Jump to content

Recommended Posts

I got a very simple html that calls a javascript function

<html>
<head>
	<title>post test</title>
	<script type="text/javascript" src="jscript.js"></script>
</head>

<body onload="postTest();">

</body>

</html>

 

here the javascript (i censored the url)

 

function postTest() {
var str = "something=dog";
var url = "http://www.~~~~~~~~~~~~~/postTest.php";// No question mark needed

xmlReq=new XMLHttpRequest();

xmlReq.open("POST",url,true);
xmlReq.send(str);
console.log("done");
}

 

the postTest.php looks like this:

<?php

include 'config.php';
include 'lib.php';

$db = dbConnect();

$something = quote_smart($_POST['something']);

$query = "INSERT INTO test VALUES ('', '$something')";
$result = insertQuery($query);

dbClose($db);

?>

 

the dbConnect() etc. are some basic functions from the lib.php, those work (100% sure).

 

instead of post, get would also be fine, but none of them works.

 

However if i type manual the url like:

getTest.php?something=dog

 

then dog does get inserted in the database so it probably has to do with my javascript

 

getTest.php

<?php

include 'config.php';
include 'lib.php';

$db = dbConnect();

$something = quote_smart($_GET['something']);

$query = "INSERT INTO test VALUES ('', '$something')";
$result = insertQuery($query);

dbClose($db);

?>

 

Link to comment
https://forums.phpfreaks.com/topic/249862-input-empty-in-database/
Share on other sites

In that URL you censored, is the domain name exactly the same as the URL of the page you're on?

 

Atm yes but that will change.

 

How about you echo the query?

It happens in the background so i don't see the echo.

 

I tried, $query = "INSERT INTO test VALUES ('', 'dog')";

And that works, dog is in the database.

 

So it goes wrong with:

$something = quote_smart($_POST['something']);

 

any ideas?

 

This is quote_smart:

function quote_smart($value) {
if (get_magic_quotes_gpc()) {
	$value = stripslashes($value);
}
if (!is_numeric($value)) {
	$value = mysql_real_escape_string($value);
}
return $value;
}

Ok, i have written a file (at least i learned something  8) )

 

$query: INSERT INTO test VALUES ('', '')

 

So it must be something in the javascript.

I could always try a get method and don't use the xmlReq.send(str); but have the necesarry ?something=blablabla in the var url and send it just with xmlReq.open("POST",url,true);

 

function postTest() {
var str = "something=dog";
var url = "http://www.~~~~~~~~~~~~~/postTest.php";// No question mark needed

xmlReq=new XMLHttpRequest();

xmlReq.open("POST",url,true);
xmlReq.send(str);
console.log("done");
}

someone brought me the solution on a javascript forum, here it is:

 

function postTest() {
var str = "something=dog";
var url = "http://www.~~~~~~~~~~~~~~~~~/postTest.php";// No question mark needed

xmlReq=new XMLHttpRequest();

xmlReq.open("POST",url,true);
xmlReq.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlReq.setRequestHeader("Content-length", str.length);
xmlReq.setRequestHeader("Connection", "close");
xmlReq.send(str);
console.log("done");
}

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.