将Javascript数组返回到隐藏的输入值
我遇到了更改隐藏输入类型值的问题。我有一个搜索,它使用PHP while循环创建了多个复选框。我希望在提交后将签入PHP变量的项目传递给PHP。这是带有复选框和隐藏值的窗体将Javascript数组返回到隐藏的输入值,javascript,php,html,Javascript,Php,Html,我遇到了更改隐藏输入类型值的问题。我有一个搜索,它使用PHP while循环创建了多个复选框。我希望在提交后将签入PHP变量的项目传递给PHP。这是带有复选框和隐藏值的窗体 $search_sql = "SELECT * FROM `company` WHERE `groups` = '$groups' AND (`companyname` LIKE '%$search%' OR `directurl` LIKE '%$search%' OR `email` LIKE '%$search%' O
$search_sql = "SELECT * FROM `company` WHERE `groups` = '$groups' AND (`companyname` LIKE '%$search%' OR `directurl` LIKE '%$search%' OR `email` LIKE '%$search%' OR `phone` LIKE '%$search%' OR `groups` LIKE '%$search%' OR `notes` LIKE '%$search%')";
$result = mysql_query($search_sql) or die(mysql_error());
while($row = mysql_fetch_array($result))
{
//remove the http from the links
$website = $row['directurl'];
$website = str_replace("http//", "", "$website");
$website = str_replace("http://", "", "$website");
$website = str_replace("https://", "", "$website");
$website = str_replace("https//", "", "$website");
//button to change colour
//display contacted companies
if($row['contact'] == 0){
//not contacted
$changecolor = '1';
$contacted = '<tr class="nocontact border">';
$button = '<td>
<form name="change_colour" method="post">
<input type="hidden" name="id" value="' . $row['id'] . '">
<input type="hidden" name="change_colour" value="' . $changecolor . '">
<input type="hidden" name="search" value="' . $row['companyname'] . '">
<input type="hidden" name="groupselected" value="' . $groups . '">
<input type="submit" value="C"></form>';
}
//contacted
elseif($row['contact'] == 1){
$changecolor = '2';
$contacted = '<tr class="contact border">';
$button = '<td>
<form name="change_colour" method="post">
<input type="hidden" name="id" value="' . $row['id'] . '">
<input type="hidden" name="change_colour" value="' . $changecolor . '">
<input type="hidden" name="search" value="' . $row['companyname'] . '">
<input type="hidden" name="groupselected" value="' . $groups . '">
<input type="submit" value="C"></form>';
}
//positive feedback
elseif($row['contact'] == 2){
$changecolor = '3';
$contacted = '<tr class="positive border">';
$button = '<td>
<form name="change_colour" method="post">
<input type="hidden" name="id" value="' . $row['id'] . '">
<input type="hidden" name="change_colour" value="' . $changecolor . '">
<input type="hidden" name="search" value="' . $row['companyname'] . '">
<input type="hidden" name="groupselected" value="' . $groups . '">
<input type="submit" value="C"></form>';
}
//negative feedback
elseif($row['contact'] == 3){
$changecolor = '0';
$contacted = '<tr class="negative border">';
$button = '<td>
<form name="change_colour" method="post">
<input type="hidden" name="id" value="' . $row['id'] . '">
<input type="hidden" name="change_colour" value="' . $changecolor . '">
<input type="hidden" name="search" value="' . $row['companyname'] . '">
<input type="hidden" name="groupselected" value="' . $groups . '">
<input type="submit" value="C"></form>';
}
else {echo 'error with the display';}
//button to select companies
$select_comp = '<form name="select_comp" method="post">
<input type="checkbox" id="' . $row['id'] . '" name="id" onclick="compTrig(' . $row['id'] . ')">
<input type="hidden" id="return_comp" name="return_comp" value="me">
