Javascript 获取请求未加载PHP脚本
每当用户从“分配给组”选项列表中进行新选择时,我都会尝试更新我的“分配给用户”选项列表。我在使用ajax函数执行此操作时遇到问题,但这不起作用,所以我尝试使用此获取方法。我可能只是不正确地使用了它,但在这两种方法中,它都没有真正尝试重定向到ticket_details.php页面(调用它的是同一个页面)。我已经验证了这一点,因为我让它在加载页面时回显警报。当第一次进入页面或按下表单上的submit按钮时(当前不做任何事情),警报将熄灭,因此我知道每当加载页面时,警报都会响起。我不知道这是否是我的代码的问题,或者我缺少一些设置,或者xxamp不喜欢它 另外,我知道SQL很容易受到注入的攻击,稍后我将把它改成更安全的Javascript 获取请求未加载PHP脚本,javascript,php,ajax,post,fetch,Javascript,Php,Ajax,Post,Fetch,每当用户从“分配给组”选项列表中进行新选择时,我都会尝试更新我的“分配给用户”选项列表。我在使用ajax函数执行此操作时遇到问题,但这不起作用,所以我尝试使用此获取方法。我可能只是不正确地使用了它,但在这两种方法中,它都没有真正尝试重定向到ticket_details.php页面(调用它的是同一个页面)。我已经验证了这一点,因为我让它在加载页面时回显警报。当第一次进入页面或按下表单上的submit按钮时(当前不做任何事情),警报将熄灭,因此我知道每当加载页面时,警报都会响起。我不知道这是否是我的
<?php
include('classes/class.User.php');
include('classes/class.Role.php');
include('classes/class.User_Role.php');
include('constants.php');
session_start();
?>
<html>
<head>
<link href="style.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
<?php
if(isset($_POST['submit']) or isset($_POST['submit_new_comment']) or isset($_POST['submit_update_ticket']) or isset($_POST['update_assigned_group'])){
echo ("<script>
function onChangeAssignedGroup() {
var new_assigned_to_role_id = document.getElementById('option_list_assigned_to_role_id').value;
document.getElementById('assignedGroupId').innerHTML = 'You selected: ' + new_assigned_to_role_id;
//alert(new_assigned_to_role_id);
var data = new URLSearchParams();
data.append('ticket_id','".$_POST['ticket_id']."');
data.append('creator_user_id','".$_POST['creator_user_id']."');
data.append('creator_user_name','".$_POST['creator_user_name']."');
data.append('status','".$_POST['status']."');
data.append('priority','".$_POST['priority']."');
data.append('title','".$_POST['title']."');
data.append('assigned_to_role_id',new_assigned_to_role_id);
data.append('assigned_to_role_name','');
data.append('assigned_to_user_id','".$_POST['assigned_to_user_id']."');
data.append('assigned_to_user_name','".$_POST['assigned_to_user_name']."');
data.append('update_assigned_group','".$_POST['update_assigned_group']."');
fetch('ticket_details.php', {
headers: {
'Content-Type': 'application/json',
'Accept': 'application/json'
},
method: 'post',
body: data
})
.then(function (response) {
return response.text();
})
.then(function (text) {
console.log(text);
})
.catch(function (error) {
console.log(error)
});
return false;
}
</script>");
}
?>
</head>
<body>
<p><a href="ticket_overview.php">Return to Tickets</a></p>
<?php
if(isset($_POST['submit']) or isset($_POST['submit_new_comment']) or isset($_POST['submit_update_ticket']) or isset($_POST['update_assigned_group'])){
echo '<script>alert("Visiting this page")</script>';
$ticket_id = $_POST['ticket_id'];
$creator_user_id = $_POST['creator_user_id'];
$creator_user_name = $_POST['creator_user_name'];
$status = $_POST['status'];
$priority = $_POST['priority'];
$title = $_POST['title'];
$assigned_to_role_id = $_POST['assigned_to_role_id'];
$assigned_to_role_name = $_POST['assigned_to_role_name'];
$assigned_to_user_id = $_POST['assigned_to_user_id'];
$assigned_to_user_name = $_POST['assigned_to_user_name'];
//connect to database
include("database_connection.php");
//handle update to ticket
if(isset($_POST['submit_update_ticket'])){
$update = $mysqli->query("UPDATE `ticket` SET `status` = '$status', `priority` = '$priority',
`assigned_to_role_id` = '$assigned_to_role_id', `assigned_to_role_name` = '$assigned_to_role_name',
`assigned_to_user_id` = '$assigned_to_user_id', `assigned_to_user_name` = '$assigned_to_user_name'
WHERE `ticket`.`id` = $ticket_id");
if(!$update){
echo"<p>".$mysqli->error."</p>";
}
}
//handle new comment
if(isset($_POST['submit_new_comment'])){
$new_comment = $_POST['new_comment'];
$current_id = $_SESSION['user']->getId();
$current_username = $_SESSION['user']->getUsername();
//sanitize data
$new_comment = $mysqli->real_escape_string($new_comment);
unset($_POST['submit_new_comment']);
//insert new comment into database.
