Question

136

Updating Database Using Javascript

rated 0 times [ 137] [ 1] / answers: 1 / hits: 23356 / 15 Years ago, fri, april 3, 2009, 12:00:00

Hopefully this will be the last question I need to ask about this..lol.. I cant be too far of the working solution(hopefully..lol). In reference to this question:

Pass data to database using javascript Onclick

I am trying to pass a value to the database using javascript. Below is the code i am using. And just for visual aid, Ive included a screenshot of what this outputs. Hopefully it will help to explain what im trying to achieve also. The problem im having is the javascript Vote link pretty much does nothing...lol... u click it, and nothing happens. Preferably i would like the links text to simply change to You Voted! once the link has been clicked, and data sent/recieved, but an alert will be fine, as long as i can get this to work and update the database.

Thanks everyone:)

    <?php if(isset($_POST['score'])) {



mysql_query(INSERT INTO score (score_count) VALUES ($_POST[score]));

    }               $user_id = uid();

                $m = mysql_query(SELECT * FROM friends WHERE friend_user_id1 = '$user_id' AND friend_status != '0' LIMIT 15);

                while ($t = mysql_fetch_array($m))

                {

                        $fid = $t[friend_user_id2];

                        $f = mysql_query(SELECT * FROM users WHERE user_status != '' AND user_status_date != '0' AND user_id = '$fid' ORDER BY user_status_date ASC LIMIT 15) or die(mysql_error());



                        while ($rows = mysql_fetch_array($f))

                        {

    $date = parse_date($rows[user_status_date]);

                                echo <div style='margin: 5px;'><table><tr><td valign='top' style='width:55px;'><a href='page.php?id=$rows[user_username]'>;

                                _photo($rows[user_id]);

                                echo '</a></td><td valign=top> <a href=page.php?id='.$rows[user_username].' class=blue><b>'.$rows[user_username].'</b></a> - <span style=font-size:7pt;>'.$date.'</span><span style=font-size:7pt;> - <a href=javascript:(void); onclick=updateScore(this, correct) class=blue>Vote</a></span>

    <br />'.$rows[user_status].'</td><td valign=top></td></tr></table></div>';

                        }

                }

     ?>



    <script type=text/javascript>

    function updateScore(answer, correct) {

      if (answer == correct) {

    $.get('index.php', {'score': '1'}, function(d) {

        alert('Vote Accepted: ' + d);

    });



      }

    }



    </script>

Outputs:

alt text http://www.freeimagehosting.net/uploads/a7185475b8.png

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

stacyl

Add To Favorites

Follow

Total Points: 131

Total Questions: 105

Total Answers: 94

Location: Egypt

Member since Tue, May 3, 2022

2 Years ago

stacyl questions

1 Nextjs Image: was preloaded using link preload but not used within a few seconds from the window's load event

Wed, Aug 17, 22, 00:00, 2 Years ago

1 Mocking fetch with jest.fn() in React

Thu, Jan 28, 21, 00:00, 3 Years ago

1 How to create multi output files?

Sun, Mar 8, 20, 00:00, 4 Years ago

1 How to detect rerenders in React JS correctly?

Tue, Feb 25, 20, 00:00, 4 Years ago

1 Angular: keyCode is deprecated

Tue, Feb 11, 20, 00:00, 4 Years ago

View All

answered 15 Years ago sherryd · Accepted Answer

Wow, where do I begin. Ok, I fixed up your code. Here's a list of the changes

Formatted code for legibility (you need some serious discipline here)

Sanitized inputs before using them in queries (prevents SQL injection)

Added string delimiters to associative array key lookups (prevents E_NOTICE errors)

Escaped potentially dangerous values before printing as HTML (prevents XSS)

Removed awkward echo statements and changed to HTML mode for large output strings instead

Updated javascript to use $.post() instead of $.get() since you read from the $_POST array at the top of the script.

Here's the code:

<?php



if ( isset( $_POST['score'] ) )

{

    $result = mysql_query( INSERT INTO score (score_count) VALUES ( . mysq_real_escape_string( $_POST['score'] ) .  ) );

    echo $result ? 'Vote Succeeded' : 'Vote Failed: ' . mysql_error();

    exit;

}



$user_id = mysql_real_escape_string( uid() );

$m = mysql_query( SELECT * FROM friends WHERE friend_user_id1 = '$user_id' AND friend_status != '0' LIMIT 15 );



while ( $t = mysql_fetch_array( $m ) )

{

    $fid = mysql_real_escape_string( $t['friend_user_id2'] );

    $f = mysql_query( SELECT * FROM users WHERE user_status != '' AND user_status_date != '0' AND user_id = '$fid' ORDER BY user_status_date ASC LIMIT 15 ) or die ( mysql_error() );



    while ( $rows = mysql_fetch_array( $f ) )

    {

        $date = parse_date( $rows['user_status_date'] );

        ?>

        <div style=margin: 5px;>

            <table>

                <tr>

                    <td valign=top style=width:55px;>

                        <a href=page.php?id=<?php echo escapeForHtml( $rows['user_username'] ); ?>>

                            <?php _photo( $rows['user_id'] ); ?>

                        </a>

                    </td>

                    <td valign=top>

                        <a href=page.php?id=<?php echo escapeForHtml( $rows['user_username'] ); ?> class=blue>

                            <b><?php echo escapeForHtml( $rows['user_username'] )?></b>

                        </a> - <span style=font-size:7pt;><?php echo escapeForHtml( $date )?></span>

                        <span style=font-size:7pt;> - <a href=javascript:; onclick=updateScore(this) class=blue>Vote</a></span>

                        <br /><?php echo escapeForHtml( $rows['user_status'] ); ?></td><td valign=top>

                    </td>

                </tr>

            </table>

        </div>

        <?php 

    }

}



function escapeForHtml( $value )

{

    return htmlspecialchars( $value, ENT_COMPAT, 'UTF-8' );

}



?>



<script type=text/javascript>



function updateScore(answer, correct)

{

    if (answer == correct)

    {

        $.post('index.php', {'score': '1'}, function(d)

        {

            alert('Vote Accepted: ' + d);

        });

    }

}



</script>

After I got all that done, I could then clearly see that your success condition for the POST to actually take place is unknown to me. You compare answer to correct but this code snippet doesn't let me see where correct comes from. Once inside the updateScore() function I can see that answer is a reference to the HTMLAnchorElement that was clicked - but what is the source for the value sent into correct?

To be specific, I'm taking about this bolded part here

onclick=updateScore(this, correct)

Edit!

Try this for a version of your function that updates the link after a successful vote

<script type=text/javascript>



function updateScore( answer )

{

    if ( confirm( Are you sure? ) )

    {

        $.post('index.php', {'score': '1'}, function(d)

        {

            alert('Vote Accepted: ' + d);

            $(answer).after(<span>You Voted!</span>).remove();

        });

    }

}



</script>