Php 为什么表单在我不提供任何输入的情况下获取所有数据?
这是index.php。当我输入时,它会获取特定的名称和年份。没关系。但是当我提交表单时,没有任何输入,它会给出电影的所有名称和年份,但我不希望这样,用户无法显示数据库中保存的所有数据。我给了priventdefault方法,但它不起作用。我怎样才能解决这个问题Php 为什么表单在我不提供任何输入的情况下获取所有数据?,php,ajax,Php,Ajax,这是index.php。当我输入时,它会获取特定的名称和年份。没关系。但是当我提交表单时,没有任何输入,它会给出电影的所有名称和年份,但我不希望这样,用户无法显示数据库中保存的所有数据。我给了priventdefault方法,但它不起作用。我怎样才能解决这个问题 <!DOCTYPE html> <html> <head> <title>ajax</title> <script
<!DOCTYPE html>
<html>
<head>
<title>ajax</title>
<script
src="https://code.jquery.com/jquery-2.2.4.min.js"
integrity="sha256-BbhdlvQf/xTY9gja0Dq3HiwQF8LaCRTXxZKRutelT44="
crossorigin="anonymous"></script>
<script type="text/javascript">
$(function() // this function excited if the jquery is ready i mean after jquery successfully loaded
{
function loaddata()
{
var moviename= $("#moviename").val(); // read moviename value and assign;
$.ajax({
type: "GET",
url: "query.php",
data: {
name:moviename // there is no variable name so you have to assign the moveiname to name vairable ;
},
success: function (data) {
$("#result").html(data);
}
});
}
$("#submit").click(function(event) // Click Event Listener.
{
event.preventDefault();
loaddata()
});
});
</script>
</head>
<body>
<p>Enter movie name </p>
<form action="" method="POST">
<input type="text" name="moviename" id="moviename" placeholder="Enter Movie Name" required autocomplete="off">
<input type="submit" name="submit" id="submit" value="Search"/>
<!-- if you want ot use jquery you have to use event listener. like $("#submit").click(function(event){}); code from line 31 to 35 -->
</form>
<br>
<div id="result">
</div>
</body>
</html
///这是query.php
<?php
include 'dbcon.php';
$name =isset($_GET['name'])?$_GET['name']:'';
$query = mysqli_query( $conn,"SELECT * FROM movie WHERE name like '%$name%'");
while($row = mysqli_fetch_array($query))
{
echo "<p>".$row['name']."</p>";
echo "<p>".$row['year']."</p>";
}
?>
在query.php中,如果将空“name”值传递到query.php中,则始终将空字符串分配给行中的$name
$name =isset($_GET['name'])?$_GET['name']:'';.
所以查询将返回数据库中的所有结果,因为$name是一个空字符串,并且与数据库中的所有数据匹配
您可以验证$name是否为空,而不是运行查询。仅当$name不为空时执行查询
$name =isset($_GET['name'])?$_GET['name']:'';
if(!empty($name)){
$query = mysqli_query( $conn,"SELECT * FROM movie WHERE name like '%$name%'");
while($row = mysqli_fetch_array($query))
{
echo "<p>".$row['name']."</p>";
echo "<p>".$row['year']."</p>";
}
}
if(!empty($name)) {
$query = mysqli_query( $conn,"SELECT * FROM movie WHERE name like '%$name%'");
while($row = mysqli_fetch_array($query)){
echo "<p>".$row['name']."</p>";
echo "<p>".$row['year']."</p>";
}
}
如果名称为空,则您将找到与所有内容匹配的“%”之类的内容。最好的方法是将查询放入if!emptyfilter\u inputINPUT\u GET,name{/*do query*/}else{/*不返回任何内容*/}
if(!empty($name)) {
$query = mysqli_query( $conn,"SELECT * FROM movie WHERE name like '%$name%'");
while($row = mysqli_fetch_array($query)){
echo "<p>".$row['name']."</p>";
echo "<p>".$row['year']."</p>";
}
}