将Ajax函数插入数据库时​​遇到问题

时间:2017-09-05 23:01:34

标签: javascript php ajax mysqli

我在将数据插入数据库时​​遇到问题。我没有收到任何错误消息,但单击注册时没有任何消息。我真的很难过这个问题。任何援助都会很棒。我也确定我编写代码的方式会导致sql注入,所以我稍后会将其更改为PDO。

user_register.php

<!DOCTYPE html>
<html>
<head>
    <title> Supplies</title>
    <link rel="stylesheet" type="text/css" href="css/style.css">
    <link rel="stylesheet" type="text/css" href="css/bootstrap.min.css">
    <script type="text/javascript" src="js/jquery.js"></script>
    <script type="text/javascript" src="js/bootstrap.min.js"></script>
    <script type="text/javascript" src="main.js"></script>
    <meta http-equiv="X-UA-Compatible" content="IE=edge"> 
</head>
<body>
<div class="navbar navbar-inverse navbar-fixed-top">

<div class="container-fluid">
<div class="navbar-header">
    <a href="#" class="navbar-brand">Supplies</a>
</div>

        <ul class="nav navbar-nav">
            <li><a href="http://localhost:8888/project1/">Home</a></li>
            <li><a href="#">Product</a></li>
        </ul>

    </div>

    </div>
    <br>
    <br>
    <br>
            <div class="container-fluid">
                <div class="row">
                <div class="col-md-2"></div>

                            <div class="col-md-18" id="signup_msg">
                                <!--alert from sign up form-->

                                </div>
                    <div class="col-md-2"></div>            
                        </div>

            <div class="row">
                <div class="col-md-1"></div>
                <div class="col-md-10">
                    <div class="panel panel-primary">

                        <div class="panel-heading">Customer Sign Up Form</div>
                        <div class="panel-body">



                        <form method="post">

                        <div class="row">
                            <div class="col-md-6">

                                <label for="f_name">First Name</label>
                                <input class="form-control" id="f_name" name="f_name" type="text" >
                            </div>
                        </div>

                            <div class="row">
                            <div class="col-md-6">
                                <label for="l_name">Last Name</label>
                                <input class="form-control" id="l_name" type="text"  name="l_name">
                            </div>
                        </div>

                            <div class="row">
                            <div class="col-md-6">
                                <label for="email">Email</label>
                                <input class="form-control" id="email" type="text"  name="email">
                            </div>
                            </div>

                            <div class="row">
                            <div class="col-md-6">
                                <label for="password">Password</label>
                                <input class="form-control" id="password" type="text"  name="password">
                            </div>
                            </div>
                                <div class="row">
                            <div class="col-md-6">
                                <label for="repassword">Re-enter Password</label>
                                <input class="form-control" type="text" id="repassword" name="repassword">
                            </div>
                            </div>
                            <br>
                                <div class="row">
                            <div class="col-md-6">

                                <input type="buton" id="signup_button" name="signup_button" class="btn btn-primary btn-lg" value="Sign Up">
                            </div>
                            </div>
                            </form>

                        </div>
                        <div class="panel-footer">&copy; 2017</div>
                    </div>
                </div>
                <div class="col-md-2></div>

            </div>


            </div>
    </body>

    </html>

main.js

    $(document).ready(function(){
    cat();
    vendor();
    product();
    function cat(){
        $.ajax({
            url :   "action.php",
            method: "POST",
            data    :   {category:1},
            success :   function(data){
                $("#get_category").html(data);

            }
        })
    }
    function vendor(){
        $.ajax({
            url :   "action.php",
            method: "POST",
            data    :   {vendor:1},
            success :   function(data){
                $("#get_vendor").html(data);
            }
        })
    }
        function product(){
        $.ajax({
            url :   "action.php",
            method: "POST",
            data    :   {getProduct:1},
            success :   function(data){
                $("#get_product").html(data);
            }
        })
    }




//this stops page from refreshing and allowing to select category 
        $("body").delegate(".category","click",function(event){
        event.preventDefault();
        var cid = $(this).attr('cid');

            $.ajax({
            url     :   "action.php",
            method  :   "POST",
            data    :   {get_seleted_Category:1,cat_id:cid},
            success :   function(data){
                $("#get_product").html(data);

            }
        })

    })
    $("body").delegate(".selectVendor","click",function(event){
        event.preventDefault();
        var vid = $(this).attr('vid');

            $.ajax({
            url     :   "action.php",
            method  :   "POST",
            data    :   {selectVendor:1,vendor_id:vid},
            success :   function(data){
                $("#get_product").html(data);

            }
        })

