无法在使用AJAX进行产品筛选时通过PDO获取$_GET数据。

huangapple
go评论150阅读模式
英文:

unable $_GET data in PDO using AJAX for product filtering

问题

无法使用PDOAJAX过滤产品,

下面的代码使用PDOAJAXsql加载数据,但是当我尝试根据品牌进行过滤时,它不起作用。尝试调试var_dump方法,但没有帮助。

有人可以帮助我解决问题,我应该如何过滤产品,代码中是否有什么缺失?

HTML

  1. <div class="md-radio my-1">
  2.     <input type="radio" class="filter_all cate" name="cate" id="<?php echo str_replace(' ', '', $row['sca']); ?>" value="<?php echo $row['sca']; ?>">
  3.     <label for="<?php echo str_replace(' ', '', $row['sca']); ?>">
  4.         <?php echo $row['sca']; ?>
  5.     </label>
  6. </div>

SCRIPT

  1. $(document).ready(function () {
  2.     var flag = 0;
  3.     var fetching = false;
  4.     var done = false;
  6.     function filter_data() {
  7.         // 防止并发请求
  8.         if (fetching === true) {
  9.             return;
  10.         }
  11.         fetching = true;
  12.         var data = {
  13.             action: 'fetch_data',
  14.             cate: get_filter('cate'),
  15.             brand: get_filter('brand'),
  16.             model: get_filter('model'),
  17.             sort: get_filter('sort'),
  18.             date: get_filter('date'),
  19.             offset: flag,
  20.             limit: 4
  21.         };
  22.         console.log($.param(data));
  23.         $.ajax({
  24.             url: "fetch.php?" + $.param(data),
  25.             type: 'POST'
  26.         })
  27.         .done(function (data) {
  28.             console.log('data received');
  30.             $('.filter_data').append(data); // 追加数据
  32.             // 我们到达了末尾,没有更多数据
  33.             if (data === '<h3>No Data Found</h3>') {
  34.                 done = true;
  35.             }
  37.             flag += 4;
  38.             fetching = false; // 再次允许请求
  39.         })
  40.         .fail(function (error) {
  41.             console.log('An error occurred while fetching', error)
  42.             // TODO: 处理错误
  43.         });
  44.     }
  46.     function get_filter(class_name) {
  47.         var filter = [];
  48.         $('.' + class_name + ':checked').each(function () {
  49.             filter.push($(this).val());
  50.         });
  51.         return filter;
  52.     }
  53.     $('.filter_all').click(function () {
  54.         filter_data();
  55.     });
  56.     filter_data(); // 为了调试目的而注释掉
  57.     var $window = $(window);
  58.     var $document = $(document);
  59.     $window.scroll(function () {
  61.         if ((window.innerHeight + window.scrollY) >= document.body.offsetHeight - 300 && fetching === false && done === false) {
  62.             console.log('infinite scroll');
  63.             filter_data();
  64.         }
  65.     });
  66. });

