我向我的 php 网站添加了 onload 函数来提交表单,因为当我最初启动页面时,它没有显示任何表格,我必须按搜索按钮才能加载它。然后就可以正常工作了。但是当我使用 onload 函数时,它会在网络启动时显示表格,但它会不停地重新提交表单。<body onload="document.search1.submit()"> <form name="search1" id="search1" action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> From: <input type="date" id="fdate" name="fdate" value="<?php echo $date_from; ?>" max="00/00/0000" /> Until: <input type="date" id="edate" name="edate" value="<?php echo $date_to; ?>" max="00/00/0000" /> <input type="submit" value="Search"> </form>这是提交功能。<?php if(!empty($_POST['fdate'])) { $date_from = $_POST['fdate']; } else { $date_from = date('Y-m-d',strtotime("-1 days")); } if(!empty($_POST['edate'])) { $date_to = $_POST['edate']; } else { $date_to = date('Y-m-d',strtotime("-1 days")); } $fdate = $_POST['fdate']; $edate = $_POST['edate']; $sql = "select date_format(entries.Date,'%d/%M/%Y') AS 'Date', user.Name,user.company AS Company, user.department AS Department, min(time_format(entries.Date,'%H:%i:%s')) AS 'Start Time', IF( max(time_format(entries.Date,'%H:%i:%s'))> min(time_format(entries.Date,'%H:%i:%s')), max(time_format(entries.Date,'%H:%i:%s')),'') AS 'Finish Time', IF(timediff(max(entries.Date),min(entries.Date)) > '00:00:00', timediff(max(entries.Date),min(entries.Date)), '') AS 'Work Time' from (entries join user on(entries.emp_id = user.emp_id)) where date_format(entries.Date,'%Y-%m-%d') between '".$fdate."' and '".$edate."' group by date_format(entries.Date,'%d-%m-%Y'),user.Name order by Date desc";?>
1 回答
繁花如伊
TA贡献2012条经验 获得超12个赞
如果您删除onload="document.search1.submit()"并稍微调整 PHP,sql 应该在第一次加载时运行。我认为,上面的代码的问题在于对$_POST设置的变量的依赖:
$fdate = $_POST['fdate'];
$edate = $_POST['edate'];
如果没有发布的数据,这些数据将为空,因此查询将不会运行,因此将其修改为:
if( !empty( $_POST['fdate'] ) ) {
$date_from = $_POST['fdate'];
} else {
$date_from = date('Y-m-d',strtotime('-1 days'));
}
if(!empty($_POST['edate'])) {
$date_to = $_POST['edate'];
} else {
$date_to = date('Y-m-d',strtotime('-1 days'));
}
$fdate = $date_from; # use the value determined by the `IF` logic
$edate = $date_to; # use the value determined by the `IF` logic
aliases如果使用表名,还可以使 SQL 更易于阅读
$sql = "select
date_format( e.`Date`, '%d/%M/%Y' ) AS `Date`,
u.`Name`,
u.`company` AS `Company`,
u.`department` AS `Department`,
min( time_format( e.`Date`,'%H:%i:%s' ) ) AS `Start Time`,
IF( max( time_format( e.`Date`,'%H:%i:%s' ) ) > min( time_format( e.`Date`,'%H:%i:%s' ) ), max( time_format( e.`Date`,'%H:%i:%s' ) ),'') AS `Finish Time`,
IF( timediff( max( e.`Date`), min( e.`Date` ) ) > '00:00:00', timediff( max( e.`Date`), min( e.`Date` ) ), '') AS `Work Time`
from entries e
join user u on e.`emp_id` = u.`emp_id`
where date_format( e.`Date`,'%Y-%m-%d') between '{$fdate}' and '{$edate}'
group by date_format( e.`Date`,'%d-%m-%Y'), u.`Name`
order by `Date` desc";
也就是说,它仍然容易受到 SQL 注入的攻击,因此您可能希望使用 aprepared statement来代替 - 也许像这样:
$sql = "select
date_format( e.`Date`, '%d/%M/%Y' ) AS `Date`,
u.`Name`,
u.`company` AS `Company`,
u.`department` AS `Department`,
min( time_format( e.`Date`, '%H:%i:%s' ) ) AS `Start Time`,
IF( max( time_format( e.`Date`, '%H:%i:%s' ) ) > min( time_format( e.`Date`,'%H:%i:%s' ) ), max( time_format( e.`Date`,'%H:%i:%s' ) ),'') AS `Finish Time`,
IF( timediff( max( e.`Date`), min( e.`Date` ) ) > '00:00:00', timediff( max( e.`Date`), min( e.`Date` ) ), '') AS `Work Time`
from entries e
join user u on e.`emp_id` = u.`emp_id`
where date_format( e.`Date`,'%Y-%m-%d') between ? and ?
group by date_format( e.`Date`,'%d-%m-%Y'), u.`Name`
order by `Date` desc";
$stmt=$conn->prepare( $sql );
$stmt->bind_param('ss',$fdate,$edate);
$stmt->execute();
$stmt->bind_result($date,$name,$company,$department,$start,$finish,$worktime);
while( $stmt->fetch() ){
echo $date,$name,$company,$department,$start,$finish,$worktime;#format output as apporpriate!
}
$stmt->free_result();
$stmt->close();
- 1 回答
- 0 关注
- 204 浏览
添加回答
举报
0/150
提交
取消