如何将变量从PHP传递到生成的JavaScript?
我正在从PHP脚本生成JavaScript,我需要能够将值直接复制到生成的JavaScript代码中 我的代码如下: PHP:如何将变量从PHP传递到生成的JavaScript?,php,jquery,mysql,ajax,Php,Jquery,Mysql,Ajax,我正在从PHP脚本生成JavaScript,我需要能够将值直接复制到生成的JavaScript代码中 我的代码如下: PHP: include "db-Info.php"; echo '<option value="">Please select item first...</option>'; $item = $_POST['itemId']; $query = mysqli_query($con, "SELECT id, item, price, pointReq
include "db-Info.php";
echo '<option value="">Please select item first...</option>';
$item = $_POST['itemId'];
$query = mysqli_query($con, "SELECT id, item, price, pointRequired FROM
tblprice WHERE item ='$item'");
$rowCount = $query->num_rows;
if($rowCount > 0) {
while($row = mysqli_fetch_array($query)){
$price = $row['price'];
$pointRequired = $row['pointRequired'];
echo "<option id='priceNew'>";
echo "Price : $price" ?> <?php echo "Point: $pointRequired";
echo "</option>";
}
if($item){
$price = $_POST[price];//shows undefined
$query1 = mysqli_query($con, "SELECT id FROM tblprice WHERE item
='$item'AND price ='$price'"); //it seems not picking up the same id with
the item I selected above
$rows = mysqli_fetch_array($query1);
$id = (string) reset($rows);
$barcodeNew = $id . $item;
echo $barcodeNew;
}
}
$(document).ready(function() {
$('#price-select').on('change', function(){
var price = $(this).val($price); // This is where $price needs to copy
if(price){
$.ajax({
type:'POST',
url: 'functions/pos-getPrice.php',
data: {price:price},
success:function(html){
alert(price);
}
})
}
})
})//THIS CODE BLOCK IS PROBLEM
问题是:
include "db-Info.php";
echo '<option value="">Please select item first...</option>';
$item = $_POST['itemId'];
$query = mysqli_query($con, "SELECT id, item, price, pointRequired FROM
tblprice WHERE item ='$item'");
$rowCount = $query->num_rows;
if($rowCount > 0) {
while($row = mysqli_fetch_array($query)){
$price = $row['price'];
$pointRequired = $row['pointRequired'];
echo "<option id='priceNew'>";
echo "Price : $price" ?> <?php echo "Point: $pointRequired";
echo "</option>";
}
if($item){
$price = $_POST[price];//shows undefined
$query1 = mysqli_query($con, "SELECT id FROM tblprice WHERE item
='$item'AND price ='$price'"); //it seems not picking up the same id with
the item I selected above
$rows = mysqli_fetch_array($query1);
$id = (string) reset($rows);
$barcodeNew = $id . $item;
echo $barcodeNew;
}
}
$(document).ready(function() {
$('#price-select').on('change', function(){
var price = $(this).val($price); // This is where $price needs to copy
if(price){
$.ajax({
type:'POST',
url: 'functions/pos-getPrice.php',
data: {price:price},
success:function(html){
alert(price);
}
})
}
})
})//THIS CODE BLOCK IS PROBLEM
$price=$\u POST[price]
产生一个未定义的值$price
复制到PHP脚本中,但它在我的脚本中逐字输出$price
而不是$price
中包含的值问题1:
include "db-Info.php";
echo '<option value="">Please select item first...</option>';
$item = $_POST['itemId'];
$query = mysqli_query($con, "SELECT id, item, price, pointRequired FROM
tblprice WHERE item ='$item'");
$rowCount = $query->num_rows;
if($rowCount > 0) {
while($row = mysqli_fetch_array($query)){
$price = $row['price'];
$pointRequired = $row['pointRequired'];
echo "<option id='priceNew'>";
echo "Price : $price" ?> <?php echo "Point: $pointRequired";
echo "</option>";
}
if($item){
$price = $_POST[price];//shows undefined
$query1 = mysqli_query($con, "SELECT id FROM tblprice WHERE item
='$item'AND price ='$price'"); //it seems not picking up the same id with
the item I selected above
$rows = mysqli_fetch_array($query1);
$id = (string) reset($rows);
$barcodeNew = $id . $item;
echo $barcodeNew;
}
}
$(document).ready(function() {
$('#price-select').on('change', function(){
var price = $(this).val($price); // This is where $price needs to copy
if(price){
$.ajax({
type:'POST',
url: 'functions/pos-getPrice.php',
data: {price:price},
success:function(html){
alert(price);
}
})
}
})
})//THIS CODE BLOCK IS PROBLEM
您需要将$\u POST[price]
