I am having issues concatenating two AJAX variables using JQuery and PHP to insert into DB (MySQL)... Here is the code:
$.ajax({
url: DIR+"some.php",
method: "POST",
dataType: "JSON",
data: {
mobile: mobile.val(),
dialcode: dialcode.val();
mobilenumber: mobilenumber.val('dialcode'+'mobile'); // This seems to be the error here
},
The PHP as follows:
<?php
session_start();
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == "xmlhttprequest") {
if (isset($_POST['username'])) {
$username = preg_replace("#[<> ]#i", "", $_POST['username']);
$mobilenumber = preg_replace("#[^0-9]#i", "", $_POST['dialcode'.'mobile']);
$gender = preg_replace("#[<> ]#i", "", $_POST['gender']);
$country = preg_replace("#[<> ]#i", "", $_POST['country']);
$session = $_SESSION['id'];
$m=$edit->saveEditing( $mobile, $mobilenumber, $gender, $country);
$array = array("msg" => $m);
echo json_encode($array);
}
?>
I am not sure what I am doing wrong here...I am getting :
SyntaxError: Unexpected token ; /locahost/pub/js/file.js:8" please
find the error comment note in the js above to locate the reference
I basically need the dialcode and mobile to be concatenated and inserted as once value into the DB as mobilenumber
The error is on your question:
SyntaxError: Unexpected token ; /locahost/pub/js/file.js:8
This means that, on line 8 of your file.js you have an unexpected ;
6> data: {
7> mobile: mobile.val(),
8> dialcode: dialcode.val(); // Here, you are using ; instead of ,
9> mobilenumber: mobilenumber.val('dialcode'+'mobile'); // Here too!
10> },
JS Object properties should be separated with ,, not with ;.
Also your line where you concatenate two strings is strange, since in jQuery, if you pass any attributes to the val() function, you are SETTING the input value, not reading as you want.
If I understood, you want to merge dialcode and mobile in a single field to send to php, right?
If so, you need to do:
mobilenumber: dialcode.val() + mobile.val(),
Some tips to you that are starting now:
Errors are not monsters, they are your guide, and most of them show directly where your error is. Read them!
Use a GOOD IDE, if you are programming in web, including PHP, I recommend strongly PHPStorm, it's heavy, but will be your best friend forever! S2 That's because a good IDE will highlight all your syntax errors, and have many and many features that you will love as you known them.
Related
I have an HTML form field $_POST["url"], having some URL strings as the value.
Example values are:
https://example.com/test/1234?email=xyz#test.com
https://example.com/test/1234?basic=2&email=xyz2#test.com
https://example.com/test/1234?email=xyz3#test.com
https://example.com/test/1234?email=xyz4#test.com&testin=123
https://example.com/test/the-page-here/1234?someurl=key&email=xyz5#test.com
etc.
How can I get only the email parameter from these URLs/values?
Please note that I am not getting these strings from the browser address bar.
You can use the parse_url() and parse_str() for that.
$parts = parse_url($url);
parse_str($parts['query'], $query);
echo $query['email'];
If you want to get the $url dynamically with PHP, take a look at this question:
Get the full URL in PHP
All the parameters after ? can be accessed using $_GET array. So,
echo $_GET['email'];
will extract the emails from urls.
Use the parse_url() and parse_str() methods. parse_url() will parse a URL string into an associative array of its parts. Since you only want a single part of the URL, you can use a shortcut to return a string value with just the part you want. Next, parse_str() will create variables for each of the parameters in the query string. I don't like polluting the current context, so providing a second parameter puts all the variables into an associative array.
$url = "https://mysite.com/test/1234?email=xyz4#test.com&testin=123";
$query_str = parse_url($url, PHP_URL_QUERY);
parse_str($query_str, $query_params);
print_r($query_params);
//Output: Array ( [email] => xyz4#test.com [testin] => 123 )
As mentioned in another answer, the best solution is using parse_url().
