[SOLVED] help with ajax form

[gmas]

hellooooooooooo    

 

I need some help on my script. I followed a tutorial somewhere to make an ajax form to add things into the mysql database but I can't seem to make it work right.

 

 

<html>
<head>
<title>Form Posts with Ajax</title>
<script language="javascript" type="text/javascript">
<!--
//Browser Support Code
function ajaxFunction(){

var ajaxRequest; // The variable that makes Ajax possible!

try{
// Opera 8.0+, Firefox, Safari
ajaxRequest = new XMLHttpRequest();
} catch (e){
// Internet Explorer Browsers
try{
ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try{
ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
} catch (e){
// Something went wrong
alert("Your browser broke!");
return false;
}
}
}
// Create a function that will receive data sent from the server
ajaxRequest.onreadystatechange = function(){
if(ajaxRequest.readyState == 4){
var ajaxDisplay = document.getElementById('ajaxDiv');
ajaxDisplay.innerHTML = ajaxRequest.responseText;
}
}


var title = document.getElementById('title').value;
var details = document.getElementById('details').value;
var tags = document.getElementById('tags').value;
   var catname = document.getElementById('catid').value;
var published = document.getElementById('published').value;
var featured = document.getElementById('featured').value;
   var url = document.getElementById('videourl').value;
var picture = document.getElementById('picturelink').value;
var type = document.getElementById('videoservertype').value;
   var code = document.getElementById('videoservercode').value;
var addedby = document.getElementById('addedby').value;
var addeddate = document.getElementById('addeddate').value;
var accesslevel = document.getElementById('accesslevel').value;

var queryString = "?title=" + title + "&details=" + details + "&tags=" + tags + "?catid=" + catid + "&published=" + published + "&featured=" + featured +"?url=" + url + "&picture=" + picture + "&type=" + type +"?code=" + code + "&addedby=" + addedby + "&addeddate=" + addeddate + "&accesslevel=" + accesslevel ;
ajaxRequest.open("GET", "ajaxcall.php" + queryString, true);
ajaxRequest.send(null);
alert(queryString);
}

//-->
</script>

</head>

<body>

<form>   
Title: <input type='text' id='title' /> <br />
Description: <input type='text' id='details' />
<br />
Tags: <input type='text' id='tags' /> <br />
Link: <input type='text' id='url' /> <br />
Thumbnail: <input type='text' id='picture' />
<br />
Type: <input type='text' id='type' /> <br />
<br />
Code: <input type='text' id='code' /> <br />
Added By: <input type='text' id='addedby' /> <br />
Added Date: <input type='text' id='addeddate' />
<br />

Category: <input type='text' id='catid' />


Published ? <select name="published">
		<option value="1">Yes</option>
           <option value="0">No</option>
           </select>
Featured ? <select name="featured">
           <option value="0">No</option>
           <option value="1">Yes</option>
           </select>
Access Level ? <select name="accesslevel">
		<option value="0">0</option>
           <option value="1">1</option>
           <option value="2">2</option>
           </select>

<br/>
   
<input class="button" onClick="ajaxFunction();" value="Enter" type="button">

</form>
<div id='ajaxDiv'>Its Div Named "ajaxDiv". Your result will display here.....</div>

</body>
</html>

 

 

and the ajaxcall.php is

 

<?php

$host = "xxxxxx";
$user = "xxxxxxxxx";
$password = "xxxxxxxx";
$db = "xxxxxxxx";

//Connect to MySQL Server
mysql_connect($host, $user, $password);

//Select Database
mysql_select_db($db) or die(mysql_error());

if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ClientIP = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ClientIP = $_SERVER['REMOTE_ADDR'];
}
//$ClientHost = gethostbyaddr($ClientIP);
$ClientAgent = $_SERVER['HTTP_USER_AGENT'];
$MyTimeStamp = time();


// Retrieve data from Query String
$id = $_GET['id'];
$title = $_GET['title'];
$details = $_GET['itemcomment'];
$tags = $_GET['videotags'];
$catid = $_GET['catid'];
$published = $_GET['published'];
$featured = $_GET['featured'];
$url = $_GET['url'];
$picture = $_GET['picture'];
$type = $_GET['type'];
$code = $_GET['code'];
$addedby = $_GET['addedby'];
$addeddate = $_GET['addeddate'];
$accesslevel = $_GET['accesslevel'];

// Escape User Input to help prevent SQL Injection

$id = mysql_real_escape_string($id);
$title = mysql_real_escape_string($title);
$details = mysql_real_escape_string($details);
$tags = mysql_real_escape_string($tags);
$catid = mysql_real_escape_string($catname);
$published = mysql_real_escape_string($published);
$featured = mysql_real_escape_string($featured);
$url = mysql_real_escape_string($url);
$picture = mysql_real_escape_string($picture);
$type = mysql_real_escape_string($type);
$code = mysql_real_escape_string($code);
$addedby = mysql_real_escape_string($addedby);
$addeddate = mysql_real_escape_string($addeddate);
$accesslevel = mysql_real_escape_string($accesslevel);
//build query
$query = "INSERT INTO items (id, title, itemcomment, videotags, catid, published, featured, url, picture, type, code, addedby, addeddate, accesslevel) VALUES('$id', '$title', '$details', '$tags', '$catid', '$published', '$featured', '$url', '$picture', '$type', '$code', '$addedby','$MyTimeStamp', '$accesslevel')";

//Execute query

// Exit if calling directly the script file!
if ($title != "")
{
$qry_result = mysql_query($query) or die(mysql_error());
echo "Updated Successfully with values IP :$ClientIP<br>Visitor Agent: $ClientAgent<br>title: $title<br>Current Time Stamp: $MyTimeStamp";
}
else
{
echo '<b>Hacking Attempt!!</b><br><br>';
}
?>

 

The two files are in the same folder

 

My items have id that are auto_increment

 

When I try to submit it, nothing went thru even though I was connected to the database ok. I want it to automatically add the id without me telling it to.

 

If anyone can, how can I put a check mark in that make all the fields copy to like 10 other fields so I can add multiple things at once?