您可以使它几乎一样快,这取决于您对优化的容忍度。您可以使用缓存未修改的模板客户端,只需使用模板内容的哈希作为其标识键,以便在服务器上更改模板时自动刷新。如果随后将密钥发送到服务器,并且密钥匹配,则不需要在响应主体中提供模板,因为客户端已经有了正确的模板。如果后端上的模板哈希不同,则提供新的哈希,取消该模板的存储缓存,并用新的哈希替换键和值。这将使得模板主体(几乎可以肯定是响应中最长的部分)只需要在进行更改时发送。您需要将这些值注入到静态模板clientside中,这样做,并且仍然需要在每次请求时从服务器获取这些值。在后端,您不希望执行单独的SELECT语句。如果插入查询成功,您希望将值存储在数组中并返回这些值,例如: <?php // List of keys that MUST be present for the query to succeed. Don't bother calling the db if any of these did not come in the request. $expected_keys = [ 'id_user', 'title', 'content' // add whatever else has to be passed ]; // key/val for db insert $vals = []; try { // verify expected keys are provided foreach ( $expected_keys as $k => $expected ) { if !(array_key_exists ( $expected, $_POST ) ) { // not a valid post, return an error throw new \InvalidArgumentException( sprintf( 'Expected field [%1$s] was not provided. ', $expected ) ); } // retain the field in $vals for insert $vals[ $expected ] = $_POST[$expected]; } $dsn = "mysql:host=localhost;dbname=myDatabase;charset=utf8mb4"; $options = [ \PDO::ATTR_EMULATE_PREPARES => false, \PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION, \PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC ]; $pdo = new \PDO($dsn, "username", "password", $options); $stmt = $pdo->prepare( 'INSERT INTO `myTable` ( `:' . implode( '`, `:', array_keys( $vals ) ) . '` ) VALUES (' . implode( '", ":', $vals ) . ');' ); $stmt->execute( $vals ); $stmt = null; } // User error catch \InvalidArgumentException $e { // return 400 Bad Request and $e->getMessage() as the error message } // Server error catch \Exception $e { // log or whatever and return a 500 error } // return success with whatever you need to send back from $vals or $_POST
实现这一点有几种方法,每种方法都需要权衡 实现这一点的最简单方法是按照上面Nico的回答,用javascript保留用户输入。这种方法的优点是,它很容易完成并继续解决其他问题,由于这种简单性,很少有运动部件被误用。这种方法的主要缺点是,它意味着前端对后端逻辑处理数据时发生的情况进行盲目的假设,这就有可能向用户错误地告知如果后端无声地失败会发生什么,而这种错误通常很难被发现,直到它咬到某人并引起他们的抱怨。这可能是简单用例的最佳答案,但如果您打算扩展它或引入显著的复杂性,那么出现bug的可能性很高,应该予以替换 根据你给出的例子,你似乎已经在这个思维框架上了。因此,为了解决您的每一个问题,首先,我想说的是,兼容性最好的解决方法是一般无偏见。这适用于用于一般消费的库,但不一定适用于私人项目或内部业务逻辑,后者需要意见来执行特定的预期结果。关于兼容性的主要警告是,前端处理模板的频率至少与后端相同。在某些情况下,它可以在ReactJS或Angular中完成,也可以在后端通过Twig或任何其他方式完成。如果您想要广泛的兼容性,那么它应该有一些配置,以确定是以原始格式传递响应,还是随附模板。对于私有业务逻辑或您正在构建的具有特定目的的应用程序,基本点是实现特定的结果,最好使用系统的现有模板结构,或者选择一个并坚持它,这样您就可以专注于最终目标,而不会分心。但无论哪种方式,github库作者和应用程序开发人员都可能以完全不同的方式解决相同的问题,而且他们都没有错 在安全方面。若用户输入被输出、输入到模板内容或存储在数据库中,则单个方法大多是任意的,只要您涵盖这些基础 就速度而言,javascript-DOM选项总是最快的。