You need to use a combination of parse_url() and parse_str().
The parse_url() parses the URL and return its components that you can get the query string using the query key. Then you should use parse_str() that parses the query string and returns
values into a variable.
$url = "https://example.com/test/1234?basic=2&email=xyz2#test.com";
parse_str(parse_url($url)['query'], $params);
echo $params['email']; // xyz2#test.com
Also you can do this work using regex: preg_match()
You can use preg_match() to get a specific value of the query string from a URL.
preg_match("/&?email=([^&]+)/", $url, $matches);
echo $matches[1]; // xyz2#test.com
preg_replace()
Also you can use preg_replace() to do this work in one line!
$email = preg_replace("/^https?:\/\/.*\?.*email=([^&]+).*$/", "$1", $url);
// xyz2#test.com
Use $_GET['email'] for parameters in URL.
Use $_POST['email'] for posted data to script.
Or use _$REQUEST for both.
Also, as mentioned, you can use parse_url() function that returns all parts of URL. Use a part called 'query' - there you can find your email parameter. More info: http://php.net/manual/en/function.parse-url.php
You can use the below code to get the email address after ? in the URL:
<?php
if (isset($_GET['email'])) {
echo $_GET['email'];
}
I a created function from Ruel's answer.
You can use this:
function get_valueFromStringUrl($url , $parameter_name)
{
$parts = parse_url($url);
if(isset($parts['query']))
{
parse_str($parts['query'], $query);
if(isset($query[$parameter_name]))
{
return $query[$parameter_name];
}
else
{
return null;
}
}
else
{
return null;
}
}
Example:
$url = "https://example.com/test/the-page-here/1234?someurl=key&email=xyz5#test.com";
echo get_valueFromStringUrl($url , "email");
Thanks to #Ruel.
$web_url = 'http://www.writephponline.com?name=shubham&email=singh#gmail.com';
$query = parse_url($web_url, PHP_URL_QUERY);
parse_str($query, $queryArray);
echo "Name: " . $queryArray['name']; // Result: shubham
echo "EMail: " . $queryArray['email']; // Result:singh#gmail.com
A much more secure answer that I'm surprised is not mentioned here yet:
filter_input
So in the case of the question you can use this to get an email value from the URL get parameters:
$email = filter_input( INPUT_GET, 'email', FILTER_SANITIZE_EMAIL );
For other types of variables, you would want to choose a different/appropriate filter such as FILTER_SANITIZE_STRING.
I suppose this answer does more than exactly what the question asks for - getting the raw data from the URL parameter. But this is a one-line shortcut that is the same result as this:
$email = $_GET['email'];
$email = filter_var( $email, FILTER_SANITIZE_EMAIL );
Might as well get into the habit of grabbing variables this way.
$uri = $_SERVER["REQUEST_URI"];
$uriArray = explode('/', $uri);
$page_url = $uriArray[1];
$page_url2 = $uriArray[2];
echo $page_url; <- See the value
This is working great for me using PHP.
