我正在尝试进行AJAX搜索以从mySQL数据库返回数据,然后使用返回的信息更新页面上的div。我跟着一个教程(根据我的需要定制它),到目前为止,似乎什么也没做,只是将搜索查询附加到地址。非常感谢任何帮助,谢谢!
<html>
<head>
<script>
function searchDB(str) {
if (str=="") {
document.getElementById("txtHint").innerHTML="";
return;
}
if (window.XMLHttpRequest) {
// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
} else { // code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function() {
if (xmlhttp.readyState==4 && xmlhttp.status==200) {
document.getElementById("txtHint").innerHTML=xmlhttp.responseText;
}
}
xmlhttp.open("GET","search4.php?q="+str,true);
xmlhttp.send();
}
</script>
</head>
<body>
<form>
<input type="text" name="q" placeholder="Search Database..." onsubmit="searchDB(this.value)">
</form>
<br>
<div id="txtHint"><b>Search will be returned here.</b></div>
</body>
</html>
<?php
$q = ($_GET['q']);
$con = mysqli_connect('localhost','username','pass','database');
if (!$con) {
die('Could not connect: ' . mysqli_error($con));
}
mysqli_select_db($con,"SearchTest");
$sql="SELECT ID, FirstName, LastName FROM SearchTest WHERE FirstName LIKE '%" . $q ."%' OR LastName LIKE '%" . $q . "%'";
$result = mysqli_query($con,$sql);
echo "<table border='1'>
<tr>
<th>First Name</th>
<th>Last Name</th>
</tr>";
while($row = mysqli_fetch_array($result)) {
echo "<tr>";
echo "<td>" . $row['FirstName'] . "</td>";
echo "<td>" . $row['LastName'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_close($con);
?>
答案 0 :(得分:2)
问题最有可能出现在这一行mysqli_select_db($con,"SearchTest"); 将其删除,因为您可能会混淆同名的表格
SELECT ... FROM SearchTest。
我接下来100%确定这是问题,因为您已经选择了('localhost','username','pass','database')
将错误报告添加到文件顶部
error_reporting(E_ALL);
ini_set('display_errors', 1);
很可能会向您显示数据库(名称为SearchTest)不存在。
修改
TBH,我无法使您现有的代码工作,我不知道为什么。 (Nota:见评论,已解决)
然而,这确实有效:
<强>的search.php
<html>
<head>
<script src="search.js"></script>
<title>
Search
</title></head>
<body>
<form>
Search: <input type="text" name="search" id="search" onmouseup="searchUser(this.value)">
</form>
<div id="searchresult" name="searchresult"> Search results ...</div>
</body>
</html>
<强> search.js
var xmlHttp
function searchUser(str)
{
xmlHttp=GetXmlHttpObject()
if (xmlHttp==null)
{
alert ("Browser does not support HTTP Request")
return
}
var url="searchresult.php"
url=url+"?q="+str
url=url+"&sid="+Math.random()
xmlHttp.onreadystatechange=stateChanged
xmlHttp.open("GET",url,true)
xmlHttp.send(null)
}
function stateChanged()
{
if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete")
{
document.getElementById("searchresult").innerHTML=xmlHttp.responseText
}
}
function GetXmlHttpObject()
{
var xmlHttp=null;
try
{
// Firefox, Opera 8.0+, Safari
xmlHttp=new XMLHttpRequest();
}
catch (e)
{
//Internet Explorer
try
{
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
}
catch (e)
{
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
<强> searchresult.php
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
$q=$_GET["q"];
$DB_HOST = "xxx";
$DB_NAME = "xxx";
$DB_USER = "xxx";
$DB_PASS = "xxx";
$con = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
if($con->connect_errno > 0) {
die('Connection failed [' . $con->connect_error . ']');
}
$sql = "SELECT ID, FirstName, LastName FROM SearchTest WHERE FirstName LIKE '%" . $q ."%' OR LastName LIKE '%" . $q . "%'";
$result = mysqli_query($con,$sql);
echo "<table border='1'>
<tr>
<th>First Name</th>
<th>Last Name</th>
</tr>";
while($row = mysqli_fetch_array($result)) {
echo "<tr>";
echo "<td>" . $row['FirstName'] . "</td>";
echo "<td>" . $row['LastName'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_close($con);
?>
答案 1 :(得分:-1)
始终使用jQuery(或任何其他js lib / framework)进行ajax调用。 jQuery也非常适合操纵DOM(document.getElementById("txtHint").innerHTML=xmlhttp.responseText;让我想起了90年代。)
您的PHP代码高度不安全。见How can I prevent SQL injection in PHP?