    })
    $("#search_btn").click(function(){
        var keyword = $("#search").val();
        if(keyword != ""){
            $.ajax({
            url     :   "action.php",
            method  :   "POST",
            data    :   {search:1,keyword:keyword},
            success :   function(data){ 
                $("#get_product").html(data);

            }
        })
        }
    })

    $("#signup_button").click(function(event){
        event.preventDefault();
            $.ajax({
            url     :   "register.php",
            method  :   "POST",
            data    :   $("form").serialize(),
            success :   function(data){ 
                $("#signup_msg").html(data);
            }
        })

    })

        })

register.php

<?php

include "db.php";

$f_name = $_POST["f_name"];
$l_name = $_POST["l_name"];
$email = $_POST['email'];
$password = $_POST['password'];
$repassword = $_POST['repassword'];
$name = "/^[A-Z][a-zA-Z ]+$/";
$emailValidation = "/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9]+(\.[a-z]{2,4})$/";
$number = "/^[0-9]+$/";

if(empty($f_name) || empty($l_name) || empty($email) || empty($password) || empty($repassword)){

        echo "
            <div class='alert alert-warning'>
                <a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a><b>PLease Fill all fields..!</b>
            </div>
        ";
        exit();
    } else {
        if(!preg_match($name,$f_name)){
        echo "
            <div class='alert alert-warning'>
                <a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a>
                <b>this $f_name is not valid..!</b>
            </div>
        ";
        exit();
    }
    if(!preg_match($name,$l_name)){
        echo "
            <div class='alert alert-warning'>
                <a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a>
                <b>this $l_name is not valid..!</b>
            </div>
        ";
        exit();
    }
    if(!preg_match($emailValidation,$email)){
        echo "
            <div class='alert alert-warning'>
                <a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a>
                <b>this $email is not valid..!</b>
            </div>
        ";
        exit();
    }
    if(strlen($password) < 9 ){
        echo "
            <div class='alert alert-warning'>
                <a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a>
                <b>Password is weak</b>
            </div>
        ";
        exit();
    }
    if(strlen($repassword) < 9 ){
        echo "
            <div class='alert alert-warning'>
                <a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a>
                <b>Password is weak</b>
            </div>
        ";
        exit();
    }
    if($password != $repassword){
        echo "
            <div class='alert alert-warning'>
                <a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a>
                <b>password is not same</b>
            </div>
        ";
        exit();
    }

    //existing email address in our database
    $sql = "SELECT user_id FROM user_info WHERE email = '$email' LIMIT 1" ;
    $check_query = mysqli_query($con,$sql);
    $count_email = mysqli_num_rows($check_query);
    if($count_email > 0){
        echo "
            <div class='alert alert-danger'>
                <a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a>
                <b>Email Address is already available Try Another email address</b>
            </div>
        ";
        exit();
    } else {
        $password = md5($password);
        $sql = "INSERT INTO 'user_info' ('first_name', 'last_name', 'email', 'password') 
        VALUES ('$f_name', '$l_name', '$email', '$password')";
        $run_query = mysqli_query($con,$sql);
        if($run_query){
            echo "
                <div class='alert alert-success'>
                    <a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a>
                <b>You are Registered successfully..!</b>
                </div>
            ";
        }
    }
    }



?>

1 个答案:

答案 0 :(得分:1)

修改</form><input type="hidden" name="sqlid">

之前添加隐藏字段
<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <title> Supplies</title>
    <!--Stylesheets-->
    <link rel="stylesheet" type="text/css" href="css/style.css">
    <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">