In Laravel, I'm using:
private function getValueFromString(string $string, string $key)
{
parse_str(parse_url($string, PHP_URL_QUERY), $result);
return isset($result[$key]) ? $result[$key] : null;
}
A dynamic function which parses string URL and gets the value of the query parameter passed in the URL:
function getParamFromUrl($url, $paramName){
parse_str(parse_url($url, PHP_URL_QUERY), $op); // Fetch query parameters from a string and convert to an associative array
return array_key_exists($paramName, $op) ? $op[$paramName] : "Not Found"; // Check if the key exists in this array
}
Call the function to get a result:
echo getParamFromUrl('https://google.co.in?name=james&surname=bond', 'surname'); // "bond" will be output here
Code that works fine except for the issue of passing a value back and forth between JavaScript, Ajax, and PHP. Using TinyMCE as the editor, when I add a paragraph break in the text, save the data (passing it through JavaScript/Ajax and PHP to do so) the text appears to be okay. Here's the JavaScript and Ajax code -- this works, it passes the data correctly to the PHP program when the submit button is clicked:
// save the main who's who form data:
$("form#who_main").submit(function(e)
{
e.preventDefault();
// first thing, clear out the message div used for this (if there's anything there):
document.getElementById("who_message").innerHTML = "";
// because we're using TinyMCE, need to replace value in that into the textarea
// so that when JavaScript gathers the formData it is getting it from the textarea
// controls (it doesn't know what to do with TinyMCE):
var shortbio = tinymce.get('shortbio').getContent();
document.getElementById( "shortbio" ).value = shortbio;
var user_notes = tinymce.get('user_notes').getContent();
document.getElementById( "user_notes" ).value = user_notes;
var admin_notes = tinymce.get('admin_notes').getContent();
document.getElementById( "admin_notes" ).value = admin_notes;
// this loads all the controls of the form rather than doing one at a time and fumbling
// with the file object ...:
var formData = new FormData(this);
// ajax call to attempt to upload and save the image:
$.ajax
({
type: "POST",
url: "<?php echo $History_html_RootPath; ?>admin/AjaxCalls/who_update_main_save.php",
data: formData,
dataType: "json", // return value is json array
processData : false,
contentType: false,
success: function(data)
{
// need to see if we have an error, if so, display it, otherwise,
// we should hopefully have success ...
if ( data[0].toLowerCase().includes( "error" ) )
{
var errormsg = "<div class='alert alert-danger'>"+data+"</div>";
document.getElementById("who_message").innerHTML = errormsg;
return;
}
else
{
// success!
// update things on screen, so we don't get confused using the data array returned
// from PHP:
document.getElementById("namecode").value = data[0];
document.getElementById("region").value = data[1];
document.getElementById("local").value = data[2];
document.getElementById("preferredtitle").value = data[3];
document.getElementById("shortbio").value = data[4];
tinymce.get('shortbio').setContent( data[4] );
document.getElementById("headshotphoto").value = data[5];
document.getElementById("photographername").value = data[6];
document.getElementById("photographerlink").value = data[7];
document.getElementById("user_notes").value = data[8];
tinymce.get('user_notes').setContent( data[8] );
document.getElementById("admin_notes").value = data[9];
tinymce.get('admin_notes').setContent( data[9] );
// clear out the upload file control:
//document.getElementById("headshotphoto").value = "";
// change the message:
var message = "<div class='alert alert-success'>";
message += "<b>Success!</b> This data has been updated in the <i>holding</i> table.";
message += "</div>";
document.getElementById("who_message").innerHTML = message;
return;
}
} // end success
}); // end ajax call
}) // end of code associated with who_main submit
The PHP file receives the data via post, and I use the PHP function mysqli_real_escape_string() to deal with issues. The one problem with doing this is that it appears to insert backslashes for quotes (single and double), and so on. I just had a thought that might be the cause of the problem, and that is the use of this function, I am not sure. I will test it, but in the meantime. ... I save the data to the table and all is good. If there's a paragraph break, the proper tags are saved out into the table.
<p>Some text</p><p>More text 'quoted text'</p>
When I pass the data back using JSON encoding:
$returndata = array();
$returndata[0] = $namecode;
$returndata[1] = $region;
$returndata[2] = $local;
$returndata[3] = $preferredtitle;
$returndata[4] = $shortbio;
$returndata[5] = $photo_file;
$returndata[6] = $photographername;
$returndata[7] = $photographerlink;
$returndata[8] = $user_notes;
$returndata[9] = $admin_notes;
// done-done:
echo json_encode( $returndata );
return;
The code above (the javascript/Ajax code) comes back looking like:
<p>Some text</p>\r\n<p>More text \'quoted text\'</p>
I need to not have the \r\n and \' (or \") showing up in my text. If I were to save it again like that it gets weirder as the backslashes get duplicated and more. I am sure there's some thing I am missing, but I don't know what it is. This is making me crazy because everything else works exactly as I need it to.
