Ajax:500内部服务器错误

Question

我正在使用ajax从我的数据库中获取事件.检索结果不起作用,不显示任何内容,并在控制台中收到以下错误消息:

POST http://www.example.com/system/live_filter.php 500(内部服务器错误)jquery.min.js:4

这是我的HTML/JS:

<div id="results">

<script type="text/javascript">

    // 1. When user comes on page from homepage, results will be fetched with ajax
    function updateResults() { 

        // 2. Create array with values of all filter fields
        var value_town_id = $('#town_id').val();
        var value_type = $('#filter_type').val();
        var value_date = $('#filter_date').val();
        var array_filter_values = new Array(value_town_id, value_type, value_date);
        array_filter_values.join(', ');
        query_value = array_filter_values;

    // 3. Start ajax
    $.ajax({
            type: "POST",
            url: "system/live_filter.php",
            data: { query: query_value },
            cache: false,
            success: function(html){
                $("#results").html(html);
            }
        });

    };

    // 4. FIRE FUNCTION!
    updateResults();

</script>

</div>

这是我的live_filter.php,值通过Ajax发送到:

require_once 'db.php';

// Define Output HTML Formating
$html = '';
$html .= '<div class="event">';
$html .= '<h3>titleString</h3>';
$html .= '<p>typeString</p>';
$html .= '<p>dateString</p>';
$html .= '</div>';

// Get values
$values_string = $_POST['query'];

// Explode to array
$values_array = explode(',', $values_string);
$town_id = $values_array[0];
$type = $values_array[1];
$date = $values_array[2];

// Prepare values for database results query
$town_id = $db->real_escape_string($town_id);
$type = $db->real_escape_string($type);
$date = $db->real_escape_string($date);


// Build Query
$query = "SELECT * FROM events WHERE towns_id=$town_id AND type='$type' AND date>=$date";

// Do Search
$results = $db->query($query);
while($result = $results->fetch_assoc()) {

            // Format Output Strings And Hightlight Matches
            $display_title = $result['title'];
            $display_type = $result['type'];
            $display_date = $result['date'];

            // Insert title
            $output = str_replace('titleString', $display_title, $html);
            // Insert type
            $output = str_replace('typeString', $display_type, $output);
            // Insert date
            $output = str_replace('dateString', $display_date, $output);

            // Output
            echo($output);
}

任何人都知道问题出在哪里？

我收到以下错误消息:您的SQL语法中有错误; 查看与您的MySQL服务器版本对应的手册,以便在第1行的'AND type =''和'>''''附近使用正确的语法

Answer 1

让我们整理一下并简化一下......

function updateResults() { 
    query = {"town_id": $('#town_id').val(),
             "value_type": $('#filter_type').val(),
             "value_date": $('#filter_date').val()
            }

    $.ajax({
        type: "POST",
        url: "system/live_filter.php",
        data: query,
        cache: false,
        success: function(html){
            $("#results").html(html);
        }
    });

};

然后在 PHP 中：

require_once 'db.php';

// Define Output HTML Formating
$html = '';
$html .= '<div class="event">';
$html .= '<h3>titleString</h3>';
$html .= '<p>typeString</p>';
$html .= '<p>dateString</p>';
$html .= '</div>';

$town_id = $_REQUEST['town_id'];
$type = $_REQUEST['value_type'];
$date = $_REQUEST['value_date'];

// Prepare values for database results query
$town_id = $db->real_escape_string($town_id);
$type = $db->real_escape_string($type);
$date = $db->real_escape_string($date);


// Build Query
$query = "SELECT * FROM events WHERE towns_id='$town_id' AND type='$type' AND date>='$date'";

/*Should it definitely be towns_id and not town_id?*/

// Do Search
$results = $db->query($query);
while($result = $results->fetch_assoc()) {
            // Insert title
            $output = str_replace('titleString', $result['title'], $html);
            // Insert type
            $output = str_replace('typeString', $result['type'], $output);
            // Insert date
            $output = str_replace('dateString', $result['date'], $output);

            // Output
            echo($output);
}

当然，如果您愿意移动模板，事情会变得更加简单......

require_once 'db.php';

$town_id = $db->real_escape_string($_REQUEST['town_id']);
$type = $db->real_escape_string($_REQUEST['value_type']);
$date = $db->real_escape_string($_REQUEST['value_date']);

$query = "SELECT * FROM events WHERE towns_id='$town_id' AND type='$type' AND date>='$date'";

$results = $db->query($query);
while($result = $results->fetch_assoc()) {
    $html  = '<div class="event">';
    $html .= '<h3>{$result['title']}</h3>';
    $html .= '<p>{$result['type']}</p>';
    $html .= '<p>{$result['date']}</p>';
    $html .= '</div>';
    echo $html;
}

至于为什么会出错...

首先，您确定正在填充变量吗？town_id如果缺少，就会出现您在评论中给出的错误。由于您没有引用该字段，因此会导致 SQL 损坏。这也使得转义变得毫无意义，因为输出预计用引号引起来。

我还会检查您表单中的日期格式是否是您的数据库可以理解的格式......

尝试将 PHP 更改为如下：

require_once 'db.php';

$town_id = $db->real_escape_string($_REQUEST['town_id']);
$type = $db->real_escape_string($_REQUEST['value_type']);
$date = $db->real_escape_string($_REQUEST['value_date']);

$query = "SELECT * FROM events WHERE towns_id=$town_id AND type='$type' AND date>=$date";

echo $query;

然后将它提供给您的 SQL 复制/粘贴到您的数据库管理工具中，看看会发生什么。一旦修复了其中的语法错误，您就会知道如何修复 PHP 中的查询