I have created a Dynamic HTML-Select whose options are populated by the names of the databases on my server. Upon clicking an option a new .php page is opened (using JQuery). In this new page I would like the database name selected from the previous page to passed as a string which I can use to do MySQL queries.
So what have I tried?
function selectDB() {
$link = mysqli_connect ( 'username', 'root', '' );
$qry = ("SHOW DATABASES");
$db_list = mysqli_query ( $link, $qry );
echo "<select name ='Databases' id='Databases' method='post'>";
while ( $row = mysqli_fetch_array ( $db_list ) ) {
echo "<option value='" . $row [0] . "'>" . $row [0] . "</option>";
}
echo "</select>";
}
JavaScript
$('#Databases').change(function () {
var yourDB = $(this).val();
window.location.assign("test.php");
});
test.php
if (isset ( $_POST ['Databases'] )) {
$dbName = $_POST ['Databases'];
$link = mysqli_connect ( 'username', 'root', '', "'%$dbName%'" );
if (! $link) {
die ( "Connection failed" . mysqli_errno ( $link ) );
}
$qry = "SHOW tables";
$tblist = mysqli_query ( $link, $qry );
return $tblist;
printf ( $tblist );
}
When I run this, I get the whitepageofdeath. Running error_log doesn't show anything. Where am I going wrong??
Just change the url to include the selection as a GET parameter
$('#Databases').change(function () {
var yourDB = $(this).val();
window.location.assign("test.php?db=" + yourDB);
});
The you can access it in your test.php page as a $_GET var
Related
I have 2 dynamic dependent SelectBoxes one with Client Name and the other with Invoice Date with a button to fetch data according to the client name and his date respectively and populate the form fields below. This whole process is completed and was working but due to the date is not fetching the whole process stops. Now client is up to my arse and I don't know what to do. I am not very good with php or js. If you guys can help me with this and try to explain in more easy way I will be in your debt. TIA.
It was working fine but suddenly its fetching client name but not the dates i don't know why. The program was working fine for almost 5 6 months but few days ago this error occurs out of nowhere without any changes.
I tried to creating new Database thinking may be it was the error but it didn't work.
I also restored the code file with the backup but still no luck.
//data.php
<?php
require '../db_connection.php';
header("Access-Control-Allow-Origin: *");
$action = $_GET['action'];
if($action=="getclientRecords"){
getclientRecords($con);
}
function getclientRecords($con){
$id = $_POST['client_id'];
$sql="SELECT `invoice_data`.`item_date` FROM `invoice_data` WHERE `invoice_data`.`client_id`=$id";
$result = mysqli_query($con, $sql);
$results = mysqli_fetch_all($result);
return json_encode($results);
}
$date = $_GET['action'];
if($date=="getclientRecordByDate"){
getclientRecordByDate($con);
}
function getclientRecordByDate($con){
$client_date = $_POST["date"];
$client_id = $_POST["client_id"];
$sql = "SELECT client_name, `item_date`, item_refe, item_parti, balance_amount, item_amnd, item_amnf, item_tax, item_amniw, item_amnif FROM `invoice_data` WHERE `item_date` = '$client_date' AND client_id = '$client_id'";
$result = mysqli_query($con, $sql);
$results = mysqli_fetch_array($result);
echo json_encode($results);
}
?>
Result.
I.E.
Client name = YAP KHIN CHOY
Date: 2 June, 2019, 3 June, 2019, 5 June, 2019
Pressing Fetch Button:
Populate the form below with the relevant data.
