PHP PDO :: MySQL和JQuery和Ajax

Question

你好我有一個登錄表單，有用戶名和密碼。

我有一個後端PHP腳本，它可以正確處理這些數據並對響應進行json_encode編碼。

我有一個使用Ajax的JQuery JS腳本，似乎不處理表單驗證，但似乎有東西泄漏導致ajax窒息。

我希望有一些見解有什麼突破。

 <?php 
    # 
    #  General purpose script to verify user login 
    #  Will be combined with jquery/AJAX to allow access based on 
    #  role 
    # 
    set_include_path(get_include_path() . PATH_SEPARATOR . "/home/best9721/public_html/lib"); 
    include("t_const.php"); 
    include("t_verify.php"); 
    # 
    #  Check that there is no SESSION Variables 
    # 
    if(isset($_SESSION)) { 
     session_destroy(); 
    } 
    # 
    #  Cleanup POST variables 
    # 
      $username = strip_tags($_POST['username']); 
      $userpass = strip_tags($_POST['password']); 
    # 
    #  Connect to DB 
    # 
    try { 
      $dbh = new PDO("mysql:host=localhost;dbname=$DB_TEST", $MASTER_TEST, $MASTER_TEST_PSW); 
    # 
    #  Check and see if inputted username is in the DB to start with 
    # 
      $stmt = $dbh->prepare("SELECT * FROM user_auth where userid = :userid"); 
      $stmt->execute( array (
            ':userid' => $username, 
            ) 
          ); 
      $authdata = $stmt->fetch(PDO::FETCH_ASSOC); 
      if(empty($authdata)) { 
       $response['error'] = true; 
       $response['msg'] = "You do not have access to this section"; 
       print json_encode($response); 
       exit; 
      } 
    # 
    #  Check and see if they have access 
    # 
      $stmt = $dbh->prepare("SELECT auth_level FROM user_access where userid = :userid"); 
      $stmt->execute( array (
           ':userid' => $username, 
           ) 
         ); 
      $role = $stmt->fetchAll(PDO::FETCH_COLUMN); 
      $auth_role = $_POST{'auth'}; 
      if(!has_access($role, $auth_role) or !isset($role)) { 
        $response['error'] = true; 
        $response['msg'] = "You do not have privileges for this section."; 
        print json_encode($response); 
        exit; 
      } else { 
        $response['url'] = $url[$auth_role]; 
      } 
    # 
    #    Now check and see if their account is locked 
    # 
      if($authdata['account_status'] == "closed") { 
        $response['error'] = true; 
        $response['msg'] = $authdata["reason_acct_locked"]; 
        print json_encode($response); 
        exit; 
      } 
    # 
    #    Check if Passwords match - final check 
    # 
      if(sha1($_POST['password']) != $authdata['userpsw']) { 
        $response['error'] = true; 
        $response['msg'] = "Invalid User Credentials"; 
        print json_encode($response); 
        exit; 
      } else { 
        $response['msg'] = 'OK'; 
        print json_encode($response); 
        exit; 
      } 
    } 
    # 
    #  There was an error 
    # 
    catch(PDOException $e) 
    { 
     $response['error'] = true; 
     $response['msg'] = $e->getMessage(); 
     print json_encode($response); 
     exit; 
    } 
    ?> 

和auth_user.js

 $(document).ready(function() { 
     $("#loginForm").validate({ 
      errorLabelContainer: "#errorMessage", 
      wrapper: "li", 
      rules: { 
        username: "required", 
        password: "required" 
      }, 
      messages: { 
        username: "Please enter your username.", 
        password: "Please enter your password." 
      }, 
      submitHandler: function() { 
       $.ajax({ 
        type: 'POST', 
        url: 'auth_user.php', 
       dataType: 'json', 
       success: function(data) { 
          alert(data.msg); 
         }, 
        error: function() { 
          alert("There was a problem processing this form");     
         } 
         }); 
         return false; 
      } 
     }); 
    }); 

〜

警報總是帶來了 - 「你沒有接取到本節」

感謝您的幫助。

Answer 1

在您的ajax調用中，不要向服務器發送任何數據。你可以發送它與數據屬性在傳遞的對象：

$.ajax({ 
      type: 'POST', 
      url: 'auth_user.php', 
      dataType: 'json', 
      // data attribute 
      data : {"username":"myUsername", "password": "myPassord"}, 
      // ** 
      success: function(data) { 
        alert(data.msg); 
      }, 
      error: function() { 
         alert("There was a problem processing this form");     
      } 
    });