bambinou1980 Posted August 12, 2015 Share Posted August 12, 2015 Hello, I am a bit lost on this one, still new PHP.... I am trying to follow this tutorial here using the PHP/mysqli method: https://css-tricks.com/dynamic-dropdowns/ I am having a real problem, everything is connected and seems to be passing data to the "get" request as I see it in the console but my database data has spaces and it looks like the GET method only takes the first word. ie: This <script> $("#products").change(function() { $("#product_prices").load("getter.php?choice=" + $("#products").val());});</script> Results in this in the console: Uncaught Error: Syntax error, unrecognized expression: Bases 30cm (320gr)ga.error @ jquery.min.js:2ga.tokenize @ jquery.min.js:2ga @ jquery.min.js:2n.fn.extend.find @ jquery.min.js:2(anonymous function) @ jquery.min.js:4n.Callbacks.j @ jquery.min.js:2n.Callbacks.k.fireWith @ jquery.min.js:2x @ jquery.min.js:4n.ajaxTransport.k.cors.a.crossDomain.send.b @ jquery.min.js:4jquery.min.js:4 XHR finished loading: GET "http://site.com/admin/crud/orders/getter.php?choice=Pizza". But the data that should be pulled from the database is: Pizza Bases 30cm (230gr) (with bracket and spaces) But the GET is only taking the first word "pizza" Any idea why please? Here is the full code: Index.php <?php ob_start(); session_start(); $admin_permission = $_SESSION['admin_permission']; if(($admin_permission) == 1){ //Session admin ID equal 1 }else{ header('Location: http://' . $_SERVER['HTTP_HOST'] . '/index.php'); exit(); } ?> <?php include($_SERVER["DOCUMENT_ROOT"] . "/admin/includes/admin-header.php"); ?> <!--Content--> <div class="container-fluid"> <div class="row"> <div class="col-md-12"> <div class="row"> <div class="col-md-3"> </div> <div class="col-md-6"> <h3> Create an Order </h3> <?php // detect form submission if (isset($_POST['submit'])) { // set default values using ternary operator // boolean_test ? value_if_true : value_if_false //It means if $_POST['username'] isset "set it to" $_POST['username'] "or set it to" to "empty" $name = isset($_POST['name']) ? $_POST['name'] : ""; $surname = isset($_POST['surname']) ? $_POST['surname'] : ""; $company = isset($_POST['company']) ? $_POST['company'] : ""; $address = isset($_POST['address']) ? $_POST['address'] : ""; $phone = isset($_POST['phone']) ? $_POST['phone'] : ""; $email = isset($_POST['email']) ? $_POST['email'] : ""; $vat = isset($_POST['vat']) ? $_POST['vat'] : ""; // Escape all strings $name = mysqli_real_escape_string($connection, $name); $surname = mysqli_real_escape_string($connection, $surname); $company = mysqli_real_escape_string($connection, $company); $address = mysqli_real_escape_string($connection, $address); $phone = mysqli_real_escape_string($connection, $phone); $email = mysqli_real_escape_string($connection, $email); $vat = mysqli_real_escape_string($connection, $vat); // 2. Perform database query $query = "INSERT INTO customers (cust_name,cust_surname,cust_company,cust_address,cust_phone,cust_email,cust_vat) VALUES ('{$name}','{$surname}','{$company}','{$address}','{$phone}','{$email}','{$vat}')"; $result = mysqli_query($connection, $query); if ($result) { // Success header("Location: list-customers.php"); } else { // Failure // $message = "Subject creation failed"; die("Database query failed. " . mysqli_error($connection)); header("Location: index.php"); } } else { $name = ""; $surname = ""; $company = ""; $address = ""; $phone = ""; $email = ""; $vat = ""; } ?> <?php $random_number = rand(999 ,99999999999 ); /* $str will now be a string with the value "Glue This Into A String Please" */ ?> <form role="form" method="post" action="index.php"> <div class="form-group"> <label for="order_id"> Order ID </label> <input type="text" name="cust_order_id" class="form-control" value="<?php echo "FP" .$random_number; ?