In an attempt to solve both the sql vulnerability and the lack of data being returned ( the data was not echoed back to the ajax function ) perhaps the following might help
<?php
require '../db_connection.php';
function getclientRecords( $con=false ){
$id = isset( $_POST['client_id'] ) ? $_POST['client_id'] : false;
if( $con && $id ){
$sql='select `item_date`
from `invoice_data`
where `client_id`=?';
$stmt=$con->prepare( $sql );
$stmt->bind_param( 's', $id );
$stmt->execute();
$result=$stmt->get_result();
$data=[];
while( $rs=$result->fetch_object() ){
$data[]=$rs->item_date;
}
$stmt->free_result();
$stmt->close();
return json_encode( $data );
}
return false;
}
function getclientRecordByDate( $con=false ){
$date = isset( $_POST['date'] ) ? $_POST['date'] : false;
$id = isset( $_POST['client_id'] ) ? $_POST['client_id'] : false;
if( $con && $id && $date ){
$sql = 'select `client_name`, `item_date`, `item_refe`, `item_parti`, `balance_amount`, `item_amnd`, `item_amnf`, `item_tax`, `item_amniw`, `item_amnif`
from `invoice_data`
where `item_date` = ? and client_id = ?';
$stmt=$con->prepare( $sql );
$stmt->bind_param( 'ss', $date, $id );
$stmt->execute();
$result=$stmt->get_result();
$data=[];
while( $rs=$result->fetch_object() ){
$data[]=array(
'client_name' => $rs->client_name,
'item_date' => $rs->item_date,
'item_refe' => $rs->item_refe,
'item_parti' => $rs->item_parti,
'balance_amount' => $rs->balance_amount,
'item_amnd' => $rs->item_amnd,
'item_amnf' => $rs->item_amnf,
'item_tax' => $rs->item_tax,
'item_amniw' => $rs->item_amniw,
'item_amnif' => $rs->item_amnif
);
}
$stmt->free_result();
$stmt->close();
return json_encode( $data );
}
return false;
}
$data=[];
$action = isset( $_GET['action'] ) ? $_GET['action'] : false;
switch( $action ){
case 'getclientRecords':
$data=getclientRecords($con);
break;
case 'getclientRecordByDate':
$data=getclientRecordByDate($con);
break;
default:
$data=['error'=>'no defined action'];
break;
}
header('Access-Control-Allow-Origin: *');
http_response_code( $action ? 200 : 400 );
exit( $data );
?>
I've replicated a graph script from one Wordpress installation to another
It operates using graph_nat and defs.php - Defs stores the DB details
I have not altered the script after migrating but now I'm getting JSON error
I've checked to ensure after object it's true
I'm struggling to figure out the bug, error reporting doesn't include the JSON error only false positives for PHP
<?php
include ('../wp-load.php');
include ('defs.php');
// we need this so that PHP does not complain about deprectaed functions
error_reporting( 0 );
// Connect to MySQL
// constants stored in defs.php
$db = mysqli_connect("localhost", DB_NAT_USER, DB_NAT_PASS, DB_NAT_NAME);
// get user id
$current_user = wp_get_current_user();
$current_user_id = $current_user->ID;
if ( $current_user_id == null || $current_user_id == 0) {
$message = 'User not authorized';
die( $message );
}
if ( !$db ) {
die( 'Could not connect to database' );
}
if (!isset($_GET['id'])) {
$message = 'Missing ID url parameter';
die( $message );
}
$id = $_GET['id'];
$practitionerId = $current_user_id;
$query = "SELECT results FROM submissions WHERE ID = ? AND practitionerId = ?";
$result = [];
if ($stmt = $db->prepare($query)) {
$stmt->bind_param('ss', $id, $practitionerId);
$stmt->execute();
$stmt->bind_result($results);
if ($stmt->fetch()) {
$result = $results;
}
$stmt->close();
}
// decode json from database
$json = json_decode($result, true);
$outputArray = [];
$healthIndex = 100;
if ($json) {
foreach($json as $key=>$val) {
$healthEvents = explode(", ", $val);
// filter out empty strings
$healthEventsFiltered = array_filter($healthEvents, function($value) {
if ($value == '') {
return false;
}
return true;
});
// points to decrease per event
$healthDecrease = (count($healthEventsFiltered))*2;
$healthIndex -= $healthDecrease;
if ($healthIndex<0) {
$healthIndex = 0;
}
// implode array to get description string
$arrayString = implode(",<br>", $healthEventsFiltered);
// age groups
$ageGroup = $key*5;
$ar = array("category" => "Age: " . $ageGroup, "column-1" => $healthIndex, "events" => $arrayString);
array_push($outputArray, $ar);
}
echo json_encode($outputArray, true);
} else {
$message = 'Could not decode JSON: ' . $result;
die( $message );
}
// Close the connection
mysqli_close( $db );
?>
Figured it out, I wasn't passing USER ID in url. It was undefined. I should go back to school
I have a button called rename that when pushed, executes in jQuery a rename.php file. Inside that php file the program selects data from a mysql, creates an array with that data, and processes an array in to json_encode($array);. How can I then get that json encoded array and echo it out into javascript?