PHP

  1. <?php
  3. include("$_SERVER[DOCUMENT_ROOT]/include/config.php");
  4. include("$_SERVER[DOCUMENT_ROOT]/include/function.php");
  6. $query = "SELECT * FROM allpostdata WHERE sts = '1' AND mca='Vehicle'";
  8. if (!empty($_GET['cate'])) {
  9.     $query .= " AND sca IN (" . str_repeat("?,", count($_GET['cate']) - 1) . "?)";
  10. } else {
  11.     $_GET['cate'] = []; // 如果未设置
  12. }
  14. if (!empty($_GET['brand'])) {
  15.     $query .= " AND product_brand IN (" . str_repeat("?,", count($_GET['brand']) - 1) . "?)";
  16. } else {
  17.     $_GET['brand'] = []; // 如果未设置
  18. }
  20. if (!empty($_GET['model'])) {
  21.     $query .= " AND mdl IN (" . str_repeat("?,", count($_GET['model']) - 1) . "?)";
  22. } else {
  23.     $_GET['model'] = []; // 如果未设置
  24. }
  26. if (empty($_GET['sort']) || $_GET['sort'][0] == "date") {
  27.     $query .= " ORDER BY pdt DESC";
  28. } elseif ($_GET["sort"][0] == "ASC" || $_GET["sort"][0] == "DESC") {
  29.     $query .= " ORDER BY prs " . $_GET['sort'][0];
  30. }
  32. if (isset($_GET['limit'])) {
  34.     if (!empty($_GET['offset'])) {
  35.         $query .= " LIMIT " . $_GET['limit'] . " OFFSET " . $_GET['offset'];
  36.     } else {
  37.         $query .= " LIMIT " . $_GET['limit'];
  38.     }
  39. }
  40. $stmt = $conn->prepare($query);
  41. $params = array_merge($_GET['cate'], $_GET['brand'], $_GET['model']);
  42. $stmt->execute($params);
  43. $result = $stmt->fetchAll();
  44. $total_row = $stmt->rowCount();
  45. $output = '';
  46. if ($total_row > 0) {
  47.     foreach ($result as $row) {
  48.         $parameter = $row['pid'];
  49.         $hashed = md5($salt . $parameter);
  50.         $output .= '<a href="/single_view.php?p=' . $row['id'] . '" class="w-xl-20 w-lg-20 col-md-3 col-6 p-1 p-lg-2">
  51.                         <div class="card border-0 small">
  52.                             <img class="card-img-top rounded-0" src="/upload/thumb/' . $row["im1"] . '" alt="Card image cap">
  53.                             <div class="card-body pb-0 pt-2 px-0">
  54.                                 <h6 class="card-title text-dark text-truncate">' . ucfirst(strtolower($row['tit'])) . '</h6>
  55.                                 <h6 class="card-subtitle mb-1 text-muted text-truncate small">' . $row['product_brand'] . '&nbsp;/&nbsp;' . $row['mdl'] . '</h6>
  56.                                 <p class="card-text"><strong class="card-text text-dark text-truncate">&#x20B9;&nbsp;' . $row['prs'] . '</strong></p>' . timeAgo($row['pdt']) . '
  57.                             </div>
  58.                         </div>
  59.                     </a>';
  60.     }
  61. } else {
  62.     $output = '<h3>No Data Found</h3>';
  63. }
  64. echo $output;
  65. ?>

请注意,这是您提供的代码的翻译部分,不包括代码中的注释或其他内容。如果需要更多帮助或解释,请随时提问。

英文:

Unable to filter product using PDOamd AJAX,

Below code loads data form sql using PDO and AJAX but when i try to filter based on Brand it doesn't work. tried debug var_dump method but nothing helps.

Can someone help me to solve, how do i filter product, is there anything missing in code?

HTML

  1. &lt;div class=&quot;md-radio my-1&quot;&gt;
  2. &lt;input type=&quot;radio&quot; class=&quot;filter_all cate&quot; name=&quot;cate&quot; id=&quot;&lt;?php echo str_replace(&#39; &#39;, &#39;&#39;, $row[&#39;sca&#39;]); ?&gt;&quot; value=&quot;&lt;?php echo $row[&#39;sca&#39;] ?&gt;&quot;&gt;
  3. &lt;label for=&quot;&lt;?php echo str_replace(&#39; &#39;, &#39;&#39;, $row[&#39;sca&#39;]); ?&gt;&quot;&gt;
  4. &lt;?php echo $row[&#39;sca&#39;]; ?&gt;
  5. &lt;/label&gt;
  6. &lt;/div&gt;

