猿问

HTML onload=submit,nontsop提交

我向我的 php 网站添加了 onload 函数来提交表单,因为当我最初启动页面时,它没有显示任何表格,我必须按搜索按钮才能加载它。然后就可以正常工作了。但是当我使用 onload 函数时,它会在网络启动时显示表格,但它会不停地重新提交表单。


<body onload="document.search1.submit()">

    <form name="search1" id="search1" action="<?php $_SERVER['PHP_SELF']; ?>" method="post">

        From: <input type="date" id="fdate" name="fdate" value="<?php echo  $date_from; ?>" max="00/00/0000" />

        Until: <input type="date" id="edate" name="edate" value="<?php echo $date_to; ?>" max="00/00/0000" />


        <input type="submit" value="Search">

    </form>

这是提交功能。


<?php


    if(!empty($_POST['fdate'])) {

        $date_from = $_POST['fdate'];

    } else {

        $date_from = date('Y-m-d',strtotime("-1 days"));

    }

    

    if(!empty($_POST['edate'])) {

        $date_to = $_POST['edate'];

    } else {

        $date_to = date('Y-m-d',strtotime("-1 days"));

    }


    $fdate = $_POST['fdate'];   

    $edate = $_POST['edate'];   


    $sql = "select 

                date_format(entries.Date,'%d/%M/%Y') AS 'Date',

                user.Name,user.company AS Company,

                user.department AS Department,

                min(time_format(entries.Date,'%H:%i:%s')) AS 'Start Time',

                IF( max(time_format(entries.Date,'%H:%i:%s'))> min(time_format(entries.Date,'%H:%i:%s')), max(time_format(entries.Date,'%H:%i:%s')),'') AS 'Finish Time',

                IF(timediff(max(entries.Date),min(entries.Date)) > '00:00:00', timediff(max(entries.Date),min(entries.Date)), '')  AS 'Work Time' 

                

            from (entries join user on(entries.emp_id = user.emp_id)) 

            where date_format(entries.Date,'%Y-%m-%d') between '".$fdate."' and '".$edate."'

            group by date_format(entries.Date,'%d-%m-%Y'),user.Name 

            order by Date desc";


?>


月关宝盒
浏览 205回答 1
1回答

繁花如伊

如果您删除onload="document.search1.submit()"并稍微调整 PHP,sql 应该在第一次加载时运行。我认为,上面的代码的问题在于对$_POST设置的变量的依赖:$fdate = $_POST['fdate'];&nbsp; &nbsp;$edate = $_POST['edate'];如果没有发布的数据,这些数据将为空,因此查询将不会运行,因此将其修改为:&nbsp; &nbsp; if( !empty( $_POST['fdate'] ) ) {&nbsp; &nbsp; &nbsp; &nbsp; $date_from = $_POST['fdate'];&nbsp; &nbsp; } else {&nbsp; &nbsp; &nbsp; &nbsp; $date_from = date('Y-m-d',strtotime('-1 days'));&nbsp; &nbsp; }&nbsp; &nbsp;&nbsp;&nbsp; &nbsp; if(!empty($_POST['edate'])) {&nbsp; &nbsp; &nbsp; &nbsp; $date_to = $_POST['edate'];&nbsp; &nbsp; } else {&nbsp; &nbsp; &nbsp; &nbsp; $date_to = date('Y-m-d',strtotime('-1 days'));&nbsp; &nbsp; }&nbsp; &nbsp; $fdate = $date_from;&nbsp; &nbsp; &nbsp;# use the value determined by the `IF` logic&nbsp; &nbsp; $edate = $date_to;&nbsp; &nbsp; &nbsp; &nbsp;# use the value determined by the `IF` logicaliases如果使用表名,还可以使 SQL 更易于阅读$sql = "select&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; date_format( e.`Date`, '%d/%M/%Y' ) AS `Date`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; u.`Name`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; u.`company` AS `Company`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; u.`department` AS `Department`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; min( time_format( e.`Date`,'%H:%i:%s' ) ) AS `Start Time`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; IF( max( time_format( e.`Date`,'%H:%i:%s' ) ) > min( time_format( e.`Date`,'%H:%i:%s' ) ), max( time_format( e.`Date`,'%H:%i:%s' ) ),'') AS `Finish Time`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; IF( timediff( max( e.`Date`), min( e.`Date` ) ) > '00:00:00', timediff( max( e.`Date`), min( e.`Date` ) ), '')&nbsp; AS `Work Time`&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; from entries e&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; join user u on e.`emp_id` = u.`emp_id`&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; where date_format( e.`Date`,'%Y-%m-%d') between '{$fdate}' and '{$edate}'&nbsp; &nbsp; &nbsp; &nbsp; group by date_format( e.`Date`,'%d-%m-%Y'), u.`Name`&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; order by `Date` desc";也就是说,它仍然容易受到 SQL 注入的攻击,因此您可能希望使用 aprepared statement来代替 - 也许像这样:$sql = "select&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; date_format( e.`Date`, '%d/%M/%Y' ) AS `Date`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; u.`Name`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; u.`company` AS `Company`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; u.`department` AS `Department`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; min( time_format( e.`Date`, '%H:%i:%s' ) ) AS `Start Time`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; IF( max( time_format( e.`Date`, '%H:%i:%s' ) ) > min( time_format( e.`Date`,'%H:%i:%s' ) ), max( time_format( e.`Date`,'%H:%i:%s' ) ),'') AS `Finish Time`,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; IF( timediff( max( e.`Date`), min( e.`Date` ) ) > '00:00:00', timediff( max( e.`Date`), min( e.`Date` ) ), '')&nbsp; AS `Work Time`&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; from entries e&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; join user u on e.`emp_id` = u.`emp_id`&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; where date_format( e.`Date`,'%Y-%m-%d') between ? and ?&nbsp; &nbsp; &nbsp; &nbsp; group by date_format( e.`Date`,'%d-%m-%Y'), u.`Name`&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; order by `Date` desc";$stmt=$conn->prepare( $sql );$stmt->bind_param('ss',$fdate,$edate);$stmt->execute();$stmt->bind_result($date,$name,$company,$department,$start,$finish,$worktime);while( $stmt->fetch() ){&nbsp; &nbsp; echo $date,$name,$company,$department,$start,$finish,$worktime;#format output as apporpriate!}$stmt->free_result();$stmt->close();
随时随地看视频慕课网APP
我要回答