如何从html表单执行php查询?

rhfm7lfc  于 2021-06-25  发布在  Mysql
关注(0)|答案(2)|浏览(348)

我知道php是一种服务器端语言,html是一种客户端语言,要做到这一点,我会使用javascript,但我不知道怎么做。有人能帮我写一个名为**changefunction()**的脚本吗?

这是我在index.php中的表单:

<form method="POST">
            <div class="row"style="margin-top: 5%;">
                <div class="col-3">

                </div>
                <div class="col-6">
                   <label for="inputUsername">Insert username</label>
                   <input type="text" class="form-control" name="inputUser" style="margin-bottom: 2%">
                   <div class="input-group mb-3">
                    <div class="input-group-prepend">
                      <label class="input-group-text" for="inputGroupSelect01">Convert account type to: </label>
                    </div>
                    <select class="custom-select" id="inputGroupSelect01" name="inputSelected">
                      <option selected>Choose...</option>
                      <option value="admin">Admin</option>
                      <option value="user">User</option>
                    </select>
                       <button type="button" class="btn btn-outline-primary" onclick="changeFunction()">Submit</button>
                  </div>
                </div>
                <div class="col-3">
                </div>
            </div>
        </form>

这是我在query.php中的查询:

<?php     
 $var1= $_POST["inputGroupSelect01"];
 $var2= $_POST["inputUser"];
 require 'connection.php';
 $sql = "UPDATE user SET typeAcc =".$var1." WHERE username=".$var2;
 ?>
5jdjgkvh

5jdjgkvh1#

我希望这是你想要的解决办法。
首先在html表单中添加以下div <div id='resultDiv' ></div> 所以你的html表单代码应该是这样的

<form method="POST" >
        <div class="row"style="margin-top: 5%;">
            <div class="col-3">
                <h2>Testing Form</h2>
            </div>
            <div class="col-6">
               <label for="inputUsername">Insert username</label>
               <input type="text" class="form-control" name="inputUser" style="margin-bottom: 2%" id="inputUser">
               <div class="input-group mb-3">
                <div class="input-group-prepend">
                  <label class="input-group-text" for="inputGroupSelect01">Convert account type to: </label>
                </div>
                <select class="custom-select" id="inputGroupSelect01" name="inputSelected">
                  <option selected>Choose...</option>
                  <option value="admin">Admin</option>
                  <option value="user">User</option>
                </select>
                   <button type="button" class="btn btn-outline-primary" onclick="changeFunction()">Submit</button>
              </div>
              <!-- this need to be added -->
              <div id='resultDiv' ></div>
            </div>
            <div class="col-3">
            </div>
        </div>
    </form>

其次,将jquery和下面的脚本添加到代码中
两个jquery变量define userName 以及 role 后来被认为 data 如果服务器响应是 SUCCESS 然后执行成功条件,或者您可以通过设置 ERRORYOUR ERROR TEXT ```

<script type='text/javascript'>

       function changeFunction(){
      var userName = $('#inputUser').val();
      var role     =$('#inputGroupSelect01').val();

     $.ajax({
       method: "POST",
       url: "server.php",
       data: JSON.stringify( { "userId": userName, "userRole": role } ),
       dataType: "text",

       success: function (response){
           if(response=='SUCCESS'){
              $('#resultDiv').append('<br/>Successful Updated'+response);

        }else{
            $('#resultDiv').append('<br/>Error'+ response);
        }
    }

    });
  }

**第三,你必须写新的 server.php 包含以下代码的文件

<?php     
    $var1= $_POST["userId"]; // change here userId as used in jquery block 
    $var2= $_POST["userRole"];// change here userRole as used in jquery  Block
     //require 'connection.php';
     $sql = "UPDATE user SET typeAcc =".$var1." WHERE username=".$var2;

    //suppose query is executed successfull then 
    //it will return no of rows updated

   $query_result = mysql_query($query);
   //SUCCESS_CONDITION is normally if number of row updated is 1 in return 
   ///of query execution so kindly define by your own way 

   $num_rows = mysql_num_rows($query_result);
   //if($num_rows==1 || define your own SUCCESS_CONDITION){
   if($num_rows ==1){ 
     $result ='SUCCESS';
   }else{
      $result ='ERROR';
   }

  echo $result;
?>

我希望这会有帮助。如果需要的话,请寻求帮助

n3h0vuf2

n3h0vuf22#

您可以使用php进行此操作,但需要检查$\u post数据。

if(isset($_POST['inputGroupSelect01']) && isset($_POST['inputUser;]){
$var1= $_POST["inputGroupSelect01"];
 $var2= $_POST["inputUser"];
 require 'connection.php';
 $sql = "UPDATE user SET typeAcc =".$var1." WHERE username=".$var2;
}

顺便说一下,这些代码是完全脆弱的。您从用户处获取2个输入,并直接将它们放入sql查询中。
如果我对var2的输入是 '; DROP TABLE user; ?

相关问题