-1

我一直在尝试创建一个注册用户的 SPA,将用户存储在数据库中,然后在 div 中显示用户信息。我正在使用 PHP/MYSQL 和 jQuery。这是该问题的演练:

我得到了所有的波纹管代码;我将首先发布这个——然后回顾一下当我尝试使用 jQuery 时会发生什么。

索引.php

<!DOCTYPE HTML>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>it IT</title>
  <link rel="stylesheet" type="text/css" href="application.css" />
  <script src="jquery.js"></script> 
  <script src="application.js"></script>
  <script type="text/javascript" src="ejs_production.js"></script>
  <!--[if lt IE 9]>
  <script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
  <![endif]-->
</head>
<body>
    <h1>it IT</h1>
    <div id="signup">
        <form id="signupform" method="post" action="insert_ac.php">
            Username: <input type="text" name="username" id="username"><br>
            Password: <input type="password" name="pw" id="pw"><br>
            Email: <input type="text" name="email" id="email"><br>
            <input type="submit" name="Submit" value="Submit">
        </form>
    </div>
    <div id="signin"></div>
    <div id="showuser">
        <h2>Username - Email</h2>
        <ul id="listuser"></ul>
    </div>
</body>
</html>

插入ac.php

<?php

$host="localhost"; // Host name
$uname="root"; // Mysql username
$password="bonjour3"; // Mysql password
$db_name="itit"; // Database name
$tbl_name="users"; // Table name

// Connect to server and select database.
$link = mysqli_connect("$host", "$uname", "$password", "$db_name")or die("cannot connect");

// Get values from form
$username=$_POST['username'];
$pw=$_POST['pw'];
$email=$_POST['email'];

// Insert data into mysql
$sql="INSERT INTO $tbl_name(username, password, email)VALUES('$username', '$pw', '$email')";
$result=mysqli_query($link, $sql);

// if successfully insert data into database, displays message "Successful".
if($result){
echo "Successful";
echo "<BR>";
echo "<a href='index.php'>Back to main page</a>";
}

else {
echo "ERROR";
}
?>

<?php
// close connection
mysqli_close($link);
?>

就像我说的,上面所有的代码都可以正常工作——创建了一个用户,并且 echo 在 if/else 语句中正常工作。

现在 - 我想将一个 .php 文件(基本上作为模板)插入“listuser” div。此模板应显示用户的电子邮件和用户名。

这是模板:

模板/showuser.php

<?php
    $host="localhost"; // Host name
    $uname="root"; // Mysql username
    $password="bonjour3"; // Mysql password
    $db_name="itit"; // Database name
    $tbl_name="users"; // Table name

// Connect to server and select database.
    $link = mysqli_connect("$host", "$uname", "$password", "$db_name")or die("cannot connect");
    $lastuser="SELECT * FROM users ORDER BY autoIncrementColumn DESC LIMIT 1";
    $result = mysqli_query($link,$lastuser) or die (mysql_error());
    $row = $result->fetch_assoc();
?>

<li><? echo $row['username'] ?> - <? echo $row['email'] ?></li>

<?php
// close connection
mysqli_close($link);
?>

接下来,我注释掉这段代码(来自 insert_ac.php):

// if successfully insert data into database, displays message "Successful".
if($result){
echo "Successful";
echo "<BR>";
echo "<a href='index.php'>Back to main page</a>";
}

else {
echo "ERROR";
}

这是替代我注释掉的jQuery:

应用程序.js

$(document).ready(function() {
    $("#signupform").submit(function(e) {  
        e.preventDefault();
        $("#listuser").load("templates/showuser.php")
        $("#signupform").remove();   
    });
});

当我注释掉 insert_ac.php 代码并实现 jQuery 时 - 模板显示在 listuser div 中,但用户不再被保存,因此模板中没有显示任何内容(“-”字符除外)。有谁知道为什么,一旦我实现了 jQuery - 用户不再被保存?

