我的网站上有传单地图。我想要做的是从用户放置的标记中获取位置数据并通过会话将其传输到我的数据库。我无法使它工作我的数据库userPos没有更新。你能解释一下我做错了什么吗? (dbconnect.php已经运行,已经过测试)
这是我的home.php文件,其中地图是:
<?php
ob_start();
session_start();
require_once 'dbconnect.php';
if( !isset($_SESSION['user']) ) {
header("Location: index.php");
exit;
}
$res=mysqli_query($conn,"SELECT * FROM `users` WHERE userId=".$_SESSION['user']);
$userRow[]=mysqli_fetch_array($res);
echo json_encode($userRow);
?>
<script>
$(document).ready(function(){
var mymap = L.map('map').setView([51.505, -0.09], 13);
L.tileLayer('https://api.tiles.mapbox.com/v4/{id}/{z}/{x}/{y}.png?access_token=xxx', {
attribution: 'Map data © <a href="http://openstreetmap.org">OpenStreetMap</a> contributors, <a href="http://creativecommons.org/licenses/by-sa/2.0/">CC-BY-SA</a>, Imagery © <a href="http://mapbox.com">Mapbox</a>',
maxZoom: 18,
id: 'mapbox.streets',
accessToken: 'xxx'
}).addTo(mymap);
var marker;
mymap.on('click', function (e) {
if (marker) {
mymap.removeLayer(marker);
}
marker = new L.Marker(e.latlng).addTo(mymap);
if (window.XMLHttpRequest) {
// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp = new XMLHttpRequest();
} else {
// code for IE6, IE5
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
}
var user = <?php echo json_encode($userRow['userId']); ?>;
xmlhttp.open("GET","homemappositions.php?q="+ e.latlng + "&r=" + user, true);
xmlhttp.send();
});
});
</script>
这是homemappositions.php:
<?php
include_once('dbconnect.php');
$r = $_GET['r'];
$q = $_GET['q'];
$query2 = mysqli_query($conn,"UPDATE users SET userPos =". $q ."WHERE userId=". $r );
echo "succesfull" ;
?>
答案 0 :(得分:0)
我希望以下内容可能会有所帮助 - 因为原始代码容易受到SQL注入攻击,因此以下使用prepared statements来缓解该威胁。更新语句不使用% wilcard,因为我确信这可能是更新失败的原因 - 尽管您的上一条评论让我认为还有另一个问题。
ajax函数不一定需要一个回调函数,但如果有一个函数它会帮助调试 - 在下面的代码中它只是一个简单的alert语句,但可能/应该更复杂。
<?php
ob_start();
session_start();
require_once 'dbconnect.php';
if( !empty( $_SESSION['user'] ) ){
exit( header('Location: index.php') );
}
$uid=false;
$user=$_SESSION['user'];
/* The only column used later is userid so only select that column */
$sql='select `userid` from `users` where userid=?';
/* Prepare the sql */
$stmt=$conn->prepare( $sql );
if( $stmt ){
/* Bind the parameters to the sql statement */
$stmt->bind_param( 's', $user );
$res=$conn->execute();
/* Assign retrieved results */
if( $res && $stmt->num_rows==1 ){
$stmt->bind_result( $uid );
$stmt->fetch();
$stmt->free_result();
$stmt->close();
}
}
?>
<script>
$(document).ready(function(){
var mymap = L.map('map').setView([51.505, -0.09], 13);
L.tileLayer( 'https://api.tiles.mapbox.com/v4/{id}/{z}/{x}/{y}.png?access_token=xxx', {
attribution: 'Map data © <a href="http://openstreetmap.org">OpenStreetMap</a> contributors, <a href="http://creativecommons.org/licenses/by-sa/2.0/">CC-BY-SA</a>, Imagery © <a href="http://mapbox.com">Mapbox</a>',
maxZoom: 18,
id: 'mapbox.streets',
accessToken: 'xxx'
}).addTo( mymap );
var marker;
mymap.on( 'click', function(e) {
if( marker ) {
mymap.removeLayer( marker );
}
marker = new L.Marker(e.latlng).addTo(mymap);
<?php
echo "var user='$uid';";
?>
var xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP');
xmlhttp.onload=function(){
alert( this.response );
};
xmlhttp.onerror=function( err ){
alert( err );
};
xmlhttp.open( 'GET', 'homemappositions.php?q='+e.latlng+'&r='+user, true );
xmlhttp.send();
});
});
</script>
<?php
include 'dbconnect.php';
$r = !empty( $_GET['r'] ) ? $_GET['r'] : false;
$q = !empty( $_GET['q'] ) ? $_GET['q'] : false;
if( $r && $q ){
$sql='update `users` set `userpos`=? where `userid`=?';
$stmt=$conn->prepare( $sql );
if( $stmt ){
$stmt->bind_param( 'ss', $q, $r );
$result=$stmt->execute();
echo $result ? 'good' : 'bad'; //ugly
}
} else {
exit('Bad Foo - two parameters are required');
}
?>