How to prevent submit script from textarea input - javascript

how can I prevent submitting only script to the database, but all HTML tags should be allowed using the following script I'm using. Please help.
<form name="exthtmlForm" style="height: 100%;">
<fieldset>
<legend>Source Editor</legend>
<div id="editor" name="editor" style="height: 100%;">
<textarea id="iExthtml" style="max-width: 100%; width: 100%; height: 50px; box-sizing: border-box;">
<?php if($exthtml_content!=""){ echo htmlentities($exthtml_content, ENT_QUOTES, 'UTF-8'); } ?>
</textarea>
</div>
</fieldset>
</form>
$(document).on('click','#abtSubmit',function(){
var data = $('#iExthtml').val().replace(/'/g, "\\'");
dataString=$('form[name=exthtmlForm]').serialize();
$.ajax({
type: 'POST',
url: "<?php echo $GLOBALS['base_url'];?>ajax/cpanel/cpanel-ajax.php?mode=UpdateExthtml",
cache: false,
data: { content : data , dpid : <?php echo $dpid; ?> , menuID : <?php echo $MPage; ?> },
dataType: "json",
success: function(data){
if(data.success == "yes"){
if($("#states").length!==1){
$(".error_2525").remove();
$('#abtSubmit').before("<div class='error_2525' id='success_message' style='margin-top: 10px;'>Content updated successfully</div>");
$('#success_message').delay(5000).fadeOut(300, function(){
$('#success_message').remove();
});
}
}
}
});
});


There are two steps to accomplish this. First, you need to pull the default value for the textarea and store it in a javascript variable
jQuery(document.ready(function(){
window.form_exthtmlForm_default = '<?php echo (($exthtml_content!="") ? htmlentities($exthtml_content, ENT_QUOTES, 'UTF-8') : ""); ?>';
}));
Then you need to use this variable (window.form_exthtmlForm_default) on submit to insure that the form is not passing the default value.
Revised submit function:
$(document).on('click','#abtSubmit',function(){
var data = $('#iExthtml').val().replace(/'/g, "\\'");
//Here we will return false if the form has the default textarea value.
if ($('#iExthtml').val() == window.form_exthtmlForm_default) {
//You would want to also provide some sort of frontend
//user message to alert the user to populate the text
return false;
}
dataString=$('form[name=exthtmlForm]').serialize();
$.ajax({
type: 'POST',
url: "<?php echo $GLOBALS['base_url'];?>ajax/cpanel/cpanel-ajax.php?mode=UpdateExthtml",
cache: false,
data: { content : data , dpid : <?php echo $dpid; ?> , menuID : <?php echo $MPage; ?> },
dataType: "json",
success: function(data){
if(data.success == "yes"){
if($("#states").length!==1){
$(".error_2525").remove();
$('#abtSubmit').before("<div class='error_2525' id='success_message' style='margin-top: 10px;'>Content updated successfully</div>");
$('#success_message').delay(5000).fadeOut(300, function(){
$('#success_message').remove();
});
}
}
}
});
});