NOTE Added code that I have attempted to use, in PHP, to deal with "escapes", it works for single and double quotes, but not for the \r\n characters -- instead it just strips out the backslash:
function remove_escapes( $string )
{
$string = str_replace ( "\'", "'", $string ); // convert single quote
$string = str_replace ( "\"", """, $string ); // convert double-quote
$string = str_replace ( "\r\n", "", $string ); // remove \r\n
$string = str_replace ( "\\", "", $string ); // remove slash
// anything else giving us heartburn?
return $string;
} // eof: remove_escapes()
If I use this with the json array, I get the letters rn inserted between paragraphs:
$returndata[8] = remove_escapes( $user_notes );
$returndata[9] = remove_escapes( $admin_notes );
maybe doing something like data.replace(/\n/g, '<br>') this will replace all newline markers with the html newline or data.replace(/\\n/g, '<br>') to look for the characters rather than a newline marker
I have done some testing to examine the data and it appears to be happening because of the mysqli_real_escape_string() function when I get the data from the $_POST() array. If I take that out, I am not getting the \r\n codes. So perhaps the jquery post is passing things in a way I don't need that function? Further testing on the three different text controls shows it working without the need to use mysqli_real_escape_string, and I have some extra functionality to deal with looking for JavaScript and such in the text, so I may be able to simplify the code. Unless someone can tell me a reason not to do this ...?
The mysqli_real_escape_string() is there so that special characters are escaped, this helps prevent hacking attacks like sql injection.
It appears that the only solution I can find is to continue with mysqli_real_escape_string(), but when passing the information back, after saving the changes, re-load the data from the table, which does not display the escape characters and therefore avoids the issue. It seems like a lot of extra data processing, but it's only ever (in my code) one row at a time that is being passed back and forth.
As per this question's related answer, I'm attempting to put together a pack/unpack solution resembling this PHP process, however in Nodejs (Javascript) using md5 and bufferpack
Here's the PHP approach (adapted from DaloRADIUS:
$challenge = 'c731395aca5dcf45446c0ae83db5319e';
$uamsecret = 'secret';
$password = 'password';
$hexchal = pack ("H32", $challenge);
$newchal = pack ("H*", md5($hexchal . $uamsecret));
$response = md5("\0" . $password . $newchal);
$newpwd = pack("a32", $password);
$pappassword = implode ("", unpack("H32", ($newpwd ^ $newchal)));
echo "Response: ---> ", $response, "\n";
echo "New Password: ---> ", $newpwd, "\n";
echo "Pap Password: ---> ", $pappassword, "\n";
The above echos these:
Above in plaintext:
Response: ---> 2d4bd27184f5eb032641137f728c6043
New Password: ---> password
Pap Password: ---> 356a1fb08f909fc400dfe448fc483ce3
In Javascript, here's what I'm doing now:
var challenge = 'c731395aca5dcf45446c0ae83db5319e';
var uamsecret = 'secret';
var password = 'password';
var hexchal = pack.pack("H32", challenge);
var newchal = pack.pack("H*", md5(hexchal + uamsecret));
var response = md5("\0" + password + newchal);
var newpwd = pack.pack("a32", password);
var pappassword = pack.unpack("H32", (newpwd ^ newchal)).join("");
console.log("Response: --> ", response);
console.log("New Password: -->", newpwd);
console.log("Pap Password: --->", pappassword);
Which gives the result:
In JSON:
In plaintext:
Response: --> e8a54a55cbcd81dbc2bdfd9b197d62af
New Password: --> <Buffer >
Pap Password: ---> NaN
All the above snippets are available here: RadiusNES
My understanding in this whole process isn't the best, and will appreciate insights and where I'm going wrong.
Why is there a mismatch?
The translation does not work because the PHP Pack function uses different format strings and returns strings, whilst the Javascript bufferpack module returns arrays. Also you cannot xor strings in Javascript.