    <!--Scripts-->
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>
    <div class="navbar navbar-inverse navbar-fixed-top">
        <div class="container-fluid">
            <div class="navbar-header">
                <a href="#" class="navbar-brand">Supplies</a>
            </div>
            <ul class="nav navbar-nav">
                <li><a href="http://localhost:8888/project1/">Home</a></li>
                <li><a href="#">Product</a></li>
            </ul>
        </div>
    </div>
    <br><br><br>
    <div class="container-fluid">
        <div class="row">
            <div class="col-md-2"></div>
            <div class="col-md-18" id="signup_msg">
                <!--alert from sign up form-->
            </div>
            <div class="col-md-2"></div>
        </div>
        <div class="row">
            <div class="col-md-1"></div>
            <div class="col-md-10">
                <div class="panel panel-primary">
                    <div class="panel-heading">Customer Sign Up Form</div>
                    <div class="panel-body">
                        <form method="POST" id="myForm" name="myForm">
                            <div class="row">
                                <div class="col-md-6">
                                    <label for="f_name">First Name</label>
                                    <input type="text" class="form-control" id="f_name" name="f_name">
                                </div>
                            </div>
                            <div class="row">
                                <div class="col-md-6">
                                    <label for="l_name">Last Name</label>
                                    <input type="text" class="form-control" id="l_name"  name="l_name">
                                </div>
                            </div>
                            <div class="row">
                                <div class="col-md-6">
                                    <label for="email">Email</label>
                                    <input type="email" class="form-control" id="email"  name="email">
                                </div>
                            </div>
                            <div class="row">
                                <div class="col-md-6">
                                    <label for="password">Password</label>
                                    <input type="password" class="form-control" id="password" name="password">
                                </div>
                            </div>
                            <div class="row">
                                <div class="col-md-6">
                                    <label for="repassword">Re-enter Password</label>
                                    <input type="password" class="form-control" id="repassword" name="repassword">
                                </div>
                            </div>
                            <br>
                            <div class="row">
                                <div class="col-md-6">
                                    <input type="submit" class="btn btn-primary btn-lg" value="Sign Up" onClick="return validateRegistration();">
                                </div>
                            </div>
                            <div id="registration_error" style="display:none;">Please check for any missing fields</div>
                            <input type="hidden" name="sqlid">
                        </form>
                        <script type="text/javascript">
                            function validateRegistration() {
                                var f_name_validate = document.forms["myForm"]["f_name"].value;
                                var l_name_validate = document.forms["myForm"]["l_name"].value;
                                var email_validate = document.forms["myForm"]["email"].value;
                                var password_validate = document.forms["myForm"]["password"].value;
                                if (f_name_validate == "", l_name_validate == "", email_validate == "", password_validate == "") {
                                    $('#registration_error').fadeIn();
                                    setTimeout(function() {
                                        $('#registration_error').fadeOut('fast');
                                    }, 5000);
                                    return false;
                                } else if (f_name_validate == "") {
                                    $('#registration_error').fadeIn();
                                    setTimeout(function() {
                                        $('#registration_error').fadeOut('fast');
                                    }, 5000);
                                    return false;
                                } else if (l_name_validate == "") {
                                    $('#registration_error').fadeIn();
                                    setTimeout(function() {
                                        $('#registration_error').fadeOut('fast');
                                    }, 5000);
                                    return false;
                                } else if (email_validate == "") {
                                    $('#registration_error').fadeIn();
                                    setTimeout(function() {
                                        $('#registration_error').fadeOut('fast');
                                    }, 5000);
                                    return false;
                                } else if (password_validate == "") {
                                    $('#registration_error').fadeIn();
                                    setTimeout(function() {
                                        $('#registration_error').fadeOut('fast');
                                    }, 5000);
                                    return false;
                                // To make sure that the password values match
                                } else if ($('#password').val() !== $('#repassword').val()) {
                                    $('#registration_error').fadeIn();
                                    setTimeout(function() {
                                        $('#registration_error').fadeOut('fast');
                                    }, 5000);
                                    return false;
                                } else {
                                    // If everything matches then call ajax
                                    $("#myForm").submit(function(e) {
                                        $.ajax({
                                            type: "POST",
                                            url: "register.php",
                                            data: $("#myForm").serialize(), // serializes the form's elements.
                                            success: function(data) {
                                                if (data == 'success') {
                                                    $('#signup_msg').html(data);
                                                } else {
                                                    $('#signup_msg').html(data);
                                                }
                                            }
                                        });
                                        return false;
                                    });
                                }
                            }
                        </script>
                    </div>
                    <div class="panel-footer">&copy; 2017</div>
                </div>
            </div>
            <div class="col-md-2"></div>
        </div>
    </div>
</body>
</html>


connection.php

<?php
$hostname_sdatabase  = "localhost";
$database_sdatabase  = "db_name";
$username_sdatabase  = "root";
$password_sdatabase  = "";
$sdatabase = mysql_pconnect($hostname_sdatabase, $username_sdatabase, $password_sdatabase) or trigger_error(mysql_error(),E_USER_ERROR); 
?>


将您的register.php代码简化为类似的东西,是的,我知道它不安全并且容易出现sql注入,但这只是测试,您可以根据自己的喜好对其进行修改

register.php

<?php
$sqlid = $_POST['sqlid'];
$f_name = $_POST['first_name'];
$l_name = $_POST['last_name'];
$email = $_POST['email'];
$password = md5($_POST['password']);
$insertSQL = "INSERT INTO user_info (sqlid, first_name, last_name, email, password) VALUES ('$sqlid', '$f_name', '$l_name', '$email', '$password')";

mysql_select_db($database_sdatabase , $sdatabase);
$Result1 = mysql_query($insertSQL, $sdatabase) or die(mysql_error());
?>