使用特定id使用AJAX调用更新数据库

时间:2015-07-12 19:13:33

标签: php mysql ajax prepared-statement

我正在尝试进行第一次AJAX调用,而我正在尝试做的很简单,但我的数据库没有更新。

我尝试做的就是当我点击用户旁边的接受按钮时,他们的ID被采用并以新状态“已接受”发送,并且状态从“待定”更改为“已接受”对于我的user_requests数据库表中的特定用户。

db中没有任何内容被更改,并且AJAX代码中唯一发生的事情是我得到了我的#success消息,但是可能只有0.3秒而且它不会淡出。

有人在我的尝试中看到我做错了吗?

<h2>Pending User Requests</h2>
<br />
<div id="success" style="color: red;"></div>
<?php
    $con = mysqli_connect("localhost", "root", "", "db");
    $run = mysqli_query($con,"SELECT * FROM user_requests ORDER BY id DESC");
    $numrows = mysqli_num_rows($run);

    if( $numrows ) {
        while($row = mysqli_fetch_assoc($run)){
            //comment added by php-dev : condition could be set in the query -->
            if($row['status'] == "Pending"){

                $pending_id = $row['id'];
                $pending_user_id   = $row['user_id'];
                $pending_firstname = $row['firstname'];
                $pending_lastname  = $row['lastname'];
                $pending_username  = $row['username'];

?>

            <!-- comment added by php-dev : useless form tag -->
            <form action="" method="POST" id="status">
                <!-- comment added by php-dev : useless input field, no field name -->
                <input type='hidden' value='<?php echo $pending_id; ?>' id='pending_id' />
            <?php
                // comment added by php-dev : comparing string to boolean value true
                if ($pending_firstname == true) {
                    echo "Name - ". $pending_firstname . " " . $pending_lastname . "</br>" 
                         . "Username - ". $pending_username . "</br></br>"
            ?>
            <!-- comment added by php-dev : conditional form closing tag -->
            </form>
            <button class="approve" type="submit" form="status" name="approve" 
                    value="<?= $pending_id; ?>"> 
                Approve
            </button>
            <button id="deny" type="submit" form="status" name="deny" value="Denied">
                Deny
            </button>
            <br><br><br>
        <?php
                 // comment added by php-dev : else statement misplaced -->
                ;} else {
                    echo "There are no Pending Requests at this time.";
                }
            }
        }
    }
?>

我的AJAX电话...... 

<script>
    $(document).ready(function(){
    $('.approve').click(function(){
        $.ajax({
            url: 'userRequest_approve.php',
            data: {
                id: $(this).val(), //the value of what you clicked on
                //you clicked on it so you know the status might as well hardcode it
                status: 'Approved' 
            },
            success: function(data) {
                //do something with the data that got returned
                // comment added by php-dev : for debug purposes, the #success should show 
                // the server reponse instead
                $('#success').html('User Status Changed!');
                //do something with the data that got returned
                $('#success').delay(5000).fadeOut(400); 
            },
            type: 'POST'
        });
    });
    });
</script>

我的userRequest_approve.php文件将插入到db中以更新状态... 

<?php
require_once 'core/init.php';

$term = mysql_escape_string($term); // Attack Prevention
$pending_id = $_POST['id'];
$status = $_POST['approve'];

$con = mysqli_connect("localhost","root","","db");
    /* check connection */
    if (mysqli_connect_errno()) {
        printf("Connect failed: %s\n", mysqli_connect_error());
        exit();
    }
    $stmt = $con->prepare(
        "INSERT INTO user_requests (status, date_responded) VALUES (?, NOW())"
    );
    if ( false===$stmt ) {
     // Check Errors for prepare
        die('User Request update prepare() failed: ' . htmlspecialchars($con->error));
    }
    $stmt->bind_param('s', $status);
    // comment added by php-dev : should be false === $stmt->bind_param ...

    if ( false===$stmt ) {
    // Check errors for binding parameters
        die('User Request update bind_param() failed: ' . htmlspecialchars($stmt->error));
    }
    $stmt->execute();
    // comment added by php-dev : should be false === $stmt->execute ... 
    if ( false===$stmt ) {
        die('User Status update execute() failed: ' . htmlspecialchars($stmt->error));
    }       
?>

1 个答案:

答案 0 :(得分:1)

如果你想更新,你应该试试这个:

$stmt = $con->prepare("UPDATE user_requests SET status=?, date_responded=NOW() WHERE id=?");
$stmt->bind_param('si', $status, $pending_id);

您还需要隐藏名称属性,以便发送:

<input type='hidden' name='id' value='<?php echo $pending_id; ?>' id='pending_id'/>

原始答案

我只看到一个问题:

这是您正在使用的ajax请求:

$.ajax({
       url: 'userRequest_approve.php',
       data: {
            id: $(this).val(), //<< id
            status: 'Approved' //<< status
        },
       success: function(data) {
            //do something with the data that got returned
            $('#success').html('User Status Changed!');
            $('#success').delay(5000).fadeOut(400);//do something with the data that got returned
       },
       type: 'POST'
    });

请注意,您发送的数据为idstatus

然而,在PHP方面:

$pending_id = $_POST['id']; //yep
$status = $_POST['approve']; //does it exist?

您应该使用

$status = $_POST['status'];
相关问题
最新问题