我是否使用正确的条件语句来验证我的PHP是通过AJAX调用的?
我正在使用isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'
<?php
$name = $_GET['name'];
$nickname = $_GET['nickname'];
$email = $_GET['email'];
$phone = $_GET['phone'];
$pet = $_GET['pet'];
$number = $_GET['number'];
$disclaimer = $_GET['disclaimer'];
$from = 'From: Test From';
$to = 'euteneier@gmail.com';
$subject = 'Hello';
$message = "This is a message.";
$date = new DateTime();
$random = rand(1,50);
// Do even if AJAX wasn't used
if ( isset($_GET['name']) && isset($_GET['nickname']) && isset($_GET['email']) && isset($_GET['phone']) && isset($_GET['pet']) && isset($_GET['number']) && isset($_GET['disclaimer']) ) {
if (mail ($to, $subject, $message)) {
echo "You're information was successfully sent on:" . $date->format('n/j/Y g:i A') . "\n";
if ($number == $random) {
echo "Your number: $number matches the random number: $random" . "\n";
} else {
echo "Your number: $number does not match the random number: $random" . "\n";
}
}
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
//requested with Javascript
echo "Sent via AJAX!" . "\n"; //I HAVE TO COMMENT THIS OUT
} else {
echo "Something went wrong, go back and try again!" . "\n";
}
}
?>
这是相应的Javascript
function submitFormAjax() {
var xmlhttp= window.XMLHttpRequest ?
new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP");
xmlhttp.onreadystatechange = function() {
if (xmlhttp.readyState == 4 && xmlhttp.status == 200)
alert(xmlhttp.responseText); // Here is the response
}
var name = document.getElementById('name').innerHTML;
var nickname = document.getElementById('nickname').innerHTML;
var email = document.getElementById('email').innerHTML;
var number = document.getElementById('number').innerHTML;
var radio = document.getElementsByName('pet');
for (var i = 0, length = radio.length; i < length; i++) {
if (radio[i].checked) {
// do whatever you want with the checked radio
var pet = (radio[i].value);
// only one radio can be logically checked, don't check the rest
break;
}
}
xmlhttp.open("GET","form.php?name=" + name + "&nickname=" + nickname + "&email=" + email + "&phone=" + phone + "&pet=" + pet + "&number=" + number + "&disclaimer=" + disclaimer, true);
xmlhttp.send();
}
感谢。
答案 0 :(得分:0)
我相信X-Requested-With是一些JavaScript框架发送的标头。你没有使用框架,所以你需要自己添加它。
答案 1 :(得分:0)
如果您找到解决方案,我不会,但我看到了一些问题:
我会改变:
xmlhttp.open("GET","form.php?name=" + name + "&nickname=" + nickname + "&email=" + email + "&phone=" + phone + "&pet=" + pet + "&number=" + number + "&disclaimer=" + disclaimer, true);
进入这个:
var uri = encodeURIComponent("form.php?name=" + name + "&nickname=" + nickname + "&email=" + email + "&phone=" + phone + "&pet=" + pet + "&number=" + number + "&disclaimer=" + disclaimer);
xmlhttp.open("GET",uri, true);
因为我不知道HTML值中潜伏着什么恐怖(等空格)。
还有:
...
for (var i = 0, length = radio.length; i < length; i++) {
if (radio[i].checked) {
// do whatever you want with the checked radio
var pet = (radio[i].value);
...
您在for循环中声明变量pet,这可能会也可能不会定义您发送请求的时间,这会有效地发送undefined值(如果没有选择无线电,尽管我不知道你的html设置),因此没有在.php中设置,pet是基本块条件中的必需变量。
...
var pet = ""; // dumb value, but exist
for (var i = 0, length = radio.length; i < length; i++) {
if (radio[i].checked) {
// do whatever you want with the checked radio
pet = (radio[i].value);
...
关于条件
isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'
我认为你很好,我只是以同样的方式使用它而没有问题,但很容易被破坏,而且一般都以HTTP_x开头。绝对不要在安全页面中使用这样的逻辑。
$_SERVER['HTTP_X_REQUESTED_WITH']
可以存在于$_SERVER数组中,也可以通过 javascript(client)或 curl(server)发送给你起初并不存在。
xmlhttp.setRequestHeader("X-Requested-With", "XMLHttpRequest");
xmlhttp.open(..);