Jump to content

Having trouble with simple update to database

jakeburg

By jakeburg
in PHP Coding Help

 Share

Recommended Posts

jakeburg Newbie

jakeburg

Posted
Posted

First time poster, and very amateur php coder.  I am trying to delete items that in a list using ajax.  I can't figure out what I am doing wrong.  Any help would be greatly appreciated!

 

Here is a snippet of my javascript... 

    $('.delete-item').click(function() {
        var itemID = $(this).data('itemID');
        var clear = 1;
        $.ajax({
            url: 'includes/delete-item.php',
            method: 'POST',
            data: {
                itemid:itemID,
                clear:1
            },
            success: function(data) {
                $('.content').load('includes/lists.php')
            }
        })
    })

 

and here is the relevant php... 

$item = $_POST['itemid'];
$clear = $_POST['clear'];
$clearSQL = "DELETE FROM `List_Items` WHERE `item_ID` = $item";
$cleared = mysqli_query($connect, $clearSQL);
Link to comment
Share on other sites
Barand Prolific Member

Barand

Posted
Posted (edited)

All you have so far is a string variable containing SQL code, so you are missing a few things. (You whould also be using a prepared query when using data from an external source such as GET or POST)

You need to

[EDIT]

Plus I think you may need some quotes in your ajax parameters 

data: {
                "itemid":itemID,
                "clear":1
            },

 

Edited by Barand
Link to comment
Share on other sites
jakeburg Newbie

jakeburg

Posted
  • Author
Posted

Sorry for omitting the connection string.  It's there.  Here's everything....

php/html 

<?php include 'includes/database.php'; include 'includes/notes.php'; include 'includes/lists.php'; include 'includes/sidebar.php';?>
<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <title>Page Title</title>
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link rel="stylesheet" type="text/css" media="screen" href="normalize.css" />
    <link rel="stylesheet" type="text/css" media="screen" href="notes.css" />
    <script src="https://code.jquery.com/jquery-3.3.1.min.js"
        integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8="
        crossorigin="anonymous"></script>
    <script src="notes.js"></script>
    <script src="jquery-ui.min.js"></script>
</head>
<body>
<div class="container">
    <div class="flex-grid h-100">
        <div class="col w-15 no-flex rounded-corners border h-100">
            <?= $sidebar ?>
        </div>
        <div class="col h-100 content">
            <?= $list ?>
        </div>
    </div>
</div>
</body>
</html>

jquery 

$(document).ready(function() {
    $(".draggable").draggable({
        start: function( event, ui ) {
            $(this).addClass('selected'); 
        },
        stop: function( event, ui ) {
            $(this).removeClass('selected'); 
        }
    });

    $('#add-note-button').click(function() {
        var today = new Date();
        var dd = today.getDate();
        var mm = today.getMonth() + 1;
        var yyyy = today.getFullYear();
        if (dd < 10) {
            dd = '0' + dd;
        }
        if (mm < 10) {
            mm = '0' + mm;
        }
        today = mm + '/' + dd + '/' + yyyy;
        var noteContent = $('#note-content').val();
        $.ajax({
            url:'includes/insert-note.php',
            method:'POST',
            data:{
                note_date:today,
                note:noteContent
            },
           success:function(data){
               if(success == true) {
                   setTimeout(function() {
                       location.reload();
                   }, 1000);
               }
           }
        });
    })
    $('.note').click(function() {
        $('.note').each(function() {
            var zindex = $(this).css('z-index');
            zindex = zindex - 10;
            $(this).css("z-index", zindex);
        })
        $(this).css("z-index", 990);
    })

    $('.delete-item').click(function() {
        var itemID = $(this).data('itemID');
        var clear = 1;
        $.ajax({
            url: 'includes/delete-item.php',
            method: 'POST',
            data: {
                itemid:itemID,
                clear:1
            },
            success: function(data) {
                $('.content').load('includes/lists.php')
            }
        })
    })
})

php that handles submit 

<?php
$host_name = 'db769895448.hosting-data.io';
$database = 'db769895448';
$user_name = 'dbo769895448';
$password = 'xxxxxxxx';
$connect = mysqli_connect($host_name, $user_name, $password, $database);

if (mysqli_connect_errno()) {
    die('<p>Failed to connect to MySQL: '.mysqli_connect_error().'</p>');
}
$item = $_POST['itemid'];
$clear = $_POST['clear'];
$clearSQL = "DELETE FROM `List_Items` WHERE `item_ID` = $item";
$cleared = mysqli_query($connect, $clearSQL);
?>

 

Link to comment
Share on other sites
gw1500se Prolific Member

gw1500se

Posted
Posted

Very bad practice. You need to use prepared statements as suggested by Barand. In the mean time what is the error you are getting or what do you get that you don't expect. I notice that you are not doing any error checking after the query.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.