<input type="submit" name="select_comp" value="Selected"></form></td>';
//Display link to website if available
if ($website !== ''){
$webdisplay = $contacted . $button . $select_comp . '<td><a target="_blank" href="http://' . $website . '">' . $row['companyname'] . '</a></td>';
}
else{
$webdisplay = $contacted . $button . '<td class="red">' . $row['companyname'] . '</td>';
}
//check if email has been submitted
if ($row['email'] !== ''){
$email = '<td><a href="mailto:' . $row['email'] . '">Email</a></td>';
}
else{
$email = '<td class="red">None</td>';
}
//display company details
echo $webdisplay;
echo '<td>' . $row['contactname'] . '</td>';
echo $email;
echo '<td>' . $row['town'] . '</td>';
echo '<td>' . $row['phone'] . '</td>';
echo '<td>' . $row['notes'] . '</td></tr>';
$companyfind = $row['id'];
}
我可以得到一个确认框来显示正确的值,但我无法更改隐藏值的值,这将起作用。我想这可能是因为表单在while循环中,表单应该在循环之外。我们将非常感谢您对此事的任何帮助。您正以相反的方式处理此问题,并且在前端暴露了太多不可篡改的信息。它还造成了大量不必要的冗余(冗余是程序员的死敌)。此任务不需要Javascript 您应该传递给浏览器的只是相关的公司信息,以填充单个表单;然后在提交后在PHP中构建适当的输出 搜索结果.php
echo "<form name=\"select_comp\" method=\"POST\" action=\"select_comp.php\">";
$search_sql = "
SELECT id FROM `company` WHERE `groups` = '$groups'
AND (`companyname` LIKE '%$search%'
OR `directurl` LIKE '%$search%'
OR `email` LIKE '%$search%'
OR `phone` LIKE '%$search%'
OR `groups` LIKE '%$search%'
OR `notes` LIKE '%$search%')";
$result = mysql_query($search_sql) or die(mysql_error());
while($row = mysql_fetch_array($result))
{
echo "<input type=\"checkbox\" name=\"id[{$row['id']}]\" value=\"1\"> {$row['company_name']}<br>";
// echo other company details
}
echo '
<input type="submit" value="C">
</form>';
// $_POST['id'] will contain an array of selected checkboxes
// implode array into a comma-separated list for use with MySQL IN operator
// escaping a string where the numbers have been tampered with will cause an error, but it will be safe from injection
$sql = "
SELECT * FROM `company` WHERE `id`
IN (" . mysql_real_escape_string(implode(',', $_POST['id'])) . ")";
$res = mysql_query($sql);
while($row = mysql_fetch_array($res)) {
switch ($row['id']) {
// first company
case '0':
// build styling here
break;
// second company
case '1':
// build more styling here
break;
// and so on
}
// output HTML with styling information computed above
}
但是,您真正应该做的是使用输入到数据库和/或由文件命名约定确定的值动态设置样式(当然,这涉及动态生成的样式规范的绝对验证)。感谢Voodoo417,我在上面添加了整个while循环,表单位于//按钮下,用于选择公司有几十个表单。是吗?是的,是的,其他的可以忽略他们只是改变背景颜色和更新数据库//选择公司的按钮是不使用javascript函数更改值的按钮。被要求显示整个while循环。感谢“我希望在提交后将签入PHP变量的项目传递给您”——为什么需要JavaScript?只需提交from,然后您就可以从服务器端获得值……没有javascript我该怎么做?我不需要检查项的值吗?Hanks recovering Nerdaholic对于您的答案,我现在用几个函数更改了我的脚本,这些函数的计算方式与我在这个问题中实现的不同。我同意我的脚本不是最佳实践,但它只是我自己使用的。感谢花费的时间和正确的方式完成这项任务,并帮助我了解未来的项目。再次感谢
// $_POST['id'] will contain an array of selected checkboxes
// implode array into a comma-separated list for use with MySQL IN operator
// escaping a string where the numbers have been tampered with will cause an error, but it will be safe from injection
$sql = "
SELECT * FROM `company` WHERE `id`
IN (" . mysql_real_escape_string(implode(',', $_POST['id'])) . ")";
$res = mysql_query($sql);
while($row = mysql_fetch_array($res)) {
switch ($row['id']) {
// first company
case '0':
// build styling here
break;
// second company
case '1':
// build more styling here
break;
// and so on
}
// output HTML with styling information computed above
}