dongze8698 2016-06-24 12:53
浏览 123
已采纳

将表单值从PHP文件传递到另一个PHP文件

I make a pop-up form like this, in home.php :

<script src="js/submit.js"></script>

.........
.........
.........

<div id="abc">
<!-- Popup Div Starts Here -->

<div id="popupContact">
<!-- Form -->

<form action="#" id="form" method="post" name="form">

    <input id="month" name="month" placeholder="MONTH" type="text">
    <a href="javascript:%20check_empty()" id="submit">ADD</a>

</form>

</div>
<!-- Popup Div Ends Here -->
</div>

I fill the form. When I click 'ADD' button, it runs javascript function. The code in submit.js :

function check_empty() {
    if (document.getElementById('month').value == ""){
        alert("Fill column!");
    } else {
        document.getElementById('form').submit();   
        $.get("application/insertdata.php");
        return false;
    }
}

//Function To Display Popup
function div_show() {
document.getElementById('abc').style.display = "block";
}

//Function to Hide Popup
function div_hide(){
document.getElementById('abc').style.display = "none";
}

I want to run query in insertdata.php as below. It needs the value from 'month'.

<?php 
require("phpsqlajax_dbinfo.php");

$conn = mysqli_connect('localhost', $username, $password, $database);

if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
} 

$data = isset($_POST['month']);
$monthstring = mysqli_real_escape_string($conn, $data);

$sql = "INSERT INTO `databasea`.`tablea` (`MONTH`, `TEST`) VALUES ('". $monthstring ."', 'xxx');";

mysqli_query($conn, $sql);
mysqli_close($conn);
?>

The query run successfully, and row is added in my table. 'TEST' column is added with 'xxx'. But in 'MONTH' column, it generates no value, just empty.

So, how to get the 'month' value? Thank you.

  • 写回答

3条回答 默认 最新

  • doucandiao9180 2016-06-24 13:14
    关注

    Since you're using JavaScript/jQuery there is no real need for inline code in your HTML, so let's start there by removing the inline JavaScript:

    <script src="js/submit.js"></script>
    
    .........
    .........
    .........
    
    <form action="#" id="form" method="post" name="form">
    
    <input id="month" name="month" placeholder="MONTH" type="text">
    <a href="#" id="submit">ADD</a>
    
    </form>
    

    Much cleaner, no? You weren't passing any data in your function call which may have caused problems for you down the line.

    Now a simpler setup in your JavaScript/jQuery in which we'll capture the click event and pass the data via $.post:

    $('#submit').click(function(event) {
        event.preventDefault(); // prevent the default click action
        var month = $('#month').val();
        if('' == month) {
            alert('fill the column!');
        } else {
            $.post("application/insertdata.php", {month: month}); // notice how the data is passed
        }
    });
    

    So far, so good, the code is much tighter and more readable and it actually posts the data from the form to the AJAX call.

    Finally the PHP, testing to see if the variable month is set properly:

    <?php 
        require("phpsqlajax_dbinfo.php");
    
        $conn = mysqli_connect('localhost', $username, $password, $database);
    
        if (!$conn) {
            die("Connection failed: " . mysqli_connect_error());
        } 
    
        if(isset($_POST['month'])) {
            $data = $_POST['month'];
            $monthstring = mysqli_real_escape_string($conn, $data);
            $sql = "INSERT INTO `databasea`.`tablea` (`MONTH`, `TEST`) VALUES ('". $monthstring ."', 'xxx');";
            mysqli_query($conn, $sql);
        }
    
        mysqli_close($conn);
    ?>
    

    NOTE: I am concerned that you might have more than one of these forms on your page and you may be duplicating ID's which will not work and the duplicate ID's will need to be removed. If this is the case the jQuery code I've written needs to be changed. Here is one way to do that:

    $('a').click(function(event) {
        event.preventDefault(); // prevent the default click action
        var month = $(this).prev('input').val(); // get the input next to the link
        if('' == month) {
            alert('fill the column!');
        } else {
            $.post("application/insertdata.php", {month: month}); 
        }
    });
    

    As I stated in comments Little Bobby says your script is at risk for SQL Injection Attacks. Learn about prepared statements for MySQLi. Even escaping the string is not safe! Changing to prepared statements will make your code cleaner and safer.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥30 Hyper-v虚拟机相关问题,求解答。
  • ¥15 TSM320F2808PZA芯片 Bootloader
  • ¥45 谷歌浏览器出现开发者工具无法显示已创建的,但您可以调试已部署的代码。 状态代码 404, net::ERR HTTP RESPONSE CODE FAILURE
  • ¥15 chatgpt网页版侧边栏和模型切换点击没反应怎么办
  • ¥15 如何解决蓝牙通话音频突发失真问题
  • ¥15 安装opengauss数据库报错
  • ¥15 【急】在线问答CNC雕刻机的电子电路与编程
  • ¥60 在mc68335芯片上移植ucos ii 的成功工程文件
  • ¥15 笔记本外接显示器正常,但是笔记本屏幕黑屏
  • ¥15 Python pandas