JQuery似乎正在设置一个额外的$u POST值
我正在开发一个Wordpress插件。有多个表单元素,出于某种原因,每次我在一个表单上单击submit按钮时,它都会通知另一个表单进行提交。这很不方便,因为当我单击按钮保存新信息时,另一个表单会从数据库中删除第一行 Javascript:JQuery似乎正在设置一个额外的$u POST值,jquery,forms,post,wordpress,Jquery,Forms,Post,Wordpress,我正在开发一个Wordpress插件。有多个表单元素,出于某种原因,每次我在一个表单上单击submit按钮时,它都会通知另一个表单进行提交。这很不方便,因为当我单击按钮保存新信息时,另一个表单会从数据库中删除第一行 Javascript: //This is the Javascript that controls the remove all form. <script type="text/javascript" src="http://ajax.googleapis.com/ajax
//This is the Javascript that controls the remove all form.
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){
$('tr.assoc_row').show();
$('#settings-removed-msg').hide();
$('#formdeleteassoc').submit(function(e){
e.preventDefault(); //Works to prevent normal submission of the form.
$.ajax ({
type: 'POST',
url: '',
data: {remove_all: ''
},
success: function() {
$('#settings-removed-msg').fadeIn('fast'); //Working now
$('tr.assoc_row').fadeOut('fast'); //Working now
}
});
});
});
</script>
//这是控制remove all表单的Javascript。
$(文档).ready(函数(){
$('tr.assoc_row').show();
$(“#设置已删除消息”).hide();
$('#formdeleteassoc')。提交(函数(e){
e、 preventDefault();//用于阻止表单的正常提交。
$.ajax({
键入:“POST”,
url:“”,
数据:{全部删除:“”
},
成功:函数(){
$(“#设置已删除msg”).fadeIn('fast');//正在工作
$('tr.assoc_row').fadeOut('fast');//正在工作
}
});
});
});
HTML
<!-- This the the HTML and PHP that renders the options page in Wordpress. -->
<div class="wrap">
<?php screen_icon('plugins'); ?>
<h2>Tag to Category Associator</h2>
<div id="settings-removed-msg" class="updated"><p>Associations were successfully removed.</p></div>
<form action="<?php echo $_SERVER['PHP_SELF'].'?page=tag2cat-associator'; ?>" method="post">
<?php
settings_fields('cb_t2c_options');
do_settings_sections('tag2cat-associator');
?>
<input name="Submit" type="submit" value="Save Changes" />
</form></div>
标记到类别关联器
已成功删除关联
问题是由于在Wordpress中有两个设置字段作为注册设置。基本结构是:
function cb_t2c_admin_init() {
register_setting('cb_t2c_options', 'cb_t2c_options' /*'cv_t2c_validate_options'*/);
//Define sections and settings
add_settings_section(
//This defined the settings section.
);
add_settings_field(
//This defined the first setting, with a call to a function.
);
add_settings_field(
//This defined the unwanted setting.
);
}
我想用Wordpress实现的是在表单之外有一个部分,它将在一个简单的HTML表中向用户显示当前选择的选项。因此,我删除了第二个“add_settings_field”函数,获取其回调函数的内容,并将其放在绘制选项页面的函数末尾。例如:
//Draw the options page
function cb_t2c_plugin_options_page () {
$cb_t2c_remove_all_url = plugin_dir_url( _FILE_ ) . 'remove_all.php';
?>
<div class="wrap">
<?php screen_icon('plugins'); ?>
<h2>Title</h2>
<div id="new-assoc-msg" class="updated"><p>Data was successfully added.</p></div>
<form id="formsavesettings" name="save_settings" action="<?php echo $_SERVER['PHP_SELF'].'?page=the_options_page'; ?>" method="post">
<?php
settings_fields('cb_t2c_options');
do_settings_sections('section_name');
?>
<input name="Submit" type="submit" value="Save Changes" />
</form></div>
<?php
// Here is where I added the PHP code to show my table full of already selected values.
// This is accomplished with 1 settings section and 1 settings field.
// By previously putting the code in a settings field, I was telling Wordpress to pass along the values to the form.
};
//绘制选项页
功能cb_t2c_插件_选项_页面(){
$cb_t2c_remove_all_url=plugin_dir_url(_FILE_)。'remove_all.php';
?>
标题
已成功添加数据
您有SQL注入漏洞。能否更清楚地指定问题?每次单击时,都会设置$\u REQUEST['remove\u single'],并最终从表中删除一行。如果这是由于SQL注入漏洞造成的,我如何修复它?谢谢。
//Draw the options page
function cb_t2c_plugin_options_page () {
$cb_t2c_remove_all_url = plugin_dir_url( _FILE_ ) . 'remove_all.php';
?>
<div class="wrap">
<?php screen_icon('plugins'); ?>
<h2>Title</h2>
<div id="new-assoc-msg" class="updated"><p>Data was successfully added.</p></div>
<form id="formsavesettings" name="save_settings" action="<?php echo $_SERVER['PHP_SELF'].'?page=the_options_page'; ?>" method="post">
<?php
settings_fields('cb_t2c_options');
do_settings_sections('section_name');
?>
<input name="Submit" type="submit" value="Save Changes" />
</form></div>
<?php
// Here is where I added the PHP code to show my table full of already selected values.
// This is accomplished with 1 settings section and 1 settings field.
// By previously putting the code in a settings field, I was telling Wordpress to pass along the values to the form.
};