$insert = $mysqli->query("INSERT INTO ticket_comment (ticket_id, user_id, user_name, text) VALUES ('$ticket_id', '$current_id', '$current_username', '$new_comment')");
if(!$insert){
echo"<p>".$mysqli->error."</p>";
}
}
//include arrays for converting values returned
include("value_maps.php");
if(isset($_POST['update_assigned_group'])){
echo "<p>update_assigned_group: active</p>";
unset($_POST['update_assigned_group']);
} else {
echo "<p>update_assigned_group: not active</p>";
}
echo "<p id='assignedGroupId'></p>";
echo "<p>role id:".$assigned_to_role_id."</p>";
echo "<p>role name:".$assigned_to_role_name."</p>";
echo "<p>user id:".$assigned_to_user_id."</p>";
echo "<p>user name:".$assigned_to_user_name."</p>";
if(in_array($assigned_to_role_id,$_SESSION['user']->getRoles())){
echo "<p>you have this role.</p>";
} else {
echo "<p>you don't have this role.</p>";
}
print_r($_SESSION['user']->getRoles());
echo"
<form action='' method='post'>
<input type='hidden' name='ticket_id' value='$ticket_id'>
<input type='hidden' name='creator_user_id' value='$creator_user_id'>
<input type='hidden' name='creator_user_name' value='$creator_user_name'>
<input type='hidden' name='title' value='$title'>
<input type='hidden' name='assigned_to_role_id' value='$assigned_to_role_id'>
<input type='hidden' name='assigned_to_role_name' value='$assigned_to_role_name'>
<input type='hidden' name='assigned_to_user_id' value='$assigned_to_user_id'>
<input type='hidden' name='assigned_to_user_name' value='$assigned_to_user_name'>
<table border='0' align='center' cellpadding='5'>
<tr>
<th>Ticket ID</th>
<th>Title</th>
<th>Status</th>
<th>Priority</th>
<th>Assigned To Group</th>
<th>Assigned To User</th>
</tr>
<tr>
<td>$ticket_id</td>
<td>$title</td>";
if(in_array($assigned_to_role_id,$_SESSION['user']->getRoles()) or in_array(ROLE_ID_ADMIN,$_SESSION['user']->getRoles())){
echo "<td><select name='status'>";
$status_index = 0;
foreach($status_array as $status_choice){
if($status == $status_index){
echo "<option value='". $status_index."' selected>". $status_choice ."</option>";
} else {
echo "<option value='". $status_index."'>". $status_choice ."</option>";
}
$status_index++;
}
echo "</select></th>";
echo "<td><select name='priority'>";
$priority_index = 0;
foreach($priority_array as $priority_choice){
if($priority == $priority_index){
echo "<option value='". $priority_index."' selected>". $priority_choice ."</option>";
} else {
echo "<option value='". $priority_index."'>". $priority_choice ."</option>";
}
$priority_index++;
}
echo "</select></th>";
} else {
echo "<td>".$status_array[$status]."</th>";
echo "<td>".$priority_array[$priority]."</th>";
}
if(in_array(ROLE_ID_ADMIN,$_SESSION['user']->getRoles())){
echo "<td><select id='option_list_assigned_to_role_id' name='assigned_to_role' onchange='onChangeAssignedGroup()'>";
echo "<option value='0'></option>";
foreach($_SESSION['roles'] as $assigned_to_role_choice){
