0
我正在構建一個簡化的引用系統。PHP傳遞帶有變量的Ajax,返回不同的一個
$(document).ready(function() {
document.getElementById("getref").onclick = function setref() {
$.ajax({
url: 'newref.php', // the script to call to get data
type: "POST",
dataType: 'json', // data format
data: {ip:<?php echo $_SERVER['REMOTE_ADDR'] ?>},
// you can insert url arguments here to pass to api.php
// for example "id=5&parent=6"
success: function(data) // on receive of reply
{
alert('returned ' + data); //get id
//--------------------------------------------------------------
// 3) Update html content
//--------------------------------------------------------------
$('#bottom_msg').html("<b>freegoldtrial.com/"+id+"</b>");
// Set output element html
// http://api.jquery.com/category/selectors/
}
});
}
});
內newref.php
$ip = $_POST['ip'];
$key = substr(md5(microtime()),rand(0,26),5);
include DB.php
if(! $conn) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("database", $conn);
$tbl_name = "refs";
$sql="INSERT INTO refs(ip, id) VALUES ('".$ip."','".$key."')";
if (!mysql_query($sql))
{
die('Error: ' . mysql_error());
}
mysql_close($con)
如何生成的$關鍵變量返回索引?正如你所看到的,我試圖用它替換div內容。感謝所有幫助:)
'echo $ key' ..?? – David
[Little Bobby](http://bobby-tables.com/)說*** [你的腳本存在SQL注入攻擊風險。](http://stackoverflow.com/questions/60174/how-can- I-防止-SQL注入式-PHP)***。即使[轉義字符串](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)是不安全的! –
***請[停止使用'mysql_ *'功能](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php)。*** [這些擴展名](http://php.net/manual/en/migration70.removed-exts-sapis.php)已在PHP 7中刪除。瞭解[prepared](http://en.wikipedia.org/wiki/Prepared_statement )[PDO]聲明(http://php.net/manual/en/pdo.prepared-statements.php)和[MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared- statement.php),並考慮使用PDO,[這真的很簡單](http://jayblanchard.net/demystifying_php_pdo.html)。 –