我使用jquery代码将表单数据传递给php,然后php代码将数据保存到mysql数据库。如果标题是"how to save & to mysql database using php",则标题将以"how to save"的形式存储在数据库中。我怎样才能解决这个问题?
这是我的JS代码
var dataString = 'title='+ title + '&url=' + url + '&description=' + description + '&published=' + published+ '&catid=' + catid;
//alert (dataString);return false;
$.ajax({
type: "POST",
url: "process.php",
data: dataString,
success: function() {
$(".button").hide();
$('#messages').html("<div id='message'></div>");
$('#message').html("<h2>weblink Form Submitted!</h2>")
.hide()
.fadeIn(1500, function() {
$('#message');
});
}
});
和PHP代码
<?php
$con = mysql_connect("localhost","db","pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("dalanrep_dalanreportcom", $con);
$title = mb_convert_encoding(trim($_POST['title']),'HTML-ENTITIES', 'UTF-8');
$url = mb_convert_encoding(trim($_POST['url']),'HTML-ENTITIES', 'UTF-8');
$description = mb_convert_encoding(trim($_POST['description']),'HTML-ENTITIES', 'UTF-8');
$published = mb_convert_encoding(trim($_POST['published']),'HTML-ENTITIES', 'UTF-8');
$catid = mb_convert_encoding(trim($_POST['catid']),'HTML-ENTITIES', 'UTF-8');
$title =mysql_escape_string($title );
$url = mysql_escape_string($url );
$description = mysql_escape_string($description );
$sql="INSERT INTO table (title, url, description,catid)
VALUES ('$title','$url','$description','$catid')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";
最佳答案
&是URL中的特殊字符。它是多个参数的分隔符。您需要使用encodeURIComponent()自己对参数值进行URL编码
var dataString = 'title' + encodeURIComponent(title) + '&url=' + encodeURIComponent(url) ... ;
或以JS对象
{}的形式提供参数,以便jQuery自行处理。var data = {
"title": title,
"url": url,
...
};