Whilst there may be modules to do what you want, I have my own functions for parsing hex strings. Also I like modifying prototypes which not everyone agrees with, but these could be converted to regular functions.
String.prototype.pad = function( length ,padding ) {
var padding = typeof padding === 'string' && padding.length > 0 ? padding[0] : '\x00'
,length = isNaN( length ) ? 0 : ~~length;
return this.length < length ? this + Array( length - this.length + 1 ).join( padding ) : this;
}
String.prototype.packHex = function() {
var source = this.length % 2 ? this + '0' : this
,result = '';
for( var i = 0; i < source.length; i = i + 2 ) {
result += String.fromCharCode( parseInt( source.substr( i , 2 ) ,16 ) );
}
return result;
}
var challenge = 'c731395aca5dcf45446c0ae83db5319e'
,uamsecret = 'secret'
,password = 'password';
var hexchal = challenge.packHex();
var newchal = md5( hexchal + uamsecret ).packHex();
var response = md5( '\0' + password + newchal );
var newpwd = password.pad( 32 );
var pappassword = '';
for( var i = 0; i < newchal.length; i++ ) {
pappassword += ( newpwd.charCodeAt( i ) ^ newchal.charCodeAt( i ) ).toString( 16 );
}
console.log("Response: --> ", response);
console.log("New Password: -->", newpwd);
console.log("Pap Password: --->", pappassword);
Two functions are defined in the String prototype to replace the use of the pack function:
.pad( 32, string ) is used to pad out a string with nulls to give the same results as pack( 'a32', string ). Although not needed here it also takes a second parameter if wanting to pad the string ith a character other than nulls.
.packHex is the equivalent of pack( 'H*' ,string ) and translating the code of each pair of hex characters into a character. The function ideally needs more validation to test the string is a valid hex one if is to be used.
After the inputs have been defined, the next four lines instead set variables using these functions rather than pack.
Because Javascript cannot natively xor strings, you then need to use a loop to extract each character, convert it to a numeric, xor those values, then convert the result back into a character to create the pappassword string.
That will return, for me:
Response: --> – "fbfd42ffde05fcf8dbdd02b7e8ae2d90"
New Password: --> – "password������������������������"
Pap Password: ---> – "dcbdacb03f5d38ca33c128b931c272a"
Which is a result, but unfortunately a different on from the PHP code.
This is because my installation of PHP is configured to use ISO-8859-1 encoding internally, whilst Javascript natively uses UTF-16.
This is not a problem in normal use, but it means the respective md5 functions will be seeing different values and therefore return a different hash.
Assuming you are writing an authentication routine using a PHP backend you will obviously need consistent results. There may be modules available to convert the encoding of the Javscript values for compatibility, but it is much easier to make changes to the PHP code.
Because we know the hex strings will be one byte, Javascript is effectively using UTF-8, so PHP can do the same by using the utf8_encode() function to convert the packed hex strings before md5ing them.
Originally I thought that Javascript was internally converting the encoded hex characters into their unicode equivalents because of this, but this was not the case. Instead it was the md5 module being used in Javascript that was performing a UTF-8 conversion on the input.
This leaves two possible options.
1. Use UTF-8 PHP
If possible you can reconfigure your PHP server to use UTF-8 encoding. Or you can change your script to use the utf8_encode() function to mirror the same process as is happening in the Javascript, and convert the hex packed strings to UTF-8 before passing them to md5()
$challenge = 'c731395aca5dcf45446c0ae83db5319e';
$uamsecret = 'secret';
$password = 'password';
$hexchal = pack ("H32", $challenge);
$newchal = pack ("H*", md5(utf8_encode($hexchal) . $uamsecret));
$response = md5("\0" . $password . utf8_encode($newchal));
$newpwd = pack("a32", $password);
$pappassword = implode ("", unpack("H32", ($newpwd ^ $newchal)));
echo "Response: ---> ", $response, "\n";
echo "New Password: ---> ", $newpwd, "\n";
echo "Pap Password: ---> ", $pappassword, "\n";
This then returns the same results as the Javscript:
Response: ---> fbfd42ffde05fcf8dbdd02b7e8ae2d90
New Password: ---> password
Pap Password: ---> dcbdacb03f5d38ca33c128b9310c272a
2. Change the md5 module in Javascript
I am assuming you are using the bluimp JavaScript-MD5 module, as this is what it used by DaloRADIUS routine you linked. You can patch this to bypass the UTF-8 conversion.