更改为$\u POST['price']
,就像您刚才在上面所做的那样。如果不使用引号将其括起来,PHP将假定您正在尝试使用通过define()
定义的常量
问题2:
include "db-Info.php";
echo '<option value="">Please select item first...</option>';
$item = $_POST['itemId'];
$query = mysqli_query($con, "SELECT id, item, price, pointRequired FROM
tblprice WHERE item ='$item'");
$rowCount = $query->num_rows;
if($rowCount > 0) {
while($row = mysqli_fetch_array($query)){
$price = $row['price'];
$pointRequired = $row['pointRequired'];
echo "<option id='priceNew'>";
echo "Price : $price" ?> <?php echo "Point: $pointRequired";
echo "</option>";
}
if($item){
$price = $_POST[price];//shows undefined
$query1 = mysqli_query($con, "SELECT id FROM tblprice WHERE item
='$item'AND price ='$price'"); //it seems not picking up the same id with
the item I selected above
$rows = mysqli_fetch_array($query1);
$id = (string) reset($rows);
$barcodeNew = $id . $item;
echo $barcodeNew;
}
}
$(document).ready(function() {
$('#price-select').on('change', function(){
var price = $(this).val($price); // This is where $price needs to copy
if(price){
$.ajax({
type:'POST',
url: 'functions/pos-getPrice.php',
data: {price:price},
success:function(html){
alert(price);
}
})
}
})
})//THIS CODE BLOCK IS PROBLEM
如果您使用的是香草PHP,并且希望向脚本中注入变量,您可以这样做:
var price = ($this).val(<?php echo json_encode($price); ?>);
var price=($this).val();
当然,这假设JavaScript是从上面的PHP脚本生成的
您可以阅读文档以了解更多信息
您的代码中也存在巨大的安全漏洞:
include "db-Info.php";
echo '<option value="">Please select item first...</option>';
$item = $_POST['itemId'];
$query = mysqli_query($con, "SELECT id, item, price, pointRequired FROM
tblprice WHERE item ='$item'");
$rowCount = $query->num_rows;
if($rowCount > 0) {
while($row = mysqli_fetch_array($query)){
$price = $row['price'];
$pointRequired = $row['pointRequired'];
echo "<option id='priceNew'>";
echo "Price : $price" ?> <?php echo "Point: $pointRequired";
echo "</option>";
}
if($item){
$price = $_POST[price];//shows undefined
$query1 = mysqli_query($con, "SELECT id FROM tblprice WHERE item
='$item'AND price ='$price'"); //it seems not picking up the same id with
the item I selected above
$rows = mysqli_fetch_array($query1);
$id = (string) reset($rows);
$barcodeNew = $id . $item;
echo $barcodeNew;
}
}
$(document).ready(function() {
$('#price-select').on('change', function(){
var price = $(this).val($price); // This is where $price needs to copy
if(price){
$.ajax({
type:'POST',
url: 'functions/pos-getPrice.php',
data: {price:price},
success:function(html){
alert(price);
}
})
}
})
})//THIS CODE BLOCK IS PROBLEM
目前,您的脚本直接从用户请求中获取数据,并将其放入SQL查询中。这可能导致SQL注入攻击。不太好
可以找到关于这个主题的官方PHP文档
建议:
include "db-Info.php";
echo '<option value="">Please select item first...</option>';
$item = $_POST['itemId'];
$query = mysqli_query($con, "SELECT id, item, price, pointRequired FROM
tblprice WHERE item ='$item'");
$rowCount = $query->num_rows;
if($rowCount > 0) {
while($row = mysqli_fetch_array($query)){
$price = $row['price'];
$pointRequired = $row['pointRequired'];
echo "<option id='priceNew'>";
echo "Price : $price" ?> <?php echo "Point: $pointRequired";
echo "</option>";
}
if($item){
$price = $_POST[price];//shows undefined
$query1 = mysqli_query($con, "SELECT id FROM tblprice WHERE item
='$item'AND price ='$price'"); //it seems not picking up the same id with
the item I selected above
$rows = mysqli_fetch_array($query1);
$id = (string) reset($rows);
$barcodeNew = $id . $item;
echo $barcodeNew;
}
}
$(document).ready(function() {
$('#price-select').on('change', function(){
var price = $(this).val($price); // This is where $price needs to copy
if(price){
$.ajax({
type:'POST',
url: 'functions/pos-getPrice.php',
data: {price:price},
success:function(html){
alert(price);
}
})
}
})
})//THIS CODE BLOCK IS PROBLEM
首先,我注意到你在全球范围内做一切事情。我强烈建议您学习如何将代码封装在类和函数中;这将使维护和测试变得更加容易
可以让您走上正确道路的好东西有:
- PHP面向对象编程(OOP)
- PHP标准建议(PSR)
- PHP编写器
祝你好运。你能不能在打开jqery的情况下,在页面上回显该值
var foo=
我尝试并测试了警报,但它显示了代码本身“我不知道为什么”