然而,您可以使它几乎一样快,这取决于您对优化的容忍度。您可以使用缓存未修改的模板客户端,只需使用模板内容的哈希作为其标识键,以便在服务器上更改模板时自动刷新。如果随后将密钥发送到服务器,并且密钥匹配,则不需要在响应主体中提供模板,因为客户端已经有了正确的模板。如果后端上的模板哈希不同,则提供新的哈希,取消该模板的存储缓存,并用新的哈希替换键和值。这将使得模板主体(几乎可以肯定是响应中最长的部分)只需要在进行更改时发送。您需要将这些值注入到静态模板clientside中,这样做,并且仍然需要在每次请求时从服务器获取这些值。在后端,您不希望执行单独的您可以使它几乎一样快,这取决于您对优化的容忍度。您可以使用缓存未修改的模板客户端,只需使用模板内容的哈希作为其标识键,以便在服务器上更改模板时自动刷新。如果随后将密钥发送到服务器,并且密钥匹配,则不需要在响应主体中提供模板,因为客户端已经有了正确的模板。如果后端上的模板哈希不同,则提供新的哈希,取消该模板的存储缓存,并用新的哈希替换键和值。这将使得模板主体(几乎可以肯定是响应中最长的部分)只需要在进行更改时发送。您需要将这些值注入到静态模板clientside中,这样做,并且仍然需要在每次请求时从服务器获取这些值。在后端,您不希望执行单独的SELECT语句。如果插入查询成功,您希望将值存储在数组中并返回这些值,例如: <?php // List of keys that MUST be present for the query to succeed. Don't bother calling the db if any of these did not come in the request. $expected_keys = [ 'id_user', 'title', 'content' // add whatever else has to be passed ]; // key/val for db insert $vals = []; try { // verify expected keys are provided foreach ( $expected_keys as $k => $expected ) { if !(array_key_exists ( $expected, $_POST ) ) { // not a valid post, return an error throw new \InvalidArgumentException( sprintf( 'Expected field [%1$s] was not provided. ', $expected ) ); } // retain the field in $vals for insert $vals[ $expected ] = $_POST[$expected]; } $dsn = "mysql:host=localhost;dbname=myDatabase;charset=utf8mb4"; $options = [ \PDO::ATTR_EMULATE_PREPARES => false, \PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION, \PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC ]; $pdo = new \PDO($dsn, "username", "password", $options); $stmt = $pdo->prepare( 'INSERT INTO `myTable` ( `:' . implode( '`, `:', array_keys( $vals ) ) . '` ) VALUES (' . implode( '", ":', $vals ) . ');' ); $stmt->execute( $vals ); $stmt = null; } // User error catch \InvalidArgumentException $e { // return 400 Bad Request and $e->getMessage() as the error message } // Server error catch \Exception $e { // log or whatever and return a 500 error } // return success with whatever you need to send back from $vals or $_POST,php,jquery,ajax,json,Php,Jquery,Ajax,Json,实现这一点有几种方法,每种方法都需要权衡 实现这一点的最简单方法是按照上面Nico的回答,用javascript保留用户输入。这种方法的优点是,它很容易完成并继续解决其他问题,由于这种简单性,很少有运动部件被误用。这种方法的主要缺点是,它意味着前端对后端逻辑处理数据时发生的情况进行盲目的假设,这就有可能向用户错误地告知如果后端无声地失败会发生什么,而这种错误通常很难被发现,直到它咬到某人并引起他们的抱怨。这可能是简单用例的最佳答案,但如果您打算扩展它或引入显著的复杂性,那么出现bug的可能性很高
SELECT插入数组中<?php
// List of keys that MUST be present for the query to succeed. Don't bother calling the db if any of these did not come in the request.
