使用特定 ID 通过 AJAX 调用更新数据库

Updating database with an AJAX call using a particular id

我正在尝试执行我的第一个 AJAX 调用,我想做的事情非常简单,但我的数据库没有更新。

我想要做的就是当我点击用户旁边的接受按钮时,他们的 ID 将被获取并以新状态 'Accepted' 发送,并且状态从 'Pending' 到 'Accepted' 对于我的 user_requests db table 中的那个特定用户。

数据库中没有任何更改,AJAX 代码唯一发生的事情是我收到了我的#success 消息,但可能只有 0.3 秒,它不会消失。

有没有人看出我在尝试中做错了什么?

<h2>Pending User Requests</h2>
<br />
<div id="success" style="color: red;"></div>
<?php
    $con = mysqli_connect("localhost", "root", "", "db");
    $run = mysqli_query($con,"SELECT * FROM user_requests ORDER BY id DESC");
    $numrows = mysqli_num_rows($run);

    if( $numrows ) {
        while($row = mysqli_fetch_assoc($run)){
            //comment added by php-dev : condition could be set in the query -->
            if($row['status'] == "Pending"){

                $pending_id = $row['id'];
                $pending_user_id   = $row['user_id'];
                $pending_firstname = $row['firstname'];
                $pending_lastname  = $row['lastname'];
                $pending_username  = $row['username'];

?>

            <!-- comment added by php-dev : useless form tag -->
            <form action="" method="POST" id="status">
                <!-- comment added by php-dev : useless input field, no field name -->
                <input type='hidden' value='<?php echo $pending_id; ?>' id='pending_id' />
            <?php
                // comment added by php-dev : comparing string to boolean value true
                if ($pending_firstname == true) {
                    echo "Name - ". $pending_firstname . " " . $pending_lastname . "</br>" 
                         . "Username - ". $pending_username . "</br></br>"
            ?>
            <!-- comment added by php-dev : conditional form closing tag -->
            </form>
            <button class="approve" type="submit" form="status" name="approve" 
                    value="<?= $pending_id; ?>"> 
                Approve
            </button>
            <button id="deny" type="submit" form="status" name="deny" value="Denied">
                Deny
            </button>
            <br><br><br>
        <?php
                 // comment added by php-dev : else statement misplaced -->
                ;} else {
                    echo "There are no Pending Requests at this time.";
                }
            }
        }
    }
?>

我的 AJAX 电话...

<script>
    $(document).ready(function(){
    $('.approve').click(function(){
        $.ajax({
            url: 'userRequest_approve.php',
            data: {
                id: $(this).val(), //the value of what you clicked on
                //you clicked on it so you know the status might as well hardcode it
                status: 'Approved' 
            },
            success: function(data) {
                //do something with the data that got returned
                // comment added by php-dev : for debug purposes, the #success should show 
                // the server reponse instead
                $('#success').html('User Status Changed!');
                //do something with the data that got returned
                $('#success').delay(5000).fadeOut(400); 
            },
            type: 'POST'
        });
    });
    });
</script>

我的 userRequest_approve.php 文件要插入数据库以更新状态...

<?php
require_once 'core/init.php';

$term = mysql_escape_string($term); // Attack Prevention
$pending_id = $_POST['id'];
$status = $_POST['approve'];

$con = mysqli_connect("localhost","root","","db");
    /* check connection */
    if (mysqli_connect_errno()) {
        printf("Connect failed: %s\n", mysqli_connect_error());
        exit();
    }
    $stmt = $con->prepare(
        "INSERT INTO user_requests (status, date_responded) VALUES (?, NOW())"
    );
    if ( false===$stmt ) {
     // Check Errors for prepare
        die('User Request update prepare() failed: ' . htmlspecialchars($con->error));
    }
    $stmt->bind_param('s', $status);
    // comment added by php-dev : should be false === $stmt->bind_param ...

    if ( false===$stmt ) {
    // Check errors for binding parameters
        die('User Request update bind_param() failed: ' . htmlspecialchars($stmt->error));
    }
    $stmt->execute();
    // comment added by php-dev : should be false === $stmt->execute ... 
    if ( false===$stmt ) {
        die('User Status update execute() failed: ' . htmlspecialchars($stmt->error));
    }       
?>

如果你想更新,你应该试试这个:

$stmt = $con->prepare("UPDATE user_requests SET status=?, date_responded=NOW() WHERE id=?");
$stmt->bind_param('si', $status, $pending_id);

您还需要在您的隐藏物上有一个名称属性,以便将其发送:

<input type='hidden' name='id' value='<?php echo $pending_id; ?>' id='pending_id'/>

原答案

我只看到一个问题:

这是您正在使用的 ajax 请求:

$.ajax({
       url: 'userRequest_approve.php',
       data: {
            id: $(this).val(), //<< id
            status: 'Approved' //<< status
        },
       success: function(data) {
            //do something with the data that got returned
            $('#success').html('User Status Changed!');
            $('#success').delay(5000).fadeOut(400);//do something with the data that got returned
       },
       type: 'POST'
    });

请注意,您要发送的数据是 idstatus

然而,在PHP方面:

$pending_id = $_POST['id']; //yep
$status = $_POST['approve']; //does it exist?

你应该使用

$status = $_POST['status'];