-1

我正在使用 jQuery 发布 2 个变量。然后我加载一个外部 php 文件以将这 2 个变量放入数据库中。由于某种原因,查询不起作用。如果我以正常方式尝试。有用。

jQuery代码

    $.post("/include/getResult.php", { 
finalscore:score, finalcredits:credit },
 function(data){

console.log("Data: " + data);

});

PHP 代码

session_start();
$finalscore = $_POST['finalscore'];
$finalcredits = $_POST['finalcredits'];
$query = mysqli_query($con, "SELECT score,credits FROM gebruikers WHERE leerlingennummer = '".$_SESSION['leerlingennummer']."'");
if(mysqli_num_rows($query) == 1)
{
    $row = mysqli_fetch_array($query);
    //get the current score and credits
    $score = $row['score'];
    $credits = $row['credits'];
    $score = 'succes';
}
echo $score;

出于某种奇怪的原因,查询不能以这种方式工作。

4

3 回答 3

0

PHP代码

session_start();
$finalscore = $_POST['finalscore'];
$finalcredits = $_POST['finalcredits'];
$query = mysqli_query($con, "SELECT score,credits FROM gebruikers WHERE leerlingennummer = '".$_SESSION['leerlingennummer']."'");
if(mysqli_num_rows($query) == 1)
{
    $row = mysqli_fetch_array($query);
    //get the current score and credits
    $score = $row['score'];
    $credits = $row['credits'];
    $score = 'succes';
}
echo $score;

AJAX

$("YourSubmitButtonId").click(function(event){

    event.preventDefault();

     var Formdata = $("YourFormId").serialize(); 

        $.ajax({

        type:"POST";
        url:"/include/getResult.php",
        data:Formdata,
        success:function(response){

        $("reponceId").html(response);

        };




    });
});
于 2013-04-27T13:24:21.977 回答
0

It seems to work well. But you need to add/modify some code.

  1. For prevent SQL Injection

    $query = mysqli_query($con, "SELECT score,credits FROM gebruikers WHERE leerlingennummer = '".$_SESSION['leerlingennummer']."'");

    should be

    $query = mysqli_query($con, "SELECT score,credits FROM gebruikers WHERE leerlingennummer = '".addslashes($_SESSION['leerlingennummer'])."'");
    • $_SESSION['leerlingennummer'] can be blanked. Review your code.

  2. Add update query

    if(mysqli_num_rows($query) == 1)
{
    $row = mysqli_fetch_array($query);
    //get the current score and credits
    $score = $row['score'];
    $credits = $row['credits'];
    $score = 'succes';
    mysqli_query($con, "update gebruikers set `score` = '".addslashes($_POST['finalscore'])."', `credits` = '".addslashes($_POST['finalcredits'])."' where leerlingennummer = '".addslashes($_SESSION['leerlingennummer'])."'");
}

This code will modify score in mysql to 'finalscore', credits in mysql to 'finalcredits'. Than, ajax alert will be 'succes'. If you want to be a score before update, you can do like this:

if(mysqli_num_rows($query) == 1)
{
    $row = mysqli_fetch_array($query);
    //get the current score and credits
    $score = $row['score'];
    $credits = $row['credits'];
    mysqli_query($con, "update gebruikers set `score` = '".addslashes($_POST['finalscore'])."', `credits` = '".addslashes($_POST['finalcredits'])."' where leerlingennummer = '".addslashes($_SESSION['leerlingennummer'])."'");
}
于 2013-04-27T13:28:32.040 回答
0

我知道这是旧的,但如果有人有类似的问题,请务必检查您的 ajax 调用的文件是否包含原始文件使用的所有 (PHP) 函数。有时很容易错过小错误:)

并在涉及 jQuery 函数的地方使用事件委托。

于 2018-10-01T14:19:31.987 回答