>" readonly="readonly" /> </div> <div class="form-group"> <label for="name_id"> Company * </label> <select name="cust_company" class="form-control" id="cust_company_id"> <?php $query_field1 = "SELECT * FROM customers ORDER BY cust_company desc"; $result_field1 = mysqli_query($connection, $query_field1) or die (mysqli_error()); while($row_field1 = mysqli_fetch_array($result_field1)){ $cust_name = htmlspecialchars($row_field1['cust_name']); $cust_surname = htmlspecialchars($row_field1['cust_surname']); $cust_company = htmlspecialchars($row_field1['cust_company']); $cust_address = htmlspecialchars($row_field1['cust_address']); $cust_phone = htmlspecialchars($row_field1['cust_phone']); $cust_email = htmlspecialchars($row_field1['cust_email']); $cust_vat = htmlspecialchars($row_field1['cust_vat']); ?> <option value="<?php echo $cust_company; ?>" data-name="<?php echo $cust_name; ?>" data-surname="<?php echo $cust_surname; ?>" data-address="<?php echo $cust_address; ?>" data-phone="<?php echo $cust_phone; ?>" data-email="<?php echo $cust_email; ?>" data-vat="<?php echo $cust_vat; ?>"><?php echo $cust_company; ?></option> <?php } ?> </select> </div> <div class="form-group"> <label for="address_id"> Address * </label> <textarea name="cust_address" placeholder="Company's Address" rows="4" cols="50" class="form-control" readonly="readonly" ></textarea> </div> <div class="form-group"> <label for="name_id"> Name * </label> <input type="text" name="cust_name" placeholder="Customer Name" class="form-control" value="" readonly="readonly" /> </div> <div class="form-group"> <label for="surname_id"> Surname * </label> <input type="text" name="cust_surname" placeholder="Customer Surname" class="form-control" value="" readonly="readonly" /> </div> <div class="form-group"> <label for="phone_id"> Phone </label> <input type="text" name="cust_phone" placeholder="Customer Phone" class="form-control" value="" readonly="readonly" /> </div> <div class="form-group"> <label for="email_id"> Email </label> <input type="email" name="cust_email" placeholder="Customer Email" class="form-control" value="" readonly="readonly" /> </div> <div class="form-group"> <label for="vat_id"> V.A.T Number(ie:MT20343324) </label> <input type="text" name="cust_vat" placeholder="V.A.T Number" class="form-control" value="" readonly="readonly" /> </div> <div class="form-group"> <label for="due_date_id"> Due Date * </label> <div class="form-inline well"> <div class="input-append date" id="dp3" data-date="12-02-2012" data-date-format="dd-mm-yyyy"> <input name="due_date" class="form-control" size="25" type="text" id="dp1" value="12-02-2012"> <span class="add-on"><i class="icon-th"></i></span> </div> </div> </div> <script> $('#dp1').datepicker({ format: 'dd-mm-yyyy' }); </script> <?php //Query all the prices $query_field2 = "SELECT * FROM products ORDER BY name desc"; $result_field2 = mysqli_query($connection, $query_field2) or die (mysqli_error()); $number1 = 0; $number2 = 0; $quantity = 0; while($row_field2 = mysqli_fetch_array($result_field2)){ $name = htmlspecialchars($row_field2['name']); $price1 = htmlspecialchars($row_field2['price1']); $price2 = htmlspecialchars($row_field2['price2']); $price3 = htmlspecialchars($row_field2['price3']); ?> <div class="form-inline well"> <label for="product1_id">Choose Product <?php echo ++$number1; ?></label> <div class="form-group"> <!--Product name Select--> <select name="<?php echo "action".++$number2; ?>" class="form-control" id="products"> <?php $query_field3 = "SELECT * FROM products ORDER BY name desc"; $result_field3 = mysqli_query($connection, $query_field3) or die (mysqli_error()); while($row_field3 = mysqli_fetch_array($result_field3)){ $product_name = htmlspecialchars($row_field3['name']); $product_price1 = htmlspecialchars($row_field3['price1']); $product_price2 = htmlspecialchars($row_field3['price2']); $product_price3 = htmlspecialchars($row_field3['price3']); ?