else
{
//do something else
}
//test - delete if it doesn't work
$approved_firstname = $_POST['firstname'];
$approved_lastname = $_POST['lastname'];
$approved_username = $_POST['username'];
$approved_email = $_POST['email'];
$change_group = $_POST['update_group'];
您可以简单地检查您的脚本是否POST'ed,并确保POST不是空的,以确保它包含如下数据:
if ( $_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST) ) {}
Javascript框架,比如jQuery,会在AJAX的POST请求中发送一个特殊的头-所以你可以这样做:
if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
// your code
}
一些编程框架,如CodeIgniter,有自己的函数使其更容易:
$this->input->is_ajax_request();
如果您想确保ajax调用的安全性。生成令牌并在控制器中匹配该令牌。这些在每个框架中都可用。如果你想在自定义PHP中做到这一点,你应该在你的页面加载中创建session,并在你的post请求中匹配这个session。