我使用jQuery发布2个变量。然后我加载一个外部php文件,把这两个变量在数据库中。由于某些原因,查询不能工作。如果我用正常的方法。它的工作原理。
jQuery代码 $.post("/include/getResult.php", {
finalscore:score, finalcredits:credit },
function(data){
console.log("Data: " + data);
});
PHP代码session_start();
$finalscore = $_POST['finalscore'];
$finalcredits = $_POST['finalcredits'];
$query = mysqli_query($con, "SELECT score,credits FROM gebruikers WHERE leerlingennummer = '".$_SESSION['leerlingennummer']."'");
if(mysqli_num_rows($query) == 1)
{
$row = mysqli_fetch_array($query);
//get the current score and credits
$score = $row['score'];
$credits = $row['credits'];
$score = 'succes';
}
echo $score;
由于某些奇怪的原因,查询不能这样工作
看起来效果不错。但是你需要添加/修改一些代码。
-
For prevent SQL Injection
应该$query = mysqli_query($con, "SELECT score,credits FROM gebruikers WHERE leerlingennummer = '".$_SESSION['leerlingennummer']."'");
$query = mysqli_query($con, "SELECT score,credits FROM gebruikers WHERE leerlingennummer = '".addslashes($_SESSION['leerlingennummer'])."'");
- $_SESSION['leerlingennummer']可以被空。检查你的代码。
-
添加更新查询
if(mysqli_num_rows($query) == 1) { $row = mysqli_fetch_array($query); //get the current score and credits $score = $row['score']; $credits = $row['credits']; $score = 'succes'; mysqli_query($con, "update gebruikers set `score` = '".addslashes($_POST['finalscore'])."', `credits` = '".addslashes($_POST['finalcredits'])."' where leerlingennummer = '".addslashes($_SESSION['leerlingennummer'])."'"); }
这段代码将把mysql中的分数修改为'finalscore',把mysql中的学分修改为'finalcredits'。然后,ajax警报将是"成功"。如果你想在更新前获得分数,你可以这样做:
if(mysqli_num_rows($query) == 1)
{
$row = mysqli_fetch_array($query);
//get the current score and credits
$score = $row['score'];
$credits = $row['credits'];
mysqli_query($con, "update gebruikers set `score` = '".addslashes($_POST['finalscore'])."', `credits` = '".addslashes($_POST['finalcredits'])."' where leerlingennummer = '".addslashes($_SESSION['leerlingennummer'])."'");
}
PHP CODE
session_start();
$finalscore = $_POST['finalscore'];
$finalcredits = $_POST['finalcredits'];
$query = mysqli_query($con, "SELECT score,credits FROM gebruikers WHERE leerlingennummer = '".$_SESSION['leerlingennummer']."'");
if(mysqli_num_rows($query) == 1)
{
$row = mysqli_fetch_array($query);
//get the current score and credits
$score = $row['score'];
$credits = $row['credits'];
$score = 'succes';
}
echo $score;
AJAX $("YourSubmitButtonId").click(function(event){
event.preventDefault();
var Formdata = $("YourFormId").serialize();
$.ajax({
type:"POST";
url:"/include/getResult.php",
data:Formdata,
success:function(response){
$("reponceId").html(response);
};
});
});
我知道这是旧的,但如果有人有类似的问题,一定要检查您的ajax调用的文件包括您的原始文件使用的所有(PHP)函数。有时候很容易忽略一些小错误:)