2
我想創建一個網站,允許用戶輸入一個HTML格式的地址。當用戶點擊提交按鈕時,我希望PHP獲取表單數據,然後使用該數據訪問存儲地址的mysql數據庫,基於表單數據php將查詢mysql數據庫並返回給定距離內的地址。那麼我想使用ajax將該結果傳遞到JavaScript,我將使用這些數據創建一個帶有繪製到地圖上的所有地址的谷歌地圖。我現在所遇到的問題僅僅是在javascript中將數據顯示到控制檯。我注意到,每次我點擊提交按鈕,似乎html頁面正在刷新,所以我認爲可能是刷新是數據未被正確傳遞的原因。MySQL的查詢數據不正確傳遞給從PHP通過ajax的JavaScript
HTML表單代碼(與JavaScript/AJAX)
<html>
<head>
<title></title>
</head>
<body>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.4.8/angular.min.js"></script>
<div class = "container">
<nav class = "navbar navbar-inverse">
<div class = "container-fluid">
<div class = "navbar-header">
<a class = "navbar-brand" href = "home.html">YardSaleMapper.com</a>
</div>
<ul class = "nav navbar-nav">
<li><a href = "home.html">Go Home</a></li>
<li class = "active"><a href = "viewSales.php">View Sales</a></li>
<li><a href = "addSale.html">Publish your Sale</a></li>
</ul>
</div>
</nav>
<h3>Enter Starting Point</h3>
<hr/>
<form method = "post" id = "myForm">
<div class = "col-md-2">
<div class = "form-group">
Street:
<input class = "form-control" type = "text" name = "start_street" ng-model = "ss" required/>
</div>
</div>
<div class = "col-md-2">
<div class = "form-group">
City:
<input class = "form-control" type = "text" name = "start_city" ng-model = "ss" required/>
</div>
</div>
<div class = "col-md-2">
<div class = "form-group">
State (EX: PA):
<input class = "form-control" type = "text" name = "start_state" ng-model = "ss" maxlength="2" required/>
</div>
</div>
<div class = "col-md-2">
<div class = "form-group">
ZIP
<input class = "form-control" type = "text" name = "start_zip" ng-model = "ss" maxlength="5" required/>
</div>
</div>
<div class = "col-md-2">
<div class = "form-group">
Within <select type = "text" name = "distance" required class = "form-control">
<option value = 5>5</option>
<option value = 10>10</option>
<option value = 15>15</option>
<option value = 20>20</option>
<option value = 25>25</option>
</select>
Miles
</div>
</div>
<div class = "col-md-2">
<div class = "form-group">
 
<button class ="btn btn-primary btn-block" id = "submit" type = "submit" name = "submit">Submit</button>
</div>
</div>
</form>
</div>
<script id = "source" language = "javascript" type = "text/javascript">
$(function() {
$('#submit').on('click', function() {
$.ajax({
url: 'getSales.php',
method: 'post',
data: $("#myForm").serialize(),
dataType: 'json',
success: function(data) {
console.log(data);
}
})
})
});
</script>
</body>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
</html>
PHP代碼訪問MySQL數據庫和呼應的結果。
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "yardsales";
$data = array();
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$street = $_POST["start_street"];
$city = $_POST["start_city"];
$state = $_POST["start_state"];
$zip = $_POST["start_zip"];
$dist = $_POST["distance"];
$address = $street . ", " . $city . ", " . $state . ", " . $zip;
$geo = file_get_contents('http://maps.googleapis.com/maps/api/geocode/json?address='.urlencode($address).'&sensor=false');
// Convert the JSON to an array
$geo = json_decode($geo, true);
if ($geo['status'] == 'OK') {
// Get Lat & Long
$lat = $geo['results'][0]['geometry']['location']['lat'];
$long = $geo['results'][0]['geometry']['location']['lng'];
}
$sql = "SELECT street, city, state, zip, county, sdate, edate,
stime, etime, description, 69 * vincenty($lat, $long, lat, lon) AS distance from
addresses where 69 * vincenty($lat, $long, lat, lon) < $dist";
$result = $conn->query($sql);
while($row = $result->fetch_assoc()) {
$data[] = $row;
//print_r($row);
}
echo json_encode($data);
?>
**警告**:當使用'mysqli'你應該使用[參數化查詢](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)和['bind_param'](http://php.net/manual/en/mysqli-stmt.bind-param.php)將用戶數據添加到您的查詢中。 **不要**使用字符串插值或連接來完成此操作,因爲您創建了嚴重的[SQL注入漏洞](http://bobby-tables.com/)。 **不要**將'$ _POST','$ _GET'或**任何**用戶數據直接放入查詢中,如果有人試圖利用您的錯誤,這可能會非常有害。 – tadman