Ajax使用POST方法发送数据,但PHP函数不会将它们插入到表中

时间:2017-10-16 11:16:11

标签: php jquery mysql ajax post

我遇到使用POST方法从AJAX接收数据的问题。

起初,一切正常,但后来发生了一些事情,现在我找不到这个错误 如果我检查我的AJAX一切正确发送,但PHP没有收到数据。因此,它不会将数据插入数据库表。

我的jQuery:

$('#button-send-review').click(function(e) {
    e.preventDefault();
    var th = $(this);
    var name = $("#name_review").val();
    var good = $("#good_review").val();
    var bad = $("#bad_review").val();
    var comment = $("#comment_review").val();
    var iid = $("#button-send-review").attr("iid");
    var add_review = $("#button-send-review").val();

    if (name != "") {
        var name_review = '1';
        $("#name_review").css("borderColor", "#DBDBDB");
    } else {
        var name_review = '0';
        $("#name_review").css("border", "2px solid #d20000");
    }

    if (good != "") {
        var good_review = '1';
        $("#good_review").css("borderColor", "#DBDBDB");
    } else {
        var good_review = '0';
        $("#good_review").css("border", "2px solid #d20000");
    }

    if (bad != "") {
        var bad_review = '1';
        $("#bad_review").css("borderColor", "#DBDBDB");
    } else {
        var bad_review = '0';
        $("#bad_review").css("border", "2px solid #d20000");
    }

    if (name_review == '1' && good_review == '1' && bad_review == '1') {
        $.ajax({
            type: "POST",
            url: "./",
            data: "goods_id=" + iid + "&name=" + name + "&good=" + good + "&bad=" + bad + "&comment=" + comment + "&add_review=" + add_review,
            dataType: "html",
            cache: false,
        }).done(function() {
            $(".success").addClass("visible");
            setTimeout(function() {
                // Done Functions
                th.trigger("reset");
                $(".success").removeClass("visible");
                $.magnificPopup.close();
            }, 3000);
        });
    }
});

我的控制器:

<?php
if ($_POST['add_review']) {
    add_review();
}
?>

我的模特:

<?php
function add_review() {
    global $link;

    $goods_id = trim($_POST['goods_id']);
    $name = trim($_POST['name']);
    $good = trim($_POST['good']);
    $bad = trim($_POST['bad']);
    $comment = trim($_POST['comment']);

    $goods_id = clear($goods_id);
    $name = clear($name);
    $good = clear($good);
    $bad = clear($bad);
    $comment = clear($comment);

    $query = "INSERT INTO reviews(goods_id, name, good_reviews, bad_reviews, comment, date)
              VALUES($goods_id, '$name', '$good', '$bad', '$comment', NOW())";
    $res = mysqli_query($link, $query) or trigger_error($link->error . "[DB]");

    return true;
}
?>

我的HTML:

<div id="send-review" class="popup-form">
    <div class="success">Thank you! <br>
        Your review send for moderation.
    </div>
    <h4 id="title-review">The review would be posted soon.</h4>
    <ul>
        <li>
            <label id="label-name"><span>Name *</span></label>
            <input maxlength="15" type="text" id="name_review" placeholder="Enter your name..." style="border-color: rgb(219, 219, 219);" />
        </li>
        <li>
            <label id="label-good"><span>Pros *</span></label>
            <textarea id="good_review" placeholder="Enter pros..." style="border-color: rgb(219, 219, 219);"></textarea>
        </li>
        <li>
            <label id="label-bad"><span>Cons *</span></label>
            <textarea id="bad_review" placeholder="Enter cons..." style="border-color: rgb(219, 219, 219);"></textarea>
        </li>
        <li>
            <label id="label-comment">Comment</label>
            <textarea id="comment_review" placeholder="Your comment..."></textarea>
        </li>
    </ul>
    <div class="button-wrap">
        <button class="button" type="submit" id="button-send-review" name="add_review" value="Send" iid="92">Send</button>
    </div>
    <button title="Close (Esc)" type="button" class="mfp-close">&times;</button>
</div>

2 个答案:

答案 0 :(得分:0)

您的$ .ajax()数据格式不正确;

应该像这个示例一样在接收者页面中接收POST字符串:

$.ajax({
  method: "POST",
  url: "some.php",
  data: { name: "John", location: "Boston" }
});

请使用准备好的SQL语句来防止SQL注入。

答案 1 :(得分:0)

ajax方法中的发布格式不正确;

将ajax代码更改为:

<script>
$('#button-send-review').click(function (e) {
    e.preventDefault();
    var th = $(this);
    var name = $("#name_review").val();
    var good = $("#good_review").val();
    var bad = $("#bad_review").val();
    var comment = $("#comment_review").val();
    var iid = $("#button-send-review").attr("iid");
    var add_review = $("#button-send-review").val();

    if (name != "")
    {
        var name_review = '1';
        $("#name_review").css("borderColor", "#DBDBDB");
    } else {
        var name_review = '0';
        $("#name_review").css("border", "2px solid #d20000");
    }

    if (good != "")
    {
        var good_review = '1';
        $("#good_review").css("borderColor", "#DBDBDB");
    } else {
        var good_review = '0';
        $("#good_review").css("border", "2px solid #d20000");
    }

    if (bad != "")
    {
        var bad_review = '1';
        $("#bad_review").css("borderColor", "#DBDBDB");
    } else {
        var bad_review = '0';
        $("#bad_review").css("border", "2px solid #d20000");
    }



    if (name_review == '1' && good_review == '1' && bad_review == '1')
    {
        $.ajax({
            type: "POST",
            url: "./",
            data: {"goods_id":iid,"name":name,"good":good,"bad":bad, "comment":comment,"add_review":add_review},
            dataType: "html",
            cache: false,
        }).done(function () {
            $(".success").addClass("visible");
            setTimeout(function () {
                // Done Functions
                th.trigger("reset");
                $(".success").removeClass("visible");
                $.magnificPopup.close();
            }, 3000);
        });
    }
});
</script>

使用PDO停止SQl注射