if($assigned_to_role_id == $assigned_to_role_choice->getId()){
echo "<option value='". $assigned_to_role_choice->getId()."' selected>". $assigned_to_role_choice->getName() ."</option>";
} else {
echo "<option value='". $assigned_to_role_choice->getId()."'>". $assigned_to_role_choice->getName() ."</option>";
}
}
echo "</select></td>";
echo "<td><select name='assigned_to_user'>";
echo "<option value='0'></option>";
foreach($_SESSION['user_roles'] as $assigned_to_user_choice){
if($assigned_to_role_id == $assigned_to_user_choice->getRole_id()){
if($assigned_to_user_id == $assigned_to_user_choice->getUser_id){
echo "<option value='". $assigned_to_user_choice->getUser_id."' selected>". $assigned_to_user_choice->getUsername() ."</option>";
} else {
echo "<option value='". $assigned_to_user_choice->getUser_id."'>". $assigned_to_user_choice->getUsername() ."</option>";
}
} /*else {
echo "<option value='0'>".$assigned_to_role_id . " != " .$assigned_to_user_choice->getRole_id()."</option>";
}*/
}
echo "</select></td>";
} else {
echo "<td>$assigned_to_role_name</td>";
echo "<td>$assigned_to_user_name</td>";
}
echo"
</tr>
<tr>
<td colspan='5'></td>
<td><input type='submit' name='submit_update_ticket' value='Update Ticket Details' required></td>
</tr>
</table>
</form>
";
//get back ticket details
$results = $mysqli->query("SELECT `id`,`ticket_id`,`user_id`,`user_name`,`text`,`create_date`,`modify_date` FROM `ticket_comment` WHERE `ticket_id` = ".$ticket_id." ORDER BY `create_date`");
//if insert was successful
if($results){
//header('location:registration_email_sent.php');
if ($results->num_rows > 0){
echo "
<table border='0' align='center' cellpadding='5'>
<tr>
<th>Username</th>
<th>Comment</th>
</tr>
";
while($row = $results->fetch_row()){
echo"
<tr>
<td>".$row[3].": </td>
<td>".$row[4]."</td>
</tr>";
}
} else {
echo "<p>No comments found. </p>";
}
}
$mysqli->close();
echo"
<form method='post' action=''>
<input type='hidden' name='ticket_id' value='$ticket_id'>
<input type='hidden' name='creator_user_id' value='$creator_user_id'>
<input type='hidden' name='creator_user_name' value='$creator_user_name'>
<input type='hidden' name='status' value='$status'>
<input type='hidden' name='priority' value='$priority'>
<input type='hidden' name='title' value='$title'>
<input type='hidden' name='assigned_to_role_id' value='$assigned_to_role_id'>
<input type='hidden' name='assigned_to_role_name' value='$assigned_to_role_name'>
<input type='hidden' name='assigned_to_user_id' value='$assigned_to_user_id'>
<input type='hidden' name='assigned_to_user_name' value='$assigned_to_user_name'>
<table border='0' align='center' cellpadding='5'>
<tr>
<th>New Comment</th>
<th><input type='submit' name='submit_new_comment' value='Post New Comment'></th>
</tr>
<tr>
<td colspan='2'><textarea name='new_comment' rows='10' cols='30' placeholder='New Comment Here' required></textarea></td>
</tr>
</table>
</form>
";
}
?>
</body>
</html>