I'm trying to echo the array out so that javascript displays my images src's.
This is my second line of ajax so I just wrote the javascript out as if it were php because I'm not sure of the commands or structure in js.
$.ajax
(
{
url:"test4.php",
type: "GET",
data: $('form').serialize(),
success:function(result)
{
/*alert(result);*/
document.getElementById("images_to_rename").innerHTML = foreach(jArray as array_values)
{
"<img src=\""array_values['original_path']"/"array_values['media']"/>";
}
}
}
);
and my jQuery php file:
<?php
include 'db/mysqli_connect.php';
$username = "slick";
if(empty($_GET['image_name']))
{
echo '<div class="refto" id="refto">image_name is empty</div>';
}
else
{
echo '<div class="refto" id="refto">image_name is not empty</div>';
foreach($_GET['image_name'] as $rowid_rename)
{
//echo '<br><p class="colourful">rowid_refto: '.$rowid_refto.'</p><br>';
$active = 1;
$command = "Rename";
$stmt = $mysqli->prepare("UPDATE ".$username." SET active=?, command=? WHERE rowid=?");
$stmt->bind_param("isi", $active, $command, $rowid_rename);
$stmt->execute();
$stmt->close();
}
//go to database, get parameters of sort
$command = "Rename";
$active = 1;
$stmt = $mysqli->prepare("SELECT original_path, media FROM " . $username . " WHERE active=? and command=?");
$stmt->bind_param("is", $active, $command);
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc())
{
$arri[] = $row;
}
foreach($arri as $rows) //put them into workable variables
{
$rowt = $rows['original_path'];
$rowy = $rows['media'];
//echo 'rows[\'original_path\'] = '.$rows['original_path'].''.$rows['media'].'';
}
$stmt->close();
echo json_encode($arri);
?>
<script type="text/javascript">
var jArray= <?php echo json_encode($arri); ?>;
</script>
<?php
}
echo "something2";
?>
My PHP file is a jQuery url:"test4.php", type: "GET", and is not the main file. The main file is called main.php and the test4.php is something that's called in jQuery when the user clicks on rename.
Somebody suggested console log so here's what chrome says:
<div class="refto" id="refto">image_name is not empty</div>[{"original_path":"Downloads","media":"shorter.jpg"},{"original_path":"Album 2","media":"balls.jpg"}] <script type="text/javascript">
var jArray= [{"original_path":"Downloads","media":"shorter.jpg"},{"original_path":"Album 2","media":"balls.jpg"}];
</script>
something2
Your ajax php file isn't render in browser, then the variable jArray is undefined. With your case, let return php file to json and you can get it as variable in result.