Related

Using only one js file for multiple php ajax calls

First of all, my intention is to have 1 js file where there are multiple ajax calls. I want these ajax calls, which are php files, to have the same js file inside of it but not doing another request, which makes it to run slow after any click.
Some of my main php file:
<head>
<script src="<?php echo $_SESSION['url'] ?>js/direcinfo.js"></script>
</head>
<body>
<div class="direcciones">
<a href="javascript:void(0)" id="c_menu_direcciones" class="c-menu c_menu_direcciones">
<p>
Direcciones
</p>
</a>
</div>
<div id="cuenta_menu_direcciones" class="c-menu-content">
<h1>Direcciones de correo</h1>
<div id="expand_wrapper_dir">
</div>
</div>
</body>
Js file (direcinfo.js):
$('#c_menu_direcciones').click(function(){
$.ajax({
dataType: "html",
type: "POST",
url: "direcalias.php",
success: function(cntnt){
$("#expand_wrapper_dir").html(cntnt);
}
});
return false;
});
$(".alias-dir-a").click(function(){
var useremail=$("#useremail").val();
var alias=$(this).html();
if(alias==="+")
{
$.ajax({
dataType: "html",
type: "POST",
url: "direcnew.php",
data: "email="+useremail,
success: function(cntnt){
$("#direc-content").html(cntnt);
}
});
return false;
}
});
Ajax loaded file (direcalias.php)
<?php
session_start();
header("Content-Type: text/html; charset=ISO-8859-1");
include_once 'connection.php';
$conn = bbddconnect();
$email=$_SESSION['useremail'];
$query = "SELECT CODIDIR,ALIAS"
. " FROM CLIENTE C,DIRECCION D"
. " WHERE EMAIL LIKE '$email' AND C.CODICNT = D.CODICNT;";
$result3 = mysqli_query($conn,$query)or die(mysqli_error());
$recount = mysqli_num_rows($result3);
echo '<div class="menu-alias madir">';
for($i=0;$i<$recount;$i++)
{
$row = mysqli_fetch_array($result3);
echo '<div class="alias adir ali-'.$i.'">
'.$row['ALIAS'].'
</div>';
}
echo '<div class="alias adir ali-nuevo">
+
</div>
</div>
<div id="direc-content"></div>';
//echo '<script>'.
// 'var url = "'.$_SESSION['url'].'js/direcinfo.js";'.
// '$.getScript(url);'.
// '</script>';
?>
The problem I have is that when the direcalias.php file is called I need to call the js file again (edited part) because if I don't, it does not recognize when I click on $(".alias-dir-a").click(function()). Is what I want to do possible?

It beacuse you call .alias-dir-a before it create. you can use on method
$(document).on("click", ".alias-dir-a", function() {
var useremail=$("#useremail").val();
var alias=$(this).html();
if(alias==="+")
{
$.ajax({
dataType: "html",
type: "POST",
url: "direcnew.php",
data: "email="+useremail,
success: function(cntnt){
$("#direc-content").html(cntnt);
}
});
return false;
}
});

How to submit a form via jQuery if url-parameter is given?

I am trying to make a form be submitted if there is a trigger-parameter in the url. I so far added a code-snippet so automatically insert the parameter into the input field.
This is my current code, working perfectly when using the submit-button or Enter.
e.g => website.com/?lookup=value
<form method="post" name="formid" id="formid">
<?php $paraid = $_GET['lookup']; ?>
<input class="form-control" id="steamid" name="s" value="<?php echo $paraid; ?>" >
<input type="submit" id="invbtn" value="submit" />
</form>
<script>
$('#formid').submit(function() {
var id = $("#steamid").val().replace(/(?:https?\:)?\/\//i, '');
$.ajax({
type: "GET",
data: "s="+id,
url: 'steam.php',
beforeSend:function() {
$("#outputinfo").html("<center><img src='./assets/img/load.gif'></br></br>Wait...</center>");
},success: function(html) {
$("#outputinfo").html(html);
}
});
return false;
});
$(document).ready(function() {
var id = '<?php echo $_GET['s']; ?>';
if (id != null) {
$.ajax({
type: "GET",
data: "s="+id,
url: 'steam.php',
beforeSend:function() {
$("#outputinfo").html("<center><img src='./assets/img/load.gif'></br></br>Wait...</center>");
},success: function(html) {
$("#outputinfo").html(html);
}
});
}
return false;
});
</script>
Thanks in advance.. i hope you guys can help me out..

To submit a form if it has a certain word in the url use:
<?php if(isset($_GET['lookup'}) == 'value') :?> //whatever website.com/?lookup=value is
<script>
$(document).ready(function(){
$('#formid').submit();
});
</script>
<?php endif ?>

