亚洲在线久爱草,狠狠天天香蕉网,天天搞日日干久草,伊人亚洲日本欧美

為了賬號安全,請及時綁定郵箱和手機立即綁定
已解決430363個問題,去搜搜看,總會有你想問的

HTML onload=submit,nontsop提交

HTML onload=submit,nontsop提交

PHP
月關寶盒 2023-08-11 16:28:54
我向我的 php 網站添加了 onload 函數來提交表單,因為當我最初啟動頁面時,它沒有顯示任何表格,我必須按搜索按鈕才能加載它。然后就可以正常工作了。但是當我使用 onload 函數時,它會在網絡啟動時顯示表格,但它會不停地重新提交表單。<body onload="document.search1.submit()">    <form name="search1" id="search1" action="<?php $_SERVER['PHP_SELF']; ?>" method="post">        From: <input type="date" id="fdate" name="fdate" value="<?php echo  $date_from; ?>" max="00/00/0000" />        Until: <input type="date" id="edate" name="edate" value="<?php echo $date_to; ?>" max="00/00/0000" />        <input type="submit" value="Search">    </form>這是提交功能。<?php    if(!empty($_POST['fdate'])) {        $date_from = $_POST['fdate'];    } else {        $date_from = date('Y-m-d',strtotime("-1 days"));    }        if(!empty($_POST['edate'])) {        $date_to = $_POST['edate'];    } else {        $date_to = date('Y-m-d',strtotime("-1 days"));    }    $fdate = $_POST['fdate'];       $edate = $_POST['edate'];       $sql = "select                 date_format(entries.Date,'%d/%M/%Y') AS 'Date',                user.Name,user.company AS Company,                user.department AS Department,                min(time_format(entries.Date,'%H:%i:%s')) AS 'Start Time',                IF( max(time_format(entries.Date,'%H:%i:%s'))> min(time_format(entries.Date,'%H:%i:%s')), max(time_format(entries.Date,'%H:%i:%s')),'') AS 'Finish Time',                IF(timediff(max(entries.Date),min(entries.Date)) > '00:00:00', timediff(max(entries.Date),min(entries.Date)), '')  AS 'Work Time'                             from (entries join user on(entries.emp_id = user.emp_id))             where date_format(entries.Date,'%Y-%m-%d') between '".$fdate."' and '".$edate."'            group by date_format(entries.Date,'%d-%m-%Y'),user.Name             order by Date desc";?>
查看完整描述

1 回答

?
繁花如伊

TA貢獻2012條經驗 獲得超12個贊

如果您刪除onload="document.search1.submit()"并稍微調整 PHP,sql 應該在第一次加載時運行。我認為,上面的代碼的問題在于對$_POST設置的變量的依賴:


$fdate = $_POST['fdate'];   

$edate = $_POST['edate'];

如果沒有發布的數據,這些數據將為空,因此查詢將不會運行,因此將其修改為:


    if( !empty( $_POST['fdate'] ) ) {

        $date_from = $_POST['fdate'];

    } else {

        $date_from = date('Y-m-d',strtotime('-1 days'));

    }

    

    if(!empty($_POST['edate'])) {

        $date_to = $_POST['edate'];

    } else {

        $date_to = date('Y-m-d',strtotime('-1 days'));

    }


    $fdate = $date_from;     # use the value determined by the `IF` logic

    $edate = $date_to;       # use the value determined by the `IF` logic

aliases如果使用表名,還可以使 SQL 更易于閱讀


$sql = "select 

            date_format( e.`Date`, '%d/%M/%Y' ) AS `Date`,

            u.`Name`,

            u.`company` AS `Company`,

            u.`department` AS `Department`,

            min( time_format( e.`Date`,'%H:%i:%s' ) ) AS `Start Time`,

            IF( max( time_format( e.`Date`,'%H:%i:%s' ) ) > min( time_format( e.`Date`,'%H:%i:%s' ) ), max( time_format( e.`Date`,'%H:%i:%s' ) ),'') AS `Finish Time`,

            IF( timediff( max( e.`Date`), min( e.`Date` ) ) > '00:00:00', timediff( max( e.`Date`), min( e.`Date` ) ), '')  AS `Work Time`

            

        from entries e 

        join user u on e.`emp_id` = u.`emp_id`

        

        where date_format( e.`Date`,'%Y-%m-%d') between '{$fdate}' and '{$edate}'

        group by date_format( e.`Date`,'%d-%m-%Y'), u.`Name` 

        order by `Date` desc";

也就是說,它仍然容易受到 SQL 注入的攻擊,因此您可能希望使用 aprepared statement來代替 - 也許像這樣:


$sql = "select 

            date_format( e.`Date`, '%d/%M/%Y' ) AS `Date`,

            u.`Name`,

            u.`company` AS `Company`,

            u.`department` AS `Department`,

            min( time_format( e.`Date`, '%H:%i:%s' ) ) AS `Start Time`,

            IF( max( time_format( e.`Date`, '%H:%i:%s' ) ) > min( time_format( e.`Date`,'%H:%i:%s' ) ), max( time_format( e.`Date`,'%H:%i:%s' ) ),'') AS `Finish Time`,

            IF( timediff( max( e.`Date`), min( e.`Date` ) ) > '00:00:00', timediff( max( e.`Date`), min( e.`Date` ) ), '')  AS `Work Time`

            

        from entries e 

        join user u on e.`emp_id` = u.`emp_id`

        

        where date_format( e.`Date`,'%Y-%m-%d') between ? and ?

        group by date_format( e.`Date`,'%d-%m-%Y'), u.`Name` 

        order by `Date` desc";


$stmt=$conn->prepare( $sql );

$stmt->bind_param('ss',$fdate,$edate);

$stmt->execute();

$stmt->bind_result($date,$name,$company,$department,$start,$finish,$worktime);

while( $stmt->fetch() ){

    echo $date,$name,$company,$department,$start,$finish,$worktime;#format output as apporpriate!

}

$stmt->free_result();

$stmt->close();


查看完整回答
反對 回復 2023-08-11
  • 1 回答
  • 0 關注
  • 235 瀏覽

添加回答

舉報

0/150
提交
取消
微信客服

購課補貼
聯系客服咨詢優惠詳情

 幫助反饋 APP下載

慕課網APP
您的移動學習伙伴

 公眾號

掃描二維碼
關注慕課網微信公眾號