<?php
include 'db/mysqli_connect.php';
$username = "slick";
if (empty($_GET['image_name'])) {
//echo '<div class="refto" id="refto">image_name is empty</div>';
} else {
//echo '<div class="refto" id="refto">image_name is not empty</div>';
foreach ($_GET['image_name'] as $rowid_rename) {
//echo '<br><p class="colourful">rowid_refto: '.$rowid_refto.'</p><br>';
$active = 1;
$command = "Rename";
$stmt = $mysqli->prepare("UPDATE " . $username . " SET active=?, command=? WHERE rowid=?");
$stmt->bind_param("isi", $active, $command, $rowid_rename);
$stmt->execute();
$stmt->close();
}
//go to database, get parameters of sort
$command = "Rename";
$active = 1;
$stmt = $mysqli->prepare("SELECT original_path, media FROM " . $username . " WHERE active=? and command=?");
$stmt->bind_param("is", $active, $command);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
$arri[] = $row;
}
foreach ($arri as $rows) { //put them into workable variables
$rowt = $rows['original_path'];
$rowy = $rows['media'];
//echo 'rows[\'original_path\'] = '.$rows['original_path'].''.$rows['media'].'';
}
$stmt->close();
echo json_encode($arri);
//stop render here
die();
}
?>
php file need return only json string. Then we'll get result as json variable in javascript.
And Js:
$.ajax
(
{
url:"test4.php",
type: "GET",
data: $('form').serialize(),
success:function(result)
{
var jArray = JSON.parse(result);
/*alert(result);*/
var txt = "";
jArray.forEach(function(array_values){
txt += `<img src=\""array_values.original_path."/"array_values.media"/>`;
})
document.getElementById("images_to_rename").innerHTML = txt;
}
}
);
I have currently implemented a live search (search as you type) function on text fields. The flow is something like this.
Call a .js file inside the page.
Set the id of the text field to "client-search".
Inside the .js file it is currently listening for on key up events of the "client-search" text field.
If the on key up event is fired, the .js file calls a PHP file that searches the database and returns the output as a list item in an unordered list underneath the "client-search" text field.
This setup currently works but how do implement it in multiple fields inside a single page, since it works using "id" and obviously I can't have multiple IDs in a single page.
HTML:
<div class="input-group">
<input type="text" id="client-search" class="form-control" placeholder="Search for manager...">
<ul class="livesearch" id="client-result" onclick="clickResult()"></ul>
</div>
JS
/* JS File */
// Start Ready
$j(document).ready(function() {
// Icon Click Focus
$j('div.icon').click(function(){
$j('input#client-search').focus();
});
// Live Search
// On Search Submit and Get Results
function search() {
var query_value = $('input#client-search').val();
$j('b#search-string').text(query_value);
if(query_value !== ''){
$j.ajax({
type: "POST",
url: "clientsearch.php",
data: { query: query_value },
cache: false,
success: function(html){
$("ul#client-result").html(html);
}
});
}return false;
}
$j("input#client-search").live("keyup", function(e) {
// Set Timeout
clearTimeout($.data(this, 'timer'));
// Set Search String
var search_string = $(this).val();
// Do Search
if (search_string == '') {
$j("ul#client-result").fadeOut();
}else{
$j("ul#client-result").fadeIn();
$j(this).data('timer', setTimeout(search, 100));
};
});
});
PHP:
<?php
$serverName = "(local)";
$connectionInfo = array( "Database"=>"CMS");
$conn = sqlsrv_connect( $serverName, $connectionInfo);
if( $conn ) {
} else {
echo "Connection could not be established.<br />";
die( print_r( sqlsrv_errors(), true));
}
$html = '';
$html .= '<li value="myLi" class="myLi">';
$html .= '<small>nameString</small>';
$html .= '<small></small>';
$html .= '</li>';
$search_string = $_POST['query'];
//$search_string = preg_replace("/[^A-Za-z0-9]/", " ", $_POST['query']);
if (strlen($search_string) >= 1 && $search_string !== ' ') {
$sql = "SELECT TOP 10 ClientName FROM Client WHERE ClientName LIKE '%" . $search_string . "%'";
$params = array($search_string);
$stmt = sqlsrv_query( $conn, $sql);
while( $row = sqlsrv_fetch_array( $stmt, SQLSRV_FETCH_ASSOC) ) {
$results_array[] = $row;
}
if (isset($results_array)) {
foreach ($results_array as $result) {
$display_function = $result['ClientName'];
$display_name = $result['ClientName'];
$output = str_replace('nameString', $display_name, $html);
//$output = str_replace('functionString', $display_function, $output);
echo($output);
}
}else{
$output = str_replace('nameString', '<b>No Results Found.</b>', $html);
$output = str_replace('functionString', 'Sorry :(', $output);
echo($output);
}
}
?>
Can someone help me with this? My sql code only works if I match only integers like 2=2 but if I change it to like this orange=orange it wont work...can anyone help me figure whats wrong with my code.