$expected_keys = [
'id_user',
'title',
'content' // add whatever else has to be passed
];
// key/val for db insert
$vals = [];
try {
// verify expected keys are provided
foreach ( $expected_keys as $k => $expected ) {
if !(array_key_exists ( $expected, $_POST ) ) {
// not a valid post, return an error
throw new \InvalidArgumentException( sprintf( 'Expected field [%1$s] was not provided. ', $expected ) );
}
// retain the field in $vals for insert
$vals[ $expected ] = $_POST[$expected];
}
$dsn = "mysql:host=localhost;dbname=myDatabase;charset=utf8mb4";
$options = [
\PDO::ATTR_EMULATE_PREPARES => false,
\PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION,
\PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC
];
$pdo = new \PDO($dsn, "username", "password", $options);
$stmt = $pdo->prepare(
'INSERT INTO `myTable` ( `:' .
implode( '`, `:', array_keys( $vals ) ) .
'` ) VALUES (' .
implode( '", ":', $vals ) .
');'
);
$stmt->execute( $vals );
$stmt = null;
}
// User error
catch \InvalidArgumentException $e {
// return 400 Bad Request and $e->getMessage() as the error message
}
// Server error
catch \Exception $e {
// log or whatever and return a 500 error
}
// return success with whatever you need to send back from $vals or $_POST
谢谢你的解释这是真的!但是我做了另一个选择,因为我没有传递用户的所有数据,比如id\u图片、ecc。。。但你的解释很清楚。谢谢你的解释这是真的!但是我做了另一个选择,因为我没有传递用户的所有数据,比如id\u图片、ecc。。。但你的解释很清楚。非常感谢。
<script>
$(#wall).append(html.template);
</script>
<?php
function ajax_output_post() {
$title = $_POST['title'];
$content = $_POST['content'];
$id_user = $_POST['id_user'];
// all the check for the input
$query = // insert data on mysql @return id_post;
$select_last_post_mysql = // select the last query from the db using id_user and id_post
foreach ($select_last_post_mysql as $post) {
$title_json = $post->title;
$content_json = $post->content;
if ($post->photo == 1) {
$photo_user_json = $post->photo_user;
} else {
$photo_user_json = "";
}
$id_post = $post->id_post;
}
echo json_encode(array('title' => $title_json, 'content' => $content_json, 'id_post' => $id_post));
}
?>
<script>
// in jquery
var Template = {
main_container: "<div class='post_container' data-post='" + html.id_post + "'>",
title: "<div class='title'>" + html.title + "</div>",
content: "<div class='content'>" + html.content + "</div>",
close_main: "</div>",
run: function() {
return Template.main_container + Template.content + Template.close_main;
}
};
$('#wall').append(Template.run());
</script>
<?php
// List of keys that MUST be present for the query to succeed. Don't bother calling the db if any of these did not come in the request.
$expected_keys = [
'id_user',
'title',
'content' // add whatever else has to be passed
];
// key/val for db insert
$vals = [];
try {
// verify expected keys are provided
foreach ( $expected_keys as $k => $expected ) {
if !(array_key_exists ( $expected, $_POST ) ) {
// not a valid post, return an error
throw new \InvalidArgumentException( sprintf( 'Expected field [%1$s] was not provided. ', $expected ) );
}
// retain the field in $vals for insert
$vals[ $expected ] = $_POST[$expected];
}
$dsn = "mysql:host=localhost;dbname=myDatabase;charset=utf8mb4";
$options = [
\PDO::ATTR_EMULATE_PREPARES => false,
\PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION,
\PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC
];
$pdo = new \PDO($dsn, "username", "password", $options);
$stmt = $pdo->prepare(
'INSERT INTO `myTable` ( `:' .
implode( '`, `:', array_keys( $vals ) ) .
'` ) VALUES (' .
implode( '", ":', $vals ) .
');'
);
$stmt->execute( $vals );
$stmt = null;
}
// User error
catch \InvalidArgumentException $e {
// return 400 Bad Request and $e->getMessage() as the error message
}
// Server error
catch \Exception $e {
// log or whatever and return a 500 error
}
// return success with whatever you need to send back from $vals or $_POST