duanji1482
2014-06-18 10:17
浏览 169

通过ajax发送数据时会自动添加转义字符

I want to send the SQL condition statement using the id of the link element which is the category of the product to be generated by php file and loaded back to the div with class load_area. I get the category with .attr() method and then send this data as the string {'category='"+cat+"'} to the php file. The string sent should be

category="bag"

but this is what I got as a print result in php file

category='\"bag\"'

As you can see that the php file automatically added the escape character to the string I sent to it and the query couldn't be successfully processed. I am so frustrated trying to find the right way solving the problem. So please help ...

This is my HTML

<a id="bag" href="#">Bag</a>
<div class="load_area"></div>

This is javaScript

$(document).ready(function() {
    $('a').click(function() {
        var cat = $(this).attr('id');
        $('.load_area').load('controllers/genproduct.php', {'condition':'category='"+cat+"'});
    });
});

This is my php script

<?php
$condition = explode("=", $_POST['condition']); // Get condition
$limit = $_POST['limit']; // Get limit
require_once("../engines/store_manager.class.php");
$store = new store_manager(mysql_connect("localhost", "root", "1234"), "gemalong",     "cart", "products");
if(isset($condition) || $condition != "") {
if(isset($limit) || $limit != "") {
    $getquery = $store->product_gen($condition, $limit);
}
else {
    $getquery = $store->product_gen($condition);
}
}
else {
$getquery = $store->product_gen();
}
while($data=mysql_fetch_array($getquery)) {
$pid = $data['id'];
$pname = $data['name'];
$pdesc = $data['description'];
$pprice = $data['price'];
$ppix = $data['pix'];
// Start generating view
echo "<div class='each_product'>";
    echo "<div class='img_container'>";
        echo "<a id='ppixlink".$pid."' href='#' alt='".$pname."'><img      src='".$ppix."' title='".$pname."' /></a>";
    echo "</div>";
    echo "<p class='product_name'><a id='plink".$pid."' href='#'     alt='".$pname."'>".$pname."</a></p>";
    echo "<div class='down_pb clearfix'>";
        echo "<p>$ ".$pprice."</p>";
        echo "<button type='button' id='productaddbtn".$pid."' class='addcart-btn'>Add to cart</button>";
    echo "</div>";
echo "</div>";
}
// Close connection
mysql_close();
?>
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • douqi1212 2014-06-18 10:25
    已采纳

    Dont send a string that needs manipulating in php, send two fields instead:

    //js
    $('.load_area').load('controllers/genproduct.php', {field: 'category', value: cat});
    
    //php
    $condition = array($_POST['field'], $_POST['value']);
    
    点赞 评论

相关推荐 更多相似问题