index.php:
<script type="text/javascript" src="jquery/jquery-1.11.0.min.js"></script>
<script type="text/javascript" src="jquery.jCombo.min.js"></script>
<form>
Caraga Region: <select name="region" id="region"></select>
Municipalities: <select name="town" id="town"></select>
Unique ID: <select name="uniq_id" id="uniq_id"></select> <br />
</form>
<script type="text/javascript">
$( document ).ready(function() {
$("#region").jCombo({ url: "getRegion.php" } );
$("#town").jCombo({ url: "getTown.php?townid=", parent: "#region", selected_value : '510' } );
$("#uniq_id").jCombo({ url: "getID.php?unqid=", parent: "#town", data: String, selected_value : '150' } );
});
</script>
getRegion.php:
<?php
// Connect Database
mysql_connect("localhost","root","");
mysql_select_db("klayton");
// Execute Query in the right order
//(value,text)
$query = "SELECT id, municipalities FROM regions";
$result = mysql_query($query);
$items = array();
if($result && mysql_num_rows($result)>0) {
while($row = mysql_fetch_array($result)) {
$option = array("id" => $row[0], "value" => htmlentities($row[1]));
$items[] = $option;
}
}
mysql_close();
$data = json_encode($items);
// convert into JSON format and print
$response = isset($_GET['callback'])?$_GET['callback']."(".$data.")":$data;
echo $data;
?>
getTown.php:
<?php
// Connect Database
mysql_connect("localhost","root","");
mysql_select_db("klayton");
// Get parameters from Array
$townid = !empty($_GET['townid'])
?intval($_GET['townid']):0;
// if there is no city selected by GET, fetch all rows
$query = "SELECT town FROM towns WHERE tcode = $townid";
// fetch the results
$result = mysql_query($query);
$items = array();
if($result && mysql_num_rows($result)>0) {
while($row = mysql_fetch_array($result)) {
$option = array("id" => $row['town'], "value" => htmlentities($row['town']));
$items[] = $option;
}
}
mysql_close();
$data = json_encode($items);
echo $data;
?>
getID.php: The problem is in this code. It wont work if I match character to character it only works if its integer=integer.
<?php
// Connect Database
mysql_connect("localhost","root","");
mysql_select_db("klayton");
// Get parameters from Array
$unqid = !empty($_GET['unqid'])
?intval($_GET['unqid']):0;
// if there is no city selected by GET, fetch all rows
$query = "SELECT uid, unq_pos_id FROM tb_uniqid WHERE tb_uniqid.uid = '$unqid'";
// fetch the results
$result = mysql_query($query);
$items = array();
if($result && mysql_num_rows($result)>0) {
while($row = mysql_fetch_array($result)) {
$option = array("id" => $row['uid'], "value" => htmlentities($row['unq_pos_id']));
$items[] = $option;
}
}
mysql_close();
$data = json_encode($items);
echo $data;
?>
(uid)field is stored with character values just like in the (town)field. I want to match it but it won't work.
Try to in getID.php replace:
$unqid = !empty($_GET['unqid'])
?intval($_GET['unqid']):0;
with:
$unqid = !empty($_GET['unqid'])
?$_GET['unqid']:0;
if you want to be able to match strings as well as integers. You see, intval() returns only the integer value of the variable, thus you strip of the other characters when you send a string to that page, and therefore you can't match anything with the code you had before.