1. 首页
  2. 问答
  3. 将空参数发送到PHP的JavaScript

将空参数发送到PHP的JavaScript

2017-05-09 58 views
-1

我正在尝试为使用用户名和密码访问的网站创建用户区域。我在前端使用HTML,在后端使用JavaScript,在服务器端使用PHP。我使用Xampp来运行本地服务器和PHPMyAdmin来托管数据库。将空参数发送到PHP的JavaScript

的HTML代码:

<!-- the Login Section --> 
    <input type="text" name="userName" placeholder="username" id="usernameBar"> 
    <input type="password" name="passWord" placeholder="password" id="passwordBar"> 
    <button id="loginButton" onclick="Login();">Login</button> 
    <p id="IncorrectP" title="Incorrect Username or Password" style="display: none">Invalid</p>

的JavaScript:

function Login(){ 

    //Connect to the PHP: 
    var urlConnect = "checkLogin1.php"; 
    //Get the username and password: 
    var usrUsername = document.getElementById("usernameBar").value; 
    var usrPassword = document.getElementById("passwordBar").value; 

    //Define the parameters to send to php 
    var strParameters = "usrUsername="+usrUsername + "usrPassword="+usrPassword + "&sid=" + Math.random(); 

     //Define the options for the AJAX request 
     var objOptions = { 
     method: "post", 
     parameters: strParameters, 
     onSuccess: function(objXHR) { 

      //If objXHR. responseText = Tenant: 
      if(objXHR.responseText=='Tenant'){ 

       //Go to tenant space: 
       alert("Success! (Tenant)"); 
       OpenTenantPage(); 

      } 
      //Else if objXHR.responseText = Staff: 
      else if(objXHR.responseText=='Staff'){ 

       //Go to staff space: 
       alert("Success! (Staff)"); 
       OpenStaffPage(); 

      } 
      //Else if objXHR.responseText = Admin: 
      else if(objXHR.responseText=='Admin'){ 

       //Go to admin space: 
       alert("Success! (Admin)"); 
       OpenAdminPage(); 

      } 
      else{ 

       //Run IncorrectLogin: 
       alert("Error! No User Account Found!"); 
       IncorrectLogin(); 

      } 
     } 
    } 

    // define the AJAX request object 
    var objRequest = new Ajax.Request(urlConnect,objOptions); 

}

PHP:

<?php 

    //Link the username and password: 
    $connect = mysqli_connect("localhost", "admin", "12345", "realestate") or die ('Connection to database failed: ' . mysql_error()); 
    //Extract variables for request parameters: 
    extract($_REQUEST); 

    //Try to log in as a tentant: 
    $resTenantUser = mysqli_query($connect, "SELECT * FROM tenants WHERE Username='$usrUsername' AND Password='$usrPassword'") or die(mysql_error()); 
    //$resTenantUser = mysqli_query($connect, "SELECT * FROM tenants WHERE Username='Charb1' AND Password='123456' ") or die(mysql_error()); 
    //Set intCount to number of rows in result: 
    $intCount = mysqli_num_rows($resTenantUser); 

    if($intCount == 0){ 

     echo "Error!"; 

    } 
    else{ 

     echo "Tenant"; 

    } 

?>

我认为错误我是JS的不发送参数到PHP或它正在发送空的参数。尽管如此我仍然无法找到我的错误。

来源

2017-05-09 Christopher Littlewood

+1

检查** **开发工具,网络选项卡中看到什么实际上是在请求中发送... –

+0

只是为了改进讨论:HTML和JavaScript是你的前端技术(在浏览器上运行); PHP是你的后端语言(运行在服务器上) –

+0

**警告**:当使用'mysqli'时,你应该使用[参数化查询](http://php.net/manual/en/mysqli.quickstart.prepared-statements .php)和['bind_param'](http://php.net/manual/en/mysqli-stmt.bind-param.php)将用户数据添加到您的查询中。 **不要**使用字符串插值或连接来完成此操作,因为您创建了严重的[SQL注入漏洞](http://bobby-tables.com/)。 **不要**将'$ _POST','$ _GET'或**任何**用户数据直接放入查询中,如果有人试图利用您的错误,这可能会非常有害。 – tadman

回答

3

parameters必须是JSON格式不查询字符串format.something这样的:
parameters:{usrUsername: usrUsername , usrPassword:usrPassword , sid : Math.random()}

来源

2017-05-09 03:54:55

+0

必须在JSON中?你知道这个'Ajax.Request'的东西是知道它只接受JSON作为'parameters'吗?没关系 - 好电话:p –

+0

@JaromandaX你可以用'dataType:'json''告诉AJAX你的[所需类型的数据](http://api.jquery.com/jQuery.ajax/),但默认值是'JSON' –

+0

这一切都很好,我意识到'Ajax.Request'很可能是'prototype.js'的东西,所以,正如我所说的,“好的呼叫” –

0

问题在查询参数中。你错过了&。试试这种方式。

var strParameters = "usrUsername="+usrUsername + "&usrPassword="+usrPassword + "&sid=" + Math.random();

或者

var strParameters = {"usrUsername" : usrUsername, "usrPassword" : usrPassword, "sid" : Math.random()}

来源

2017-05-09 03:52:37

相关问题

 相关问题