Javascript uery=“从事件中选择*,其中towns\u id=$town\u id”$查询类型。“和日期>=”$date';你能看到错误吗?你不需要使用date()函数,MySQL将自动转换。非常好,谢谢!一个问题:为什么要将$u POST[…]替换为$u REQ
Javascript uery=“从事件中选择*,其中towns\u id=$town\u id”$查询类型。“和日期>=”$date';你能看到错误吗?你不需要使用date()函数,MySQL将自动转换。非常好,谢谢!一个问题:为什么要将$u POST[…]替换为$u REQ,javascript,php,jquery,ajax,Javascript,Php,Jquery,Ajax,uery=“从事件中选择*,其中towns\u id=$town\u id”$查询类型。“和日期>=”$date';你能看到错误吗?你不需要使用date()函数,MySQL将自动转换。非常好,谢谢!一个问题:为什么要将$u POST[…]替换为$u REQUEST[…]?使用后者有什么好处?我很乐意$\u REQUEST是$\u POST和$\u GET的组合,因此便于调试。您可以浏览到eghttp://www.example.com/system/live_filter.php?town_id
uery=“从事件中选择*,其中towns\u id=$town\u id”$查询类型。“和日期>=”$date';你能看到错误吗?你不需要使用
date()
函数,MySQL将自动转换。非常好,谢谢!一个问题:为什么要将$u POST[…]替换为$u REQUEST[…]?使用后者有什么好处?我很乐意$\u REQUEST
是$\u POST
和$\u GET
的组合,因此便于调试。您可以浏览到eghttp://www.example.com/system/live_filter.php?town_id=1&value_type=something&value_date=2013-01-01
并直接在浏览器中查看脚本的输出。由于可以跳过AJAX步骤,因此调试更容易。有一种学派认为POST更安全,因为它使csrf攻击稍微困难一些。调试完成后,我倾向于同意并调回$\u POST
。
<div id="results">
<script type="text/javascript">
// 1. When user comes on page from homepage, results will be fetched with ajax
function updateResults() {
// 2. Create array with values of all filter fields
var value_town_id = $('#town_id').val();
var value_type = $('#filter_type').val();
var value_date = $('#filter_date').val();
var array_filter_values = new Array(value_town_id, value_type, value_date);
array_filter_values.join(', ');
query_value = array_filter_values;
// 3. Start ajax
$.ajax({
type: "POST",
url: "system/live_filter.php",
data: { query: query_value },
cache: false,
success: function(html){
$("#results").html(html);
}
});
};
// 4. FIRE FUNCTION!
updateResults();
</script>
</div>
require_once 'db.php';
// Define Output HTML Formating
$html = '';
$html .= '<div class="event">';
$html .= '<h3>titleString</h3>';
$html .= '<p>typeString</p>';
$html .= '<p>dateString</p>';
$html .= '</div>';
// Get values
$values_string = $_POST['query'];
// Explode to array
$values_array = explode(',', $values_string);
$town_id = $values_array[0];
$type = $values_array[1];
$date = $values_array[2];
// Prepare values for database results query
$town_id = $db->real_escape_string($town_id);
$type = $db->real_escape_string($type);
$date = $db->real_escape_string($date);
// Build Query
$query = "SELECT * FROM events WHERE towns_id=$town_id AND type='$type' AND date>=$date";
// Do Search
$results = $db->query($query);
while($result = $results->fetch_assoc()) {
// Format Output Strings And Hightlight Matches
$display_title = $result['title'];
$display_type = $result['type'];
$display_date = $result['date'];
// Insert title
$output = str_replace('titleString', $display_title, $html);
// Insert type
$output = str_replace('typeString', $display_type, $output);
// Insert date
$output = str_replace('dateString', $display_date, $output);
// Output
echo($output);
}
$query = "SELECT *
FROM events
WHERE towns_id=$town_id AND type='$type' AND date>='$date'";
$results = $db->query($query) or die($db->error);
data: { id: value_town_id, type: value_type, date: value_date }
php -l file.php
array_filter_values.join(', ');
query_value = array_filter_values;
query_value =array_filter_values.join(', ');
SELECT * FROM events WHERE towns_id = AND type='$type' AND date>='$date'
SELECT * FROM events WHERE towns_id = '$town_id' AND type='$type' AND date>='$date'
function updateResults() {
query = {"town_id": $('#town_id').val(),
"value_type": $('#filter_type').val(),
"value_date": $('#filter_date').val()
}
$.ajax({
type: "POST",
url: "system/live_filter.php",
data: query,
cache: false,
success: function(html){
$("#results").html(html);
}
});
};
require_once 'db.php';
// Define Output HTML Formating
$html = '';
$html .= '<div class="event">';
$html .= '<h3>titleString</h3>';
$html .= '<p>typeString</p>';
$html .= '<p>dateString</p>';
$html .= '</div>';
$town_id = $_REQUEST['town_id'];
$type = $_REQUEST['value_type'];
$date = $_REQUEST['value_date'];
// Prepare values for database results query
$town_id = $db->real_escape_string($town_id);
$type = $db->real_escape_string($type);
$date = $db->real_escape_string($date);
// Build Query
$query = "SELECT * FROM events WHERE towns_id='$town_id' AND type='$type' AND date>='$date'";
/*Should it definitely be towns_id and not town_id?*/
// Do Search
$results = $db->query($query);
while($result = $results->fetch_assoc()) {
// Insert title
$output = str_replace('titleString', $result['title'], $html);
// Insert type
$output = str_replace('typeString', $result['type'], $output);
// Insert date
$output = str_replace('dateString', $result['date'], $output);
// Output
echo($output);
}
require_once 'db.php';
$town_id = $db->real_escape_string($_REQUEST['town_id']);
$type = $db->real_escape_string($_REQUEST['value_type']);
$date = $db->real_escape_string($_REQUEST['value_date']);
$query = "SELECT * FROM events WHERE towns_id='$town_id' AND type='$type' AND date>='$date'";
$results = $db->query($query);
while($result = $results->fetch_assoc()) {
$html = '<div class="event">';
$html .= '<h3>{$result['title']}</h3>';
$html .= '<p>{$result['type']}</p>';
$html .= '<p>{$result['date']}</p>';
$html .= '</div>';
echo $html;
}
require_once 'db.php';
$town_id = $db->real_escape_string($_REQUEST['town_id']);
$type = $db->real_escape_string($_REQUEST['value_type']);
$date = $db->real_escape_string($_REQUEST['value_date']);
$query = "SELECT * FROM events WHERE towns_id=$town_id AND type='$type' AND date>=$date";
echo $query;