There are various ways you can patch this, but on line 259 is the definition of the md5() function itself. This is simply a set of if statements to parse the input options and call the appropriate internal function.
However, the functions called by this block simply provide the UTF-8 input conversion, through a function called str2rstrUTF8() before then call the appropriate functions to provide the actual hashing. You may therefore want to patch the md5() to accept a third parameter to indicate whether the UTF-8 conversion should be applied and then call other functions as appropriate.
However to simply remove the conversion completely the easier way is to change str2rstrUTF8() to return the input unchanged. This function can be found on line 239, changing it to just read as follows will stop the conversion:
function str2rstrUTF8 (input) {
return input
}
Alternatively to remove the redundant function call you can instead just remove the references to it. Change the function starting on line 246 to read as follows:
function rawMD5 (s) {
return rstrMD5(s)
}
The rawHMACMD5() function on line 252 also includes calls to the str2rstrUTF8() function which you may also want to patch for consistency but this is not required for the above routine. That function is called instead when a second parameter is passed to provide a key hash, a feature not available in the native PHP md5() function.
After making either of those changes the Javascript routine now returns the same output as your original (ISO-8859-1 using) PHP code:
Response: --> – "2d4bd27184f5eb032641137f728c6043"
New Password: --> – "password������������������������"
Pap Password: ---> – "356a1fb08f909fc40dfe448fc483ce3"
I have a table inside a form, once a button is clicked a function is called that confirms the contents of the user input (checking to ensure all fields have info). After proceeding through the if statements and no errors are present I want to write the user information to mysql.
I have written the ajax file (see below) and I think my error is how I call the ajax file. Nothing is getting written to the database table and I am not sure what I am doing wrong
<?php
include_once("config.php");
$con = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
$date = $_POST['tDate'];
$species = $_POST['tSpecies'];
$sqrNum = $_POST['tSqrNum'];
$lat = $_POST['tLat'];
$lng = $_POST['tLng'];
$cond = $_POST['tCond'];
$num = $_POST['tNum'];
$hab = $_POST['tHab'];
$behav = $_POST['tBahav'];
$reg = $_POST['tReg'];
mysqli_query($con, "INSERT INTO species_reported (date, species, square_num, lat, long, condition, numbers_obs, habitat, behavior, region)
VALUES ('{$date}', '{$species}', '{$sqrNum}', '{$lat}', '{$lng}', '{$cond}', '{$hab}', '{$behav}', '{$reg}')");
?>
and from within the script
else{
//$(document).ready(function(){
$.ajax({
type: "POST",
url:"ajax_write.php",
data:"date=" + tDate +"&Species="+ tSpecies +"&SqrNum="+ tSqrNum +"&lat=" + tLat + "&lng=" + tLng + "&cond=" + tCond +"&num=" + tNum + "&hab=" + tHab + "&behav=" + tBahav + "®=" + tReg,
dataType: "dataString",
cache: "true",
success: function(msg,string,jqXHR){
$("#results").html(msg+string+jqXHR);
}
});
}
}
EDIT... I checked my php log and am seeing Undefined index: tSpecies (as well as all other Post['thisHere']. If this is any help to resolving the issue. My understanding was that I could send the data as I have and ajax would allocate contents to the variables in the php file (ie. from jscript.."date=" tDate would get sent to the xjax file and assign the value of tDate (from javascript) to the php variable $date.
