从我的 php 获取会话到通过 ajax 提交的表单页面

Question

我使用 php 文件 url 提交了一个带有 ajax 的表单。在 php 文件中，我已验证电子邮件已存在并将结果存储在会话中。此外，我还生成了一个随机 ID 号并将其存储在会话中。现在我希望 ajax 在处理该 php 文件后给我带来这些会话，以便我可以在表单页面上显示这些会话。谁能帮我吗？提前谢谢....

PHP

include("connection.php");

if (isset($_POST['firstname'])) {

$certification = implode(', ', $_POST['cert_type']);
$documents = implode(', ', $_POST['attached_documents']);

if ($_SESSION['bus_status'] = isset($_POST['bus_status']) ? $_POST['bus_status'] : '') ;
if($_SESSION['bus_status'] == "new"){
    $_SESSION['establishment_year'] = 'null';
    $_SESSION['staff_strength'] = 'null';
}
elseif ($_SESSION['bus_status'] == "existing") {
    $_SESSION['establishment_year'] = $_POST['establishment_year'];
    $_SESSION['staff_strength'] = $_POST['staff_strength'];
}

$numrows = mysql_num_rows(mysql_query(" SELECT email FROM personal_data WHERE email='".$_POST['email']."'"));

$string="";
if($numrows!=0){
    $_SESSION['comment'] = '<div class="alert alert-danger" role="alert" style="font-size: 16px"><i class="fa fa-exclamation"></i> Please this user already exists. <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button></div>';
}
else {

    $_SESSION['rand'] = rand(0, 900);

    $SQL = "INSERT INTO personal_data VALUES (
    '" . $_SESSION['rand'] . "','" . $_POST['firstname'] . "','" . $_POST['surname'] . "','" . $_POST['gender'] . "',

    '" . $_POST['dob'] . "','" . $_POST['age'] . "','" . $_POST['nationality'] . "','" . $_POST['hometown'] . "',

    '" . $_POST['region_of_origin'] . "','" . $_POST['place_of_res'] . "','" . $_POST['region_of_res'] . "','" . $_POST['res_address'] . "',

    '" . $_POST['pos_address'] . "','" . $_POST['mum_nationality'] . "','" . $_POST['dad_nationality'] . "',

    '" . $_POST['mobile_num'] . "','" . $_POST['telephone'] . "','" . $_POST['email'] . "','" . date('d-M-Y h:ia') . "')";

    $result = mysql_query($SQL)
    or die(mysql_error());

    $SQL2 = "INSERT INTO education VALUES (
    '" . $_SESSION['rand'] . "','" . $_POST['level_of_education'] . "','" . $_POST['type_of_education'] . "',

    '" . $_POST['name_of_institution'] . "','" . $_POST['admission_year'] . "','" . $_POST['completion_year'] . "')";

    $result2 = mysql_query($SQL2)
    or die(mysql_error());

    $SQL3 = "INSERT INTO business_information VALUES (
    '" . $_SESSION['rand'] . "','" . $_POST['bus_name'] . "','" . $_POST['bus_description'] . "','" . $_POST['bus_address'] . "',

    '" . $_POST['bus_region'] . "','" . $_SESSION['bus_status'] . "','" . $_SESSION['establishment_year'] . "',

    '" . $_SESSION['staff_strength'] . "','" . $_POST['reg_type'] . "','".$certification."','".$documents."')";

    $result3 = mysql_query($SQL3)
    or die(mysql_error());
}

}

AJAX

var dataString = $('#appForm').serialize(); //alert (dataString);return false; 
$.ajax({ 
     type: "POST", 
     url: "application_form_params.php", 
     data: dataString, 
     success: function() { 
        window.location.reload(); 
        $('.register-alert').html("You have successfully registered an   applicant"); 
    } 
});

Answer 1

在您的 PHP 脚本结束时，您可以打印您想要发送的任何数据：

$response = array(
    'rand' => $_SESSION['rand'],
    'establishment_year' => $_SESSION['establishment_year'],
    'staff_strength' => $_SESSION['staff_strength'],
);

echo json_encode($response);
die;

并且在 JS 部分过程中：

var dataString = $('#appForm').serialize(); //alert (dataString);return false; 
$.ajax({ 
    type: "POST", 
    url: "application_form_params.php", 
    data: dataString, 
    dataType: 'json',
    success: function (data) { 
        window.location.reload(); 
        $('.register-alert').html("You have successfully registered an   applicant with rand " + data.rand); 
    } 
});

作为额外的建议，请检查您的所有 PHP 脚本。作为第一点，您可以开始阅读有关 SQL 注入 (http://php.net/manual/en/security.database.sql-injection.php) 的内容，您永远不应该在没有过滤/转义的情况下直接将用户输入放入 SQL 查询中。所有输入都被污染了！