如何在同一html页面上显示PHP
我有一个HTML表单,可以使用PHP搜索MySQL数据库。运行PHP代码后,我在另一个页面上获得搜索结果。我想在表单旁边的表格中获取搜索结果。代码如下: HTML:如何在同一html页面上显示PHP,php,html,mysql,mysqli,Php,Html,Mysql,Mysqli,我有一个HTML表单,可以使用PHP搜索MySQL数据库。运行PHP代码后,我在另一个页面上获得搜索结果。我想在表单旁边的表格中获取搜索结果。代码如下: HTML: <form name="select"action="select.php" method="post"> Name: <input type="submit" name="sub"> </form> 姓名: PHP: $name=$\u POST['name']; $sql=“从数
<form name="select"action="select.php" method="post">
Name:
<input type="submit" name="sub">
</form>
姓名:
PHP:
$name=$\u POST['name'];
$sql=“从数据库中选择*,其中name='$name';
if($result=mysqli_查询($conn,$sql)){
如果(mysqli_num_rows($result)>0){
echo”“;//塔贝伦
echo“最简单的选择是在同一页面上使用处理搜索请求的php代码并删除表单操作
也就是说,由于SQL语句中嵌入了变量,您的代码容易受到SQL注入的影响。当您使用mysqli
时,您应该能够轻松地将其转换为使用准备好的语句,如:
例如:
if( $_SERVER['REQUEST_METHOD']=='POST' && !empty( $_POST['name'] ) ) {
$name = $_POST['name'];
/*
Better to select specific fields rather than all fields,
then bind those to specific result variables.
*/
$sql='select `email`,`name`,`nbr` from `db` where `name`=?';
$stmt=$con->prepare( $sql );
if( $stmt ){
$stmt->bind_param( 's', $name );
$result=$stmt->execute();
if( $result && $stmt->num_rows > 0 ){
$stmt->store_result();
$stmt->bind_result( $email, $name, $nbr );
echo '<table>
<tr>
<th>Email</th>
<th>Name</th>
<th>nbr</th>
</tr>';
while( $stmt->fetch() ){
printf('
<tr>
<td>%s</td>
<td>%s</td>
<td>%s</td>
</tr>', $email, $name, $nbr );
}
echo '</table>';
}
}
}
search.php
姓名:
使用ajax发送请求,并在收到响应或将表单操作设置为同一页面时操作dom,并将PHP代码放在同一页面中尝试使用ajax调用或$.load()进行操作通过jquery,这些链接应该能够帮助| |您的html无效-您有ajax或将整个代码放在同一文件/页面中,并将操作设置为self。
if( $_SERVER['REQUEST_METHOD']=='POST' && !empty( $_POST['name'] ) ) {
$name = $_POST['name'];
/*
Better to select specific fields rather than all fields,
then bind those to specific result variables.
*/
$sql='select `email`,`name`,`nbr` from `db` where `name`=?';
$stmt=$con->prepare( $sql );
if( $stmt ){
$stmt->bind_param( 's', $name );
$result=$stmt->execute();
if( $result && $stmt->num_rows > 0 ){
$stmt->store_result();
$stmt->bind_result( $email, $name, $nbr );
echo '<table>
<tr>
<th>Email</th>
<th>Name</th>
<th>nbr</th>
</tr>';
while( $stmt->fetch() ){
printf('
<tr>
<td>%s</td>
<td>%s</td>
<td>%s</td>
</tr>', $email, $name, $nbr );
}
echo '</table>';
}
}
}
document.querySelector('sub').onclick=function(event){
event.preventDefault()
var _callback=function(r){
document.querySelector('form[name="select"]').insertAdjacentHTML('afterend',r);
}
var xhr=new XMLHttpRequest();
xhr.onreadystatechange=function(){
if( this.status==200 && this.readyState==4 )_callback.call( this, this.response );
}
xhr.open( 'POST', 'select.php', true );
xhr.setRequestHeader('Content-Type','application/x-www-form-urlencoded');
xhr.send( 'name='+document.querySelector('name').value );
}
search.php
<form name="select" action="" method="post">
Name:
<input type="submit" name="sub">
</form>
<?php
if(isset($_POST['sub'])){
$name = $_POST['name'];
$sql = "SELECT * FROM db where name ='$name'";
if($result = mysqli_query($conn, $sql)){
if(mysqli_num_rows($result) > 0){
echo "<table>";
echo "<table border=1">;
echo "<tr>";
echo "<th>Email</th>";
echo "<th>Name</th>";
echo "<th>nbr</th>";
echo "</tr>";
while($row = mysqli_fetch_array($result)){
echo "<tr>";
echo "<td>" . $row['email'] . "</td>";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['nbr'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_free_result($result);
}
?>