xmlhttp.open没有将$ _GET值发送到php文件

时间:2016-11-28 15:42:36

标签: javascript php

在点击按钮上,它假设在php文件中执行查询,根据点击的按钮进行更新或删除。但是我认为当单击按钮时,php文件中没有值传递给变量 $ status ,因此不会执行sql查询。

  

PHP

<?php

$status = $_GET["status"];

if ($status == "update") {

$conn = mysqli_connect('localhost', 'root','root', 'realestate');
$id=$_GET["id"];
$first=$_GET["firstname"];
$mid=$_GET["middlename"];
$last=$_GET["lastname"];
$add=$_GET["address"];
$gend=$_GET["gender"];
$cont=$_GET["contact"];

$first=trim($first);
$mid=trim($mid);
$last=trim($last);
$add=trim($add);
$gend=trim($gend);
$cont=trim($cont);

$result=mysqli_query($conn, "UPDATE agents SET firstname='$first', middlename='$mid', lastname='$last', address='$add', gender='$gend', contact='$cont' WHERE id=$id");
} 



if ($status == "delete") {

$conn = mysqli_connect('localhost', 'root','root', 'realestate');

$id=$_GET["id"];
    $result=mysqli_query($conn, "DELETE FROM agents WHERE id=$id");
}
?>
  

的JavaScript

<script type="text/javascript">
data();
    function data() {
        var xmlhttp = new XMLHttpRequest();
        xmlhttp.open("GET","update.php?status=disp", false);
        xmlhttp.send(null);
        document.getElementById("data").innerHTML = xmlhttp.responseText;
    }


function bb(b) {

var firstid="txtfirst"+b;
var firstname = document.getElementById(firstid).value;


var midid="txtmid"+b;
var middlename = document.getElementById(midid).value;

var lastid="txtlast"+b;
var lastname = document.getElementById(lastid).value;

var addid="txtadd"+b;
var address = document.getElementById(addid).value;

var gendid="txtgend"+b;
var gender = document.getElementById(gendid).value;

var contid="txtcont"+b;
var contact = document.getElementById(contid).value;


update_value(b,firstname,middlename,lastname,address,gender,contact);


document.getElementById(b).style.visibility="visible";
document.getElementById("update"+b).style.visibility="hidden";

document.getElementById("firstname"+b).innerHTML=firstname;
document.getElementById("middlename"+b).innerHTML=middlename;
document.getElementById("lastname"+b).innerHTML=lastname;
document.getElementById("address"+b).innerHTML=address;
document.getElementById("gender"+b).innerHTML=gender;
document.getElementById("contact"+b).innerHTML=contact;
}

function update_value(id,firstname,middlename,lastname,address,gender,contact) {
var xmlhttp = new XMLHttpRequest();

xmlhttp.open("GET","update.php?id="+id+"&firstname="+firstname+"&middlename="+middlename+"&lastname="+lastname+"&address="+address+"&gender="+gender+"&contact="+contact+"&status=update",false);
xmlhttp.send(null);

}

function delete1(id) {
var xmlhttp = new XMLHttpRequest();
xmlhttp.open("GET","update.php?id="+id+"&status=delete", false);
xmlhttp.send(null);
data();
}
</script>

1 个答案:

答案 0 :(得分:0)

这里有一些问题。首先,我建议您研究DRY原则,以帮助您避免容易错过的问题,例如在您的请求中不包含状态变量。

如果您查看JavaScript,您会注意到您正在向同一页面发出多个请求,并使用复制粘贴代码来执行此操作。这是进一步抽象代码的好地方。我可能会使用类似于以下内容的东西。

其次,您的PHP脚本容易受到SQL注入攻击。如何解决这个问题得到了很好的解释here。我不能说肯定这是你的问题,但如果你使用像O'Reilly这样的名字,它会阻止你的脚本工作。我没有看到任何其他明显的地方,你的脚本会出错。如果您的PHP错误日志中显示任何内容,我可能会提供更多帮助。

<script>
//Type isn't needed, browsers assume javascript
function httpRequest(method, url, parameters) {
    // Build a query string, this could be improved but it works for your current use case.
    // It assumes that parameters is an object and does not work for arrays
    var query = "";
    Object.keys(parameters).forEach(function(key) {
        query += encodeURIComponent(key) + '=' + encodeURIComponent(parameters[key]) + "&";
    });

    var xmlhttp = new XMLHttpRequest();
    //If possible you should switch to async requests as well.
    xmlhttp.open(method, url + "?" + query, false);
    xmlhttp.send(); //No need to pass null
    return xmlhttp.responseText;
}
function updateRequest(parameters) {
    return httpRequest("GET", "update.php", parameters);
}

function data() {
    document.getElementById("data").innerHTML = updateRequest({status: "disp"});
}

//bb function removed as it isn't relevant to my point here

function update_value(id,firstname,middlename,lastname,address,gender,contact) {
    updateRequest({
        status: "update",
        id: id, //If you are using a recent browser this can be changed to just id, firstname, ...
        firstname: firstname,
        middlename: middlename,
        lastname: lastname,
        address: address,
        gender: gender,
        contact: contact,
    });
}

function delete1(id) {
    updateRequest({
        status: "delete",
        id: id,
    });
    data();
}
</script>