The indexes you use in $_POST have to match the parameter names in the $.ajax data: parameter. You have date=, Species=, etc. in the parameter, but you're trying to access $_POST['tDate'], $_POST['tSpecies'], etc. You need to change one of them to match the other.
Also, I recommend you use an object rather than a string as the data: parameter. The values need to be URL-encoded if they contain special characters, and you're not doing that. If you use an object, jQuery takes care of formatting and encoding it for you. So it should be:
data: { tDate: tDate, tSpecies: tSpecies, tSqrNum: tSqrNum, ... },
BTW, EcmaScript6 provides a shorthand for objects where the property names are the same as the variables containing their values:
data: { tdate, tSpecies, tSqrNum, ... },
I have a couple snippets of code which are working correctly in that they pass the desired result, but they are not working in the way that I would like them to in that I think the code can be improved.
As I will explain more clearly in a minute, my question is on whether I am able to call an element out of a multidimensional array in a different way than I do in the snippet, although the snippet works I just think it is less than ideal.
A jQuery AJAX function:
jQuery("form.everglades_user_submit").submit(function(event){
event.preventDefault();
var user_submit_data = jQuery(".everglades_user_submit").serialize();
jQuery.ajax({
type: "POST",
url: "' . $db_script_location . '",
data: {action: "zip_form", action_data: user_submit_data}
}).done(function(response){
alert("success. response: " + response);
}).fail(function(response){
alert("failure. response: " + response);
});
});
Sends data to a PHP file containing a MySQL query, then passes back a database response to an alert:
if ($_POST["action"] == "zip_form") {
$database_var = mysqli_connect('localhost',/*******************/);
if (!$database_var) {
die( 'Could not connect to database. Error: ' . mysqli_error($database_var) );
} else {
$submitted_zip = $_POST["action_data"];
$modified_data = str_replace("user_zip=","", $submitted_zip);
echo "submitted: " . $submitted_zip . ". Modified : " . $modified_data;
$query = "SELECT * FROM cust_db_fl_sen WHERE rep_zip = '" . $modified_data . "'";
$mysqli_result = mysqli_query($database_var, $query);
while($query_result = mysqli_fetch_array($mysqli_result)) {
echo 'Query result, only rep district atm: ' . $query_result['rep_dist'];
}
exit;
}
As you can see, what I have done is to take the submitted data and remove the part I do not want using str_replace(). I would strongly prefer if I could simply call $modified_data in this way, but it returns an illegal string offset error on 'user_zip,' whether I drop the quotes or not:
$modified_data = $_POST["action_data"]["user_zip"];
However, if I replace the user_zip string with a number such as 0 or 1 it returns a letter (u or s, and so on), so it seems to process user_zip=12345 as a literal string rather than the key->value pair I want it to be processed as.
If I were to evaluate the following in response to an AJAX request based on submission of 11111 in the form text field:
echo $_POST["action_data"];
It would result with "user_zip=11111." user_zip is the key for which 11111 would be the value, however I am only interested in the number because this is used to look up the elected representative for the district of the zip code based on a database query.
To summarize: Is the literal string processing approach with str_replace() standard, or is there a simple way to tell the code that we are dealing with a key->value pair, or an array, or so on, so that I can easily extract with my preferred call method or something similar?
you should first check the content coming from client, use
print_r($_POST["action_data"]);
check whether it contains user_zip=1234 or you can use explode function of php in your else part
else {
$submitted_zip = explode("=",$_POST["action_data"]);
$modified_data = submitted_zip[1];
echo "submitted: " . $submitted_zip . ". Modified : " . $modified_data;
$query = "SELECT * FROM cust_db_fl_sen WHERE rep_zip = '" . $modified_data . "'";
$mysqli_result = mysqli_query($database_var, $query);
while($query_result = mysqli_fetch_array($mysqli_result)) {
echo 'Query result, only rep district atm: ' . $query_result['rep_dist'];
}
exit;