我在PHP中制作了一些更新用户信息代码,但是我将这个表单插入到我网站上的一个标签中:
当我填写表格并提交时,我的页面会刷新并再次将我带到第一张桌子。
我该如何预防呢? 我试着用ajax但现在不知道究竟是怎么回事 [编辑]我添加了ajax 我的代码:
<form action="" method="post">
<ul id="edit_list">
<li>Adresa:<br> <input type="text" name="address" id="address"/></li>
<li>Grad: <bR><input type="text" name="city" id="city"/></li>
<li>Poštanski broj:<br> <input type="number" name="zip" id="zip"/></li>
<li>Mobitel/Telefon:<br> <input type="tel" name="phone_number" id="phone_number"/></li>
<li>Lozinka:<br> <input type="password" name="password" id="password"/><div class="password_strength" id="password_strength"></div></li>
<li>Ponoviti lozinku:<br><input type="password" name="repassword" id="repassword" onkeyup="checkPass(); return false;"/></li><div id="confirmMessage"></div><br>
<li><input type="submit" value="izmijeni"/></li>
</ul>
</form>
<script>
$('#submit').click(function(e){
e.preventDefault;
var address = $('#address').val();
var city = $('#city').val();
var zip = $('#zip').val();
var phone_number = $('#phone_number').val();
var password = $('#password').val();
var repassword = $('#repassword').val();
var dataString = 'address='+address+'&city='+city+'&zip='+zip+'&phone_number='+phone_number+'&password='+password+'&repassword='+password;
$.ajax({
type:'POST',
url:'update_user.php',
data:dataString,
success:function(){
},
error:function(){
}
});
return false;
});
在anodher文件中的
php:
<?php
include 'init.php';
if(isset($_POST['address'])){
$id = (int)$session_user_id;
$address = sanitize($_POST['address']);
mysql_query("UPDATE users SET `address` = '$address' WHERE `id` = $id");
}
if(isset($_POST['city'])){
$id = (int)$session_user_id;
$city = sanitize($_POST['city']);
mysql_query("UPDATE users SET `city` = '$city' WHERE `id` = $id");
}
if(isset($_POST['zip'])){
if(is_numeric($_POST['zip']) === true){
$id = (int)$session_user_id;
$zip = sanitize($_POST['zip']);
mysql_query("UPDATE users SET `zip` = '$zip' WHERE `id` = $id");
}else{
$errors[]= 'Poštanski broj mora zadržavati brojeve bez razmaka i znakova';
}
}
if(isset($_POST['phone_number'])){
if(is_numeric($_POST['phone_number']) === true){
$id = (int)$session_user_id;
$phone_number = sanitize($_POST['phone_number']);
mysql_query("UPDATE users SET `phone_number` = '$phone_number' WHERE `id` = $id");
}else{
$errors[]= 'Broj mobitela mora zadržavati brojeve bez razmaka i znakova';
}
}
if(isset($_POST['password'])){
if(strlen($_POST['password']) < 4){
$errors[] = 'Lozinka mora sadržavati više od 4 znaka';
}else if($_POST['password'] !== $_POST['repassword']){
$errors[] = 'Lozinke se ne poklapaju';
}else{
$id = (int)$session_user_id;
$password = sanitize($_POST['password']);
$password = md5($password);
mysql_query("UPDATE users SET `password` = '$password' WHERE `id` = $id");
}
}
?>
由于
答案 0 :(得分:1)
event.preventDefault是一个函数:http://api.jquery.com/event.preventdefault/。 此外,您的表单中没有提交ID。
$('#my_submit_id').click(function(e){
e.preventDefault();
//...
return false;
});
<input id="my_submit_id" type="submit" value="izmijeni"/>
如果可能的话,你应该放弃mysql _ ***函数,转而使用mysqli或PDO。除了使用预准备语句来保护查询免于注入。 http://php.net/manual/en/pdo.prepared-statements.php http://php.net/manual/en/mysqli.prepare.php