更新

由于一些建议,我试图让我的代码更安全。这是我更改的内容...它似乎可以正常工作-保存了用户-并显示了 printf() 语句。

插入ac.php

<?php

$host="localhost"; // Host name
$uname="root"; // Mysql username
$password="bonjour3"; // Mysql password
$db_name="itit"; // Database name
$tbl_name="users"; // Table name

// Connect to server and select database.
$link = mysqli_connect("$host", "$uname", "$password", "$db_name")or die("cannot connect");

// Get values from form
$username=$_POST['username'];
$pw=$_POST['pw'];
$email=$_POST['email'];

// Insert data into mysql
$sql= $link->prepare("INSERT INTO $tbl_name(username, password, email)VALUES(?,?,?)");
$sql->bind_param('sss', $username, $pw, $email);
$sql->execute();
printf("%d Row inserted.\n", mysqli_stmt_affected_rows($sql));
mysqli_stmt_close($sql);
// if successfully insert data into database, displays message "Successful".
//if($result){
//echo "Successful";
//echo "<BR>";
//echo "<a href='index.php'>Back to main page</a>";
//}

//else {
//echo "ERROR";
//}
//?>

<?php
// close connection
mysqli_close($link);
?>

这更安全/我应该做什么?

4

2 回答 2

0

您正在阻止此行中的默认值

e.preventDefault();

并且从不实际发布文件

尝试

e.preventDefault();
$.post('insert_ac.php', $(this).serialize(), function(){
    $("#listuser").load("templates/showuser.php");
    $("#signupform").remove();   
});
于 2013-06-07T15:39:49.507 回答
0

我想出了我想要做什么......如果有人也想尝试的话,这就是我的所有代码!

插入ac.php

<?php

$host="localhost"; // Host name
$uname="root"; // Mysql username
$password="bonjour3"; // Mysql password
$db_name="itit"; // Database name
$tbl_name="users"; // Table name

// Connect to server and select database.
$link = mysqli_connect("$host", "$uname", "$password", "$db_name")or die("cannot connect");

// Get values from form
$username=$_POST['username'];
$pw=$_POST['pw'];
$email=$_POST['email'];

// Insert data into mysql
$sql= $link->prepare("INSERT INTO $tbl_name(username, password, email)VALUES(?,?,?)");
$sql->bind_param('sss', $username, $pw, $email);
$sql->execute();
printf("%d Row inserted.\n", mysqli_stmt_affected_rows($sql));
mysqli_stmt_close($sql);
// if successfully insert data into database, displays message "Successful".
//if($result){
//echo "Successful";
//echo "<BR>";
//echo "<a href='index.php'>Back to main page</a>";
//}

//else {
//echo "ERROR";
//}
//?>

<?php
// close connection
mysqli_close($link);
?>

索引.php

<!DOCTYPE HTML>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>it IT</title>
  <link rel="stylesheet" type="text/css" href="application.css" />
  <script src="jquery.js"></script> 
  <script src="application.js"></script>
  <!--[if lt IE 9]>
  <script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
  <![endif]-->
</head>
<body>
    <h1>it IT</h1>
    <div id="signup">
        <form id="signupform" method="post" action="insert_ac.php">
            Username: <input type="text" name="username" id="username"><br>
            Password: <input type="password" name="pw" id="pw"><br>
            Email: <input type="text" name="email" id="email"><br>
            <input type="submit" name="Submit" value="Submit">
        </form>
    </div>
    <div id="signin"></div>
    <div id="showuser">
        <h2>Username - Email</h2>
        <ul id="listuser"></ul>
    </div>
</body>
</html>

应用程序.js

$(document).ready(function() {
    $("#signupform").submit(function(e) {  
        e.preventDefault();
        $.post('insert_ac.php', $(this).serialize(), function(){
            $("#listuser").load("templates/showuser.php");
            $("#signupform").remove();   
        });
    });
});

模板/showuser.php

<?php
    $host="localhost"; // Host name
    $uname="root"; // Mysql username
    $password="bonjour3"; // Mysql password
    $db_name="itit"; // Database name
    $tbl_name="users"; // Table name

// Connect to server and select database.
    $link = mysqli_connect("$host", "$uname", "$password", "$db_name")or die("cannot connect");
    $result = mysqli_query($link,"SELECT username, email FROM users ORDER BY autoIncrementColumn DESC LIMIT 1");
    $row = mysqli_fetch_assoc($result);
?>

<li><? echo $row['username'] ?> - <? echo $row['email'] ?></li>

<?php
// close connection
mysqli_close($link);
?>
于 2013-06-07T17:23:45.837 回答