将php变量传递到javascript函数
我试图将一个从连接查询中获得的php值传递给javascript函数。javascript函数将打开一个新窗口,并根据传递的值显示一些数据。我的查询工作正常,但php值没有传递给JS函数将php变量传递到javascript函数,php,javascript,Php,Javascript,我试图将一个从连接查询中获得的php值传递给javascript函数。javascript函数将打开一个新窗口,并根据传递的值显示一些数据。我的查询工作正常,但php值没有传递给JS函数 <?php include("includes/header.php"); $search = $_POST['search']; $sql= "my query1.."; $sql2= "my query2"; $result
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
<script type="text/javascript">
function product(var) {
window.open( "view_product_info.php?var", "myWindow",
"status = 1, height = 300, width = 300, resizable = 0" )
}
</script>
\\ the line where i am trying to pass the php varibale
echo '<td align="center" ><a href="javascript:product('.$product_id.');"> <br/> '.$row['product_name'].'</a></td>';
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
函数积(var){
window.open(“view\u product\u info.php?var”、“myWindow”,
“状态=1,高度=300,宽度=300,可调整大小=0”)
}
\\我试图通过php varibale的线路
回声';
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
<script type="text/javascript">
<!--
function product(var) {
window.open( "view_product_info.php?id", "myWindow",
"status = 1, height = 300, width = 300, resizable = 0" )
}
function company() {
window.open( "index.php", "myWindow",
"status = 1, height = 300, width = 300, resizable = 0" )
}
function category() {
window.open( "index.php", "myWindow",
"status = 1, height = 300, width = 300, resizable = 0" )
}
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
“>
”
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
echo'
.$row['company_name'].';
回显“
”。$row['category_name']”;
$number=$number+1;
}回声';
回声';
回声';
}
否则{
回显“未找到数据”;
//echo mysql_error();
}
}
}
?>
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
<?php
echo '<td align="center" ><a href="javascript:product(\''.$product_id.'\');">
<br/> '.$row['product_name'].'</a></td>';
?>
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
var pid = '<?= $product_id ?>'; // then call product(pid)
etc...
var-pid='';//然后调用产品(pid)
等
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
<?php
...
// php stuff
...
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
<br/>'<?= $row['product_name']?>'</a></td>';
echo '<td align="center"><a href="javascript:company()" ><br/> '.$row['company_name'].'</td>';
echo '<td align="center"><a href="javascript:category()" ><br/> '.$row['category_name'].'</td>';
$number=$number+1;
}echo '</tr>';
echo'</table>';
echo'</center>';
试试这个:
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
...
...
</script>
\\ the line where i am trying to pass the php varibale
<?php
echo '<td align="center" ><a href="javascript:product('.$product_id.');"> <br/> '.$row['product_name'].'</a></td>';
?>
。。。
...
\\我试图通过php varibale的线路
在执行此操作时需要小心,因为在许多情况下,这可能会让黑客接管您的服务器
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
正确的方法是使用json\u encode
和htmlspecialchars
。两种方法都失败会带来安全风险。请阅读每种方法的文档,了解它们的作用
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
以下是正确且安全的方法:
<?php include("includes/header.php");
$search = $_POST['search'];
$sql= "my query1..";
$sql2= "my query2";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
if($result) {
echo '<center>';
echo '<table cellpadding="0" cellspacing="0" border="1" width="100%">';
echo '<tr><th>Sr No.</th><th>Product Name</th><th>Company Name</th> <th>Category</th></tr>';
$number=1;
while ($row = mysql_fetch_array($result)){
$row2 = mysql_fetch_array($result2);
echo $product_id=$row2[product_id];
echo '<tr> ';
echo '<td align="center" >'.$number.'</td>';
echo '<td align="center" ><a href="javascript:product('<?= $product_id?>')">
$escaped_product_id = htmlspecialchars(json_encode($product_id));
$escaped_product_name = htmlspecialchars($row['product_name']);
echo '<td align="center" ><a href="javascript:product('.$escaped_product_id.');"> <br/> '.$escaped_product_name.'</a></td>';
$escaped_product_id=htmlspecialchars(json_encode($product_id));
$escaped_product_name=htmlspecialchars($row['product_name');
回声';
呈现的HTML显示了什么?谢谢..但它仍然不起作用。firebug显示了以下错误:SyntaxError:缺少形式参数函数product(var){@SmithSmithy,但为什么要复制我的答案???@MarFar您尝试了哪种方法?我已经尝试了我的方法。只需要更改引号。我已经尝试了第一种方法