我有一个PHP页面,我会打开一个函数与点击。
函数显示了一个查询结果,但是当我编写这段代码时,它不起作用
<div class="btn-group">
<button type="button" class="btn btn-primary dropdown-toggle" data-toggle="dropdown">
Frequenza <span class="caret"></span>
</button>
<ul class="dropdown-menu" role="menu">
<?php
$query_frequenza="SELECT DISTINCT FREQUENZA FROM Dettagli_macchina WHERE macchine_id='$macchine' and Email='$_SESSION[login_user]'";
$result=mysqli_query($conne,$query_frequenza);
while($row=mysqli_fetch_array($result)){
$frequenza=$row['FREQUENZA'];
echo"<li><a href='#?frequenza=$frequenza' onclick='showfiltro2()'>$frequenza</a></li>";
}
?>
</ul>
</div>
<script type = "text/javascript">
function showfiltro2() {
document.getElementById("filtro2").style.display = "block";
document.getElementById("filtro1").style.display = "none";
}
</script>
<div id = "filtro2" style="display:none">
<?php
$filtro2=$_GET['frequenza'];
$query="SELECT DISTINCT * FROM Dettagli_macchina WHERE macchine_id='$macchine' and Email='$_SESSION[login_user]' and FREQUENZA='$filtro2' ";
$result=mysqli_query($conne,$query);
echo 'Found '. mysqli_num_rows($result) .'results';
echo "<table><tr>";
while ($row = mysqli_fetch_array($result)) {
echo "<tr><td>";
echo $row['COMPONENTE'];
echo "</td>";
echo "<td>";
echo $row['DETTAGLIO ATTIVITA'];
echo "</td>";
echo "<td>";
echo $row['FREQUENZA'];
echo "</td>";
echo "<td>";
echo $row['DATA-PREVISTA'];
echo "</td>";
echo "</tr>";
}
echo"</tr></table>";
?>
</div>
你的问题源于对PHP和HTML如何工作以及数据如何在两者之间流动的误解。
首先,重要的是要记住PHP和HTML是两个完全独立的部分,它们在"请求->回复"链之外不相互交互。这意味着所有的PHP代码都在服务器上执行,然后客户端才能得到处理的输出。服务器(PHP)不关心输出是什么类型的,也不知道如何解析它;对于PHP来说,这些都是简单的文本。
在PHP代码被完全解析之后,客户机接收到结果文本。然后它注意到它可以将该文本理解为HTML,并将其解析为网页。此时,PHP代码根本不存在于代码中,web浏览器(客户端)对它一无所知。
不幸的是,很多教程都像你上面所做的那样,把PHP和HTML代码混在一起,因为这进一步混淆了两者,使它们看起来像是相互交流的。我建议将所有PHP代码移到html代码之上,并在向浏览器发送任何内容之前完成所有处理。
这不仅会让我们更容易跟踪和理解正在发生的事情及其原因;但它也允许你在代码中添加更多的功能,而不会试图打破物理定律。(例如:在生成表单的过程中,决定不再向用户显示表单。)
所有这些都意味着你不能通过点击来"打开一个功能"。您使用上述单击向服务器发送请求,然后PHP代码检查传入数据中的某些预定条件(get参数等),然后调用所述条件满足的函数。
换句话说,就像这样:
// First off we should use PDO, as mysql_*() is deprecated and removed in PHP7.
$db = new PDO ($dsn);
// Using prepared statements here, to prevent SQL injections.
$stmt = $db->prepare ("SELECT DISTINCT FREQUENZA FROM Dettagli_macchina WHERE macchine_id=:machineID and Email=:email");
$data = array (':machineID' => $macchine, ':email' => $_SESSION['login_user']);
if (!$stmt->exec ($data)) {
// Something went wrong, handle it.
}
// Initialize a variable to hold the generated menu, and a template to use when creating it.
$menuOut = $searchOut = '';
$menuTemplate = "<li><a href='#?frequenza=%s' onclick='showfiltro2()'>%s</a></li>";
// Using prepared statements we can iterate through all of the results with foreach().
foreach ($stmt->fetchAll () as $row) {
// Using htmlspecialchars() and rawurlescape() to prevent against XSS, and other HTML-injection attacks/mistakes.
// Notice where and in what order I've used the different functions, as one protects the URL as well.
$menuOut .= sprintf ($menuTemplate, htmlspecialchars (rawurlencode ($row['FREQUENZA'])), htmlspecialchars ($row['FREQUENZA']));
}
// Since this is probably the "function" you want to execute with said click, this is where we check if it
// has been sent by the client.
if (!empty ($_GET['frequenza'])) {
// Here you want to check to see if the parameter is actually something you'd expect, and not some random(?) garbage.
$filtro2 = $_GET['frequenza'];
// Again, prepared statements as your code was open to SQL injections!
$query = "SELECT DISTINCT * FROM Dettagli_macchina WHERE macchine_id=:machineID and Email=:email and FREQUENZA=:frequency";;
$stmt = $db->prepare ($query);
$data = array (
':machineID' => $macchine,
':email' => $_SESSION['login_user'],
':frequency' => $filtro2);
if (!$res = $stmt->exec ($data)) {
// Somethign went wrong with the query, handle it.
}
// Initialize a variable to hold the output, and the template to use for generating it.
$searchOut = '<table>';
$searchTemplate = '<tr><td>%s</td><td>%s</td><td>%s</td><td>%s</td></tr>';
$count = 0;
foreach ($stmt->fetchAll () as $row) {
// Again, protection against XSS and other HTML-breaking mistakes.
$searchOut .= sprintf ($searchTemplate,
htmlspecialchars ($row['COMPONENTE']),
htmlspecialchars ($row['DETTAGLIO ATTIVITA']),
htmlspecialchars ($row['FREQUENZA']),
htmlspecialchars ($row['DATA-PREVISTA']));
}
$searchOut = "<p>Found {$count} results</p>{$searchOut}</table>";
}
?>
<div class="btn-group">
<button type="button" class="btn btn-primary dropdown-toggle" data-toggle="dropdown">
Frequenza <span class="caret"></span>
</button>
<ul class="dropdown-menu" role="menu">
<?php echo $menuOut; ?>
</ul>
</div>
<script type="text/javascript">
function showfiltro2() {
document.getElementById("filtro2").style.display = "block";
document.getElementById("filtro1").style.display = "none";
}
</script>
<div id="filtro2" style="display: none">
<?php echo $searchOut; ?>
</div>
我添加了一些注释来解释我做了什么和为什么做这些事情,以及从旧的(!),弃用和过时的mysql_*()函数切换到PDO。
您可以在PHP手册