我有以下的javascript函数和php文件。我想在URL中获取id并将其发送到PHP,以便我可以通过页面上的特定ID查询数据。这是我到目前为止所拥有的。让我知道需要改变什么才能让它发挥作用。感谢
的javascript:
/*adding data*/
dhx.ready(function () {
dhx.ui.fullScreen();
dhx.ui({
view: "scheduler",
id: "scheduler"
});
$$("scheduler").load("placevents.php?id=" + getID, "scheduler");
/*preselects Month view*/
$$("scheduler").$$("month").show();
$$("scheduler").$$("buttons").setValue("month");
});
PHP:
//Retrieve logged in user
$test = ".@$_REQUEST['id']";
$scheduler = new schedulerConnector( $res, "MySQL" );
$scheduler -> enable_log( "log.txt", true );
$scheduler -> render_table("events LEFT JOIN tblfollowers ON events.id_user = tblfollowers.username"
. " WHERE events.status = 'active' AND((events.id_user) ='$test')"
. " GROUP BY events.event_id, events.event_name, events.user_name, events.id_user, events.time, events.details, events.location, events.dresscode"
. " Order By events.timestamp DESC","event_id","start_date, start_date,event_name,details");
$scheduler -> render_sql("select event_id, start_date, end_date, event_name, details from events ");
答案 0 :(得分:0)
请发布完整的源代码,但我认为有两个错误 首先你必须修改它:
$test = ".@$_REQUEST['id']";
进入这个:
$test = $_REQUEST['id'];
mysql_real_escape_string($test);
这有助于您防止sql注入。
正如我上面所说,我不知道你的源代码,但我认为还有其他错误:
$$("scheduler").load("placevents.php?id=" + getID, "scheduler");
尝试将其修改为:
$$("scheduler").load("placevents.php?id=" + getID + "&scheduler");