SCRIPT

  1. $(document).ready(function () {
  2. var flag = 0;
  3. var fetching = false;
  4. var done = false;
  5. function filter_data() {
  6. // prevent concurrent requests
  7. if (fetching === true) {
  8. return;
  9. }
  10. fetching = true;
  11. var data = {
  12. action: &#39;fetch_data&#39;,
  13. cate: get_filter(&#39;cate&#39;),
  14. brand: get_filter(&#39;brand&#39;),
  15. model: get_filter(&#39;model&#39;),
  16. sort: get_filter(&#39;sort&#39;),
  17. date: get_filter(&#39;date&#39;),
  18. offset: flag,
  19. limit: 4
  20. };
  21. console.log($.param(data));
  22. $.ajax({
  23. url: &quot;fetch.php?&quot; + $.param(data),
  24. type: &#39;POST&#39;
  25. })
  26. .done(function (data) {
  27. console.log(&#39;data received&#39;);
  28. $(&#39;.filter_data&#39;).append(data); // append
  29. // we reached the end, no more data
  30. if (data === &#39;&lt;h3&gt;No Data Found&lt;/h3&gt;&#39;) {
  31. done = true;
  32. }
  33. flag += 4;
  34. fetching = false; // allow further requests again
  35. })
  36. .fail(function (error) {
  37. console.log(&#39;An error occurred while fetching&#39;, error)
  38. // TODO: some error handling
  39. });
  40. }
  41. function get_filter(class_name) {
  42. var filter = [];
  43. $(&#39;.&#39; + class_name + &#39;:checked&#39;).each(function () {
  44. filter.push($(this).val());
  45. });
  46. return filter;
  47. }
  48. $(&#39;.filter_all&#39;).click(function () {
  49. filter_data();
  50. });
  51. filter_data(); // commented out for debugging purpose
  52. var $window = $(window);
  53. var $document = $(document);
  54. $window.scroll(function () {
  55. if ((window.innerHeight + window.scrollY) &gt;= document.body.offsetHeight - 300 &amp;&amp; fetching === false &amp;&amp; done === false) {
  56. console.log(&#39;infinite scroll&#39;);
  57. filter_data();
  58. }
  59. });
  60. });

PHP

  1. &lt;?php
  2. include(&quot;$_SERVER[DOCUMENT_ROOT]/include/config.php&quot;);
  3. include(&quot;$_SERVER[DOCUMENT_ROOT]/include/function.php&quot;);
  4. $query = &quot;SELECT * FROM allpostdata WHERE sts = &#39;1&#39; AND mca=&#39;Vehicle&#39;&quot;;
  5. if (!empty($_GET[&#39;cate&#39;])) {
  6. $query .= &quot; AND sca IN (&quot; . str_repeat(&quot;?,&quot;, count($_GET[&#39;cate&#39;]) - 1) . &quot;?)&quot;;
  7. } else {
  8. $_GET[&#39;cate&#39;] = []; // in case it is not set 
  9. }
  10. if (!empty($_GET[&#39;brand&#39;])) {
  11. $query .= &quot; AND product_brand IN (&quot; . str_repeat(&quot;?,&quot;, count($_GET[&#39;brand&#39;]) - 1) . &quot;?)&quot;;
  12. } else {
  13. $_GET[&#39;brand&#39;] = []; // in case it is not set 
  14. }
  15. if (!empty($_GET[&#39;model&#39;])) {
  16. $query .= &quot; AND mdl IN (&quot; . str_repeat(&quot;?,&quot;, count($_GET[&#39;model&#39;]) - 1) . &quot;?)&quot;;
  17. } else {
  18. $_GET[&#39;model&#39;] = []; // in case it is not set 
  19. }
  20. if (empty($_GET[&#39;sort&#39;]) || $_GET[&#39;sort&#39;][0] == &quot;date&quot;) {
  21. $query .= &quot; ORDER BY pdt DESC&quot;;
  22. } elseif ($_GET[&quot;sort&quot;][0] == &quot;ASC&quot; || $_GET[&quot;sort&quot;][0] == &quot;DESC&quot;) {
  23. $query .= &quot; ORDER BY prs &quot; . $_GET[&#39;sort&#39;][0];
  24. }
  25. if (isset($_GET[&#39;limit&#39;])) {
  26. if (!empty($_GET[&#39;offset&#39;])) {
  27. $query .= &quot; LIMIT &quot; . $_GET[&#39;limit&#39;] . &quot; OFFSET &quot; . $_GET[&#39;offset&#39;];
  28. } else {
  29. $query .= &quot; LIMIT &quot; . $_GET[&#39;limit&#39;];
  30. }
  31. }
  32. $stmt = $conn-&gt;prepare($query);
  33. $params = array_merge($_GET[&#39;cate&#39;], $_GET[&#39;brand&#39;], $_GET[&#39;model&#39;]);
  34. $stmt-&gt;execute($params);
  35. $result = $stmt-&gt;fetchAll();
  36. $total_row = $stmt-&gt;rowCount();
  37. $output = &#39;&#39;;
  38. if ($total_row &gt; 0) {
  39. foreach ($result as $row) {
  40. $parameter = $row[&#39;pid&#39;];
  41. $hashed = md5($salt . $parameter);
  42. $output .= &#39;&lt;a href=&quot;/single_view.php?p=&#39; . $row[&#39;id&#39;] . &#39;&quot; class=&quot;w-xl-20 w-lg-20 col-md-3 col-6 p-1 p-lg-2&quot;&gt;
  43. &lt;div class=&quot;card border-0 small&quot;&gt;
  44. &lt;img class=&quot;card-img-top rounded-0&quot; src=&quot;/upload/thumb/&#39; . $row[&quot;im1&quot;] . &#39;&quot; alt=&quot;Card image cap&quot;&gt;
  45. &lt;div class=&quot;card-body pb-0 pt-2 px-0&quot;&gt;
  46. &lt;h6 class=&quot;card-title text-dark text-truncate&quot;&gt;&#39; . ucfirst(strtolower($row[&#39;tit&#39;])) . &#39;&lt;/h6&gt;
  47. &lt;h6 class=&quot;card-subtitle mb-1 text-muted text-truncate small&quot;&gt;&#39; . $row[&#39;product_brand&#39;] . &#39;&amp;nbsp;/&amp;nbsp;&#39; . $row[&#39;mdl&#39;] . &#39;&lt;/h6&gt;
  48. &lt;p class=&quot;card-text&quot;&gt;&lt;strong class=&quot;card-text text-dark text-truncate&quot;&gt;&amp;#x20B9;&amp;nbsp;&#39; . $row[&#39;prs&#39;] . &#39;&lt;/strong&gt;&lt;/p&gt;&#39; . timeAgo($row[&#39;pdt&#39;]) . &#39;
  49. &lt;/div&gt;
  50. &lt;/div&gt;
  51. &lt;/a&gt;&#39;;
  52. }
  53. } else {
  54. $output = &#39;&lt;h3&gt;No Data Found&lt;/h3&gt;&#39;;
  55. }
  56. echo $output;
  57. ?&gt;

