APPY SHAH APPY SHAH - 1 month ago 7
Ajax Question

Php function call from Javascript function using ajax

Hello everyone I am new to php.
I have been trying out this thing when a user enter a product name need to validate that the product is valid or not.
For that purpose I have used onchange event when the text is entered.The onchange function will call the javascript function.From javascript function I am calling the php which is in the same file.So when I am entering the product name somehow the php function is not working.

Here is my code :

<?php
include 'conf.php';//it contains the php database configuration
session_start();

$quantityRequired=0;
$productName_error="";
if(is_ajax()){
if(isset($_POST["productName"])){
$productName=$_POST["productName"];
$row=mysqli_query($conn,"SELECT * from OrderDetails where ProductName='".$productName."'");
if($row)
{
$result=mysqli_fetch_assoc($row);
$quantityRequired=$result["Quantity"];
}
else
{
$productName_error="The product name is not valid or product does not exist";
echo $productName_error;
}
}
}
function is_ajax() {
$flag=(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
return $flag;
}
?>
<html>
<head>
<title>Order Page </title>
<script type = "text/javascript"
src = "https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script>
</head>
<body>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="POST">
<label for="userName">Username</label><br>
Product Name<input type="text" name="productName" id="productName" onchange="validateProduct()"><?php echo $productName_error?><br>
Quantity Required<input type="text" name="quantityRequired" id="quantityRequired"><br>
Availability<input type="text" name="availability">
<p id="demo"></p>
</form>
<script>
function validateProduct()
{
$.ajax({
type: "POST"
});

}
</script>
</body>
</html>


so the code is when the user enters the product name.The function validate product is called.From validate product it will call the php which is in the same file.
is_ajax()
function is used to check whether it is the ajax request or not.

Answer

There may be other problems I haven't spotted, but the first thing that jumps out to me is that your server-side code runs conditionally:

if(isset($_POST["productName"]))

And that condition was never satisfied because you didn't send any values in the AJAX request:

$.ajax({
    type: "POST"
});

Send the value(s) you're looking for:

$.ajax({
    type: "POST",
    data: { productName: $('#productName').val() }
});

You may also need to specify a couple other options if they don't default correctly. Explicit code is generally better than implicit in many cases:

$.ajax({
    url: 'yourUrl.php',
    type: "POST",
    dataType: 'html',
    data: { productName: $('#productName').val() }
});

In general you'll probably want to check the documentation for $.ajax() and see what you can and should tell it. You'll also want to take a look at your browser's debugging tools to see more specifically why and how it fails when testing these things.

Speaking of things you should do, you should read this and this. Your code is wide open to SQL injection attacks at the moment, which basically means that you are executing as code anything your users send you.