我创建了一个代码,使用JavaScript和PHP中的Ajax和JSON从数据库中检索数据。最后,将使用查询中的数据填充下拉列表。在我添加bind_参数函数以防止SQL注入之前,它工作得很好。知道我在这里做错了什么吗?
JavaScript:
function getCompetitie()
{
seizoen = $("#Seizoen-text").val();
$.ajax({
type:'POST',
url:'get_competitie.inc.php',
dataType: 'json',
data: {seizoen: seizoen},
success: function(response){
$("#Competitie-list").empty();
$("#Competitie-list").append("Competitie");
var len = response.length;
alert(len);
for(var i = 0; i < len; i++){
var comp = response[i]['Competitie'];
$("#Competitie-list").append(""+comp+"");
}
}
});
}
不带绑定参数的PHP代码(工作正常):
include "includes/dbh.inc.php";
$sql = "SELECT DISTINCT Competitie FROM kalender WHERE Seizoen='".$_POST['seizoen']."' ORDER BY Seizoen DESC;";
$result = mysqli_query($conn, $sql);
$result_array = array();
while($row = mysqli_fetch_array($result)){
$competitie = $row['Competitie'];
$result_array[] = array("Competitie"=>$competitie);
}
echo json_encode($result_array);
?>
带绑定参数的PHP代码(不起作用):
include "includes/dbh.inc.php";
$seiz= $_POST['seizoen'];
if (empty($seiz)) {
exit ();
}
else {
$sql = "SELECT DISTINCT Competitie FROM kalender WHERE Seizoen=? ORDER BY Seizoen DESC;";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt,$sql)) {
exit ();
}
else {
mysqli_stmt_bind_param($stmt, "s", $seiz);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($result)) {
$result_array = array();
while($row = mysqli_fetch_assoc($result)){
$result_array = array();
$seizoen = $row['Seizoen'];
$result_array[] = array("Seizoen"=>$seizoen);
}
mysqli_stmt_close($stmt);
echo json_encode($result_array);
}
else {
exit ();
}
}
}
?>
我所得到的似乎是下拉框中的“未定义”。有人建议我哪里出错了吗?事先谢谢!