> <option value="<?php echo $product_name; ?>" data-product_price1="<?php echo $product_price1; ?>" data-product_price2="<?php echo $product_price2; ?>" data-product_price3="<?php echo $product_price3; ?>"><?php echo $product_name; ?></option> <?php } ?> </select> <!--Price Select--> <select name="<?php echo "action".++$number2; ?>" class="form-control" id="product_prices"> <option>Select the price</option> </select> <label for="product1_id">Qty</label> <input name="<?php echo "quantity".++$quantity; ?>" type="text" class="form-control" maxlength="4" size="4" id="<?php echo "quantity".$quantity; ?>"> </div> </div> <?php } ?> <div class="form-inline well text-center"> <button type="submit" name="submit" class="btn btn-success btn-lg"> Create Order </button> </div> </div> </form> </div> </div> </div> </div> </div> <script> $("#products").change(function() { $("#product_prices").load("getter.php?choice=" + $("#products").val()); }); </script> <script> $('#cust_company_id').change(function() { selectedOption = $('option:selected', this); $('textarea[name=cust_address]').val( selectedOption.data('address') ); $('input[name=cust_name]').val( selectedOption.data('name') ); $('input[name=cust_surname]').val( selectedOption.data('surname') ); $('input[name=cust_phone]').val( selectedOption.data('phone') ); $('input[name=cust_email]').val( selectedOption.data('email') ); $('input[name=cust_vat]').val( selectedOption.data('vat') ); }); </script> <!--Content--> <?php // 5. Close database connection if(isset($connection)){ mysqli_close($connection);} ob_flush(); ?> <?php include($_SERVER["DOCUMENT_ROOT"] . "/admin/includes/admin-footer.php"); ?> And here is the Getter.php <?php $choice = mysqli_real_escape_string($connection, $_GET['choice']); $query = "SELECT price1 FROM products WHERE name='$choice'"; $result = mysqli_query($connection, $query); while ($row = mysqli_fetch_array($result)) { echo "<option>" . $row['price1'] . "</option>"; } ?> I am also just found out that only the first dropdown menu is initiating the getter.php search and not the others....still trying to figure out why. Link to comment https://forums.phpfreaks.com/topic/297756-cleaning-php-variables-before-implementing-them-in-a-javascript-code/ Share on other sites More sharing options...
rwhite35 Posted August 12, 2015 Share Posted August 12, 2015 One thing is your Ternary operator. //change this $name = isset($_POST['name']) ? $_POST['name'] : ""; //to this $name = (isset($_POST['name'])) ? $_POST['name'] : ""; I wasn't able to see where you were passing PHP var to Javascript, however you can try this, it would be cleaner then trying to assign JQuery selector value. var name = <?php echo htmlspecialchars(json_encode($name), ENT_NOQUOTES); ?>; Link to comment https://forums.phpfreaks.com/topic/297756-cleaning-php-variables-before-implementing-them-in-a-javascript-code/#findComment-1518620 Share on other sites More sharing options...
requinix Posted August 12, 2015 Share Posted August 12, 2015 One thing is your Ternary operator. //change this $name = isset($_POST['name']) ? $_POST['name'] : ""; //to this $name = (isset($_POST['name'])) ? $_POST['name'] : ""; Doesn't make a difference. Link to comment https://forums.phpfreaks.com/topic/297756-cleaning-php-variables-before-implementing-them-in-a-javascript-code/#findComment-1518622 Share on other sites More sharing options...
bambinou1980 Posted August 13, 2015 Author Share Posted August 13, 2015 Hi Requinx, What I did actually is do a rawurlencode() in the php output and this worked perfectly:-) Thank you! Ben Link to comment https://forums.phpfreaks.com/topic/297756-cleaning-php-variables-before-implementing-them-in-a-javascript-code/#findComment-1518718 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.