答案1

得分: 0

你尽管将数据通过GET查询参数发送,尽管已将ajax调用定义为POST方式。这是一个安全风险。尝试将您的AJAX调用更改为如下方式,并将您的$_GET内容替换为$_POST

  1. $.ajax({
  2.     url: '/your-form-processing-page-url-here',
  3.     type: 'POST',
  4.     data: data,
  5.     mimeType: 'multipart/form-data',
  6.     success: function(data, status, jqXHR){
  7.         alert('好消息!一切正常。');
  8.         console.log(data);
  9.         console.log(status);
  10.         console.log(jqXHR);
  11.     },
  12.     error: function(jqXHR, status, error){
  13.         // 希望我们永远不会到达这里
  14.         console.log(jqXHR);
  15.         console.log(status);
  16.         console.log(error);
  17.     }
  18. });
英文:

You are sending data via GET query parameters despite defining the ajax call as a post. That's a security risk. Try changing your AJAX call to something like this, and replace youyr $_GET stuff to $_POST.

  1.             $.ajax({
  2. url: &#39;/your-form-processing-page-url-here&#39;,
  3. type: &#39;POST&#39;,
  4. data: data,
  5. mimeType: &#39;multipart/form-data&#39;,
  6. success: function(data, status, jqXHR){
  7. alert(&#39;Hooray! All is well.&#39;);
  8. console.log(data);
  9. console.log(status);
  10. console.log(jqXHR);
  11. },
  12. error: function(jqXHR,status,error){
  13. // Hopefully we should never reach here
  14. console.log(jqXHR);
  15. console.log(status);
  16. console.log(error);
  17. }
  18. });

huangapple
  • 本文由 发表于 2020年1月6日 20:48:22
  • 转载请务必保留本文链接:https://go.coder-hub.com/59612416.html
  • filter
  • jquery
  • php
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定