confirm user's input and show output then submit form

I would like to take a users form input,ask the user to confirm and show them their selection ,and then submit form to the server only after they have confirm.I am not really sure how to go about this?
Thanks,
Here is my code so far:
<form id="myform" action="form.php" method="post">
<?php
echo "<ul>";
foreach($dir as $item) {
$items = basename($item);
$str = str_replace("+", " ", $items);
if (strpos($str, 'test') === false) {
if (strlen($str) == 3) {
$strs = ucwords(strtoupper($str));
echo "<li><label><input type = 'checkbox' class='check-class' name='chk[]' id='strs[]' value=$items>$strs</label></li>";
} else {
$strs = ucwords($str);
echo "<li><label><input type='checkbox' class='check-class' name='chk[]' id='strs[]' value=$items>$strs</label></li>";
}
}
}
echo "</ul>";
?>
<div style="text-align:center">
<input type="submit" style="font-face:'Comic Sams MS';font-size:larger;color:red;background-color:#FAF0E6;border:3pt ridge lightgrey;" value="Click to Submit">
</div>
</form>
<div id="success"></div>
<script type="text/javascript">
$(function() {
$('#myform').submit(function() {
$.ajax({
data: $(this).serialize(),
type: $(this).attr('method'),
url: $(this).attr('action'),
success: function(data) {
$('#success').html(data);
}
});
return false;
});
});
</script>
Form.php
<html>
<table>
<?php
#$b = str_replace("+"," ",$_POST['chk']);
#echo "<script type='text/javascript'> test() </script>";
echo "You have selected these Folders";
foreach($_POST['chk'] as $val)
{ echo "<tr>";
echo "<td>";
echo str_replace("+"," ",$val);
echo "<tr>";
echo "</td>";
}
?>
</table>
</html>

The simplest method is to use window.confirm.
$('#myform').submit(function() {
var selectedItemsText = '';
$(this).find('input[type="checkbox"]:checked').each(function(){
selectedItemsText += $(this).val() +'\r';
});
if(confirm('Are you sure? You've selected:\r'+selectedItemsText)){
$.ajax({
data: $(this).serialize(),
type: $(this).attr('method'),
url: $(this).attr('action'),
success: function(data) {
$('#success').html(data);
}
});
}
return false;
});
Check out this Fiddle. I've omitted the AJAX for obvious reasons.
There are nicer ways of doing this. You could use a jQuery UI Dialog (or equivalent) for example. But for a quick, dirty, easy solutions - just use confirm.

submitting form with ajax and php

Hi I have a page that lets a user view results for a certain tournament and round
User will select sport then tournament is populated based on sport selection then user will select round which is populated based on tournament selection
When all is done user press Submit button which will look up the results for the result based on tournament and round selected
My code is working great:
mainPage.php
<script type="text/javascript">
$(document).ready(function()
{
$(".sport").change(function()
{
var id=$(this).val();
var dataString = 'id='+ id;
$.ajax
({
type: "POST",
url: "get_sport.php",
dataType : 'html',
data: dataString,
cache: false,
success: function(html)
{
$(".tournament").html(html);
}
});
});
$(".tournament").change(function()
{
var id=$(this).val();
var dataString = 'id='+ id;
$.ajax
({
type: "POST",
url: "get_round.php",
data: dataString,
cache: false,
success: function(html)
{
$(".round").html(html);
}
});
});
});
</script>
get_sport.php
<label>Sport :</label>
<form method="post">
<select name="sport" class="sport">
<option selected="selected">--Select Sport--</option>
<?php
$sql="SELECT distinct sport_type FROM events";
$result=mysql_query($sql);
while($row=mysql_fetch_array($result))
{
?>
<option value="<?php echo $row['sport_type']; ?>"><?php echo $row['sport_type']; ?></option>
<?php
}
?>
</select>
<label>Tournamet :</label> <select name="tournament" class="tournament">
<option selected="selected">--Select Tournament--</option>
</select>
<label>Round :</label> <select name="round" class="round">
<option selected="selected">--Select Round--</option>
</select>
<input type="submit" value="View Picks" name="submit" />
</form>
get_round.php
if($_POST['id'])
{
$id=$_POST['id'];
$sql="SELECT DISTINCT round FROM events WHERE tournament='$id'";
$result=mysql_query($sql);
?>
<option selected="selected">Select Round</option><?php
while($row=mysql_fetch_array($result)){
?>
<option value="<?php echo $row['round'] ?>"><?php echo $row['round'] ?></option>
<?php
}
}
?>
EXAMPLE
Sport=>Football; Tournament=>EPL; Round=>5;
Assuming the above is selected when the user clicks submit the code will query select results from someTable Where sport='Football' AND...
My Problem
I get the data from the selectboxes by using a simple php isset() function
if(isset($_POST['submit'])){
echo $sport=$_POST['sport'];
echo $tour=$_POST['tournament'];
echo $round=$_POST['round'];
:
:
Now my problem is when submit is clicked everything works BUT the form gets reloaded, which is what I don't want
Im looking for an AJAX equivalent of isset() or a way for the data to be submitted without the form reloading
Any ideas/help will greatly be appreciated

There is a different ways to avoid the reload of a submit form.
A solution would be to handle the submit action of the form and return 'false' ( Example here and here) or preventing the default action ( Example here )
You can also replace the input type submit for an input type button (or button), and handle the click button action instead of handling the form submit action. This would be an easy workaround to most of your 'form submit' problems, but is a worst solution in the semantic and valid code point of view.

You can do the form submission from JQuery as an AJAX request and do the resulting in the success.
jQuery(document).ready(function(){
jQuery('#form').submit(function(ev) {
$.ajax({
url : 'url',
type : 'POST',
dataType: 'json',
data : $('#form').serialiseArray(),
success : function( data ) {
// Populate the result
}
});
ev.preventDefault();
});
});

Initially load all the values in Sport: Dropdown
Then dynamically populate the Tournament and Round
// To Trigger Sport Change
$(".sport").change(function () {
var selected_sport = $(".sport").val();
var dataString = 'sport=' + selected_sport;
var urlAddress = "get_sport.php";
$.ajax({
url: urlAddress,
cache: false,
method: 'post',
data: dataString,
dataType: 'html',
success: function (result_data) {
$(".tournament").html(result_data);
// This will append the tournament drop-down dynamically
}
});
});
// To Trigger Tournament Change
$(".tournament").change(function () {
var selected_sport = $(".sport").val();
var selected_tournament = $(".tournament").val();
var dataString = 'sport=' + selected_sport + '&tournament=' + selected_tournament;
var urlAddress = "get_round.php";
$.ajax({
url: urlAddress,
cache: false,
method: 'post',
data: dataString,
dataType: 'html',
success: function (result_data) {
$(".round").html(result_data);
}
});
});
In your Corresponding PHP get_round.php
while ($row = mysqli_fetch_array($result, MYSQL_ASSOC)) {
foreach ($row as $r) {
$round = $r['round'];
echo '<option value = "' . $round . '">' . $round . '</option>';
}
}

Ajax call with javascript not working

I want to try to get some value from page cart.php from and ajax call, but its not working.
Ajax code is below:
function temp_sell(id) {
//var p_id=document.getElementById('temp').value;
alert(p_id);
$.ajax({
type: "POST",
url: "temp_sell.php",
data: "value=" + p_id,
success: function (message) {
alert(message);
$("#your_cart").html(message);
}
});
}
temp_sell.php is below where I want to show some products details
<?php
include("connection.php");
echo $p_id = $_POST['value'];
$qty=1;
$query="SELECT * FROM product WHERE id='$p_id'";
$result=mysql_query($query);
while($data=mysql_fetch_array($result))
{
?>
<form>
<table>
<tr>
<img src="<?php echo "img/".$data['image'];?>"/>
<strong><?php echo $data['pro_name'];?></strong>
<strong><?php echo $data['price'];?></strong>
<input type="text" value="<?php echo $qty;?>"/>
</tr>
</table>
</form>
<?php
}
?>

p_id is undefined, you have commented the p_id value or change temp_sell(p_id).
function temp_sell(p_id)
instead of
function temp_sell(id)
Reference comments : Ajax call with javascript not working

Do this :
function temp_sell(id){
var p_id=document.getElementById('temp').value; // <--- uncomment this line
alert(p_id);
$.ajax({
type: "POST",
url: "temp_sell.php",
data: {value:p_id}, // <--- change this
success: function(message){
alert(message);
$("#your_cart").html(message);
}
});
}

Categories