First time posting here so be kind!
For some reason when my php script reaches the
if ($beds == 'nopref')
the only way I can get the message to display is with echo $message.
The following line with javascript won't display it like my other pages.
Any ideas?
CODE:
<?php
$beds = $_POST['beds'];
$orientation = $_POST['orientation'];
$checkin = $_POST['checkin'];
$checkout = $_POST['checkout'];
$conn = mysqli_connect("localhost", "user", "password", "name");
if(!$conn)
{
die("Connection failed: " . mysqli_connect_error());
}
if ($beds == 'nopref')
{
$message = "Please select how many beds you'd like";
echo $message;
echo "<script type='text/javascript'>alert('$message');</script>";
}
?>
You have broken text because of ' in you'd. Try this:
$message = htmlspecialchars("Please select how many beds you'd like", ENT_QUOTES);
You can escape a ' in JavaScript like \'
if ($beds == 'nopref')
{
$message = "Please select how many beds you\'d like";
echo $message;
echo '<script>alert("'.$message.'");</script>';
}
try this
print "<script type='text/javascript'>window.alert('$message');</script>";
or
print "<script type='text/javascript'>window.alert('Please select how many beds you had like');</script>";
Try this code:
<?php
$message=htmlspecialchars("Hello World's",ENT_QUOTES);
echo "<script>alert('$message')</script>";
?>
Related
I know this is frequently asked question however I have tried using :
script language='javascript'
placed header in else after alert
script type='text/javascript'
Still I don't get alert box, while else parts executes perfectly.
Here's my code:
<?php
/* header('Content-Type: application/json');
$response = array(); */
if (isset($_GET['sid'])){
$con = mysqli_connect("localhost", "root", "", "kaemiphk_greivance");
if (mysqli_connect_errno()){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$checkdata=mysqli_query($con,"SELECT * FROM officer_master WHERE pf_no = '".$_GET['sid']."'");
$query_data=mysqli_num_rows($checkdata);
if ($query_data == 0) {
//echo alert "welcome";
echo '<script type="text/javascript" src="https://code.jquery.com/jquery-1.11.0.min.js">';
echo "alert('PF No. Does not exist. Please Contact Admin!!!');";
echo '</script>';
}
else{
header('Content-Type: application/json');
$response = array();
$select="SELECT m.officer_name,m.email,m.department,m.mobile_no,m.designation,n.quarter_no,n.address,n.colony,n.blueprint_quarter,n.type_of_quarter, n.area FROM officer_master m, quarter_master n WHERE n.pf_no='".$_GET['sid']."' AND m.pf_no = n.pf_no";
$result = mysqli_query($con, $select); //mysql_query($qry);
while ($row = mysqli_fetch_assoc($result)) {
array_push($response, $row);
}
}
echo json_encode($response);
}
?>
What am I missing here.
Thanks
You have your js files mixed up.
Include jquery and then your script, inside separate tags:
echo '<script type="text/javascript" src="https://code.jquery.com/jquery-1.11.0.min.js" ></script>';
echo '<script type="text/javascript">';
echo "alert('PF No. Does not exist. Please Contact Admin!!!');";
echo '</script>';
By the way, you do NOT need jquery for a simple alert, as it is plain javascript. Try to avoid including external library if not needed, you will end up with a bloated code.
And printing js with php it's a bit of a hack. Why not just print it into your html or js file?
Javascript inside a script tag that has an src attribute does not get executed, you have to create a second script tag after the jquery one.
<?php
/* header('Content-Type: application/json');
$response = array(); */
if (isset($_GET['sid'])){
$con = mysqli_connect("localhost", "root", "", "kaemiphk_greivance");
if (mysqli_connect_errno()){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$checkdata=mysqli_query($con,"SELECT * FROM officer_master WHERE pf_no = '".$_GET['sid']."'");
$query_data = mysqli_num_rows($checkdata);
if ($query_data == 0) {
//echo alert "welcome";
echo '<script type="text/javascript" src="https://code.jquery.com/jquery-1.11.0.min.js">';
echo '</script>';
echo "<script>alert('PF No. Does not exist. Please Contact Admin!!!');</script>";
} else {
header('Content-Type: application/json');
$response = array();
$select="SELECT m.officer_name,m.email,m.department,m.mobile_no,m.designation,n.quarter_no,n.address,n.colony,n.blueprint_quarter,n.type_of_quarter, n.area FROM officer_master m, quarter_master n WHERE n.pf_no='".$_GET['sid']."' AND m.pf_no = n.pf_no";
$result = mysqli_query($con, $select); //mysql_query($qry);
while ($row = mysqli_fetch_assoc($result)) {
array_push($response, $row);
}
}
echo json_encode($response);
}
}
?>
This is my contact-form-handler.php file. After clicking submit button, I want an alert in PHP. I am receiving Mail successfully and redirect to my main page but without an alert message. How can I use the alert box in PHP?
My form is working fine, but this time I stucked in this simple task.
<?php
if(isset($_POST['submit'])){
//$companyMail = 'enesh#gmail.com';
$to = "eneshpal#gmail.com"; // this is your Email address
$customerMail = $_POST['formEmail']; // this is the sender's Email address
$first_name = $_POST['formFirstName'];
$last_name = $_POST['formLastName'];
$phone = $_POST['formPhone'];
$text = $_POST['formText'];
/* foreach($_POST['project_type'] as $project_type_value){} */
$projectType = implode(', ',$_POST['project_type']);
$scopeProject = implode(', ',$_POST['scope_project']);
$project_type_Str = 'Project Type : '.$projectType;
$scope_project_Str = 'Scope of Project : '.$scopeProject;
$subject = "Form Submission";
$message = "Hi, \n\n";
$message .= "First Name: ".$first_name . "\nLast Name: " . $last_name . " \nEmail: " . $customerMail . " \nPhone : " . $phone . "\nDescription: " . $text . "\n";
$message .= $project_type_Str."\n";
$message .= $scope_project_Str;
//$message2 = "Here is a copy of your message " . $first_name . "\n\n" . $_POST['message'];
//$headers = "From:" . $companyMail;
//$headers2 = "From:" . $to;
if(mail($to,$subject,$message)){
//echo 'Mail Sent';
//$message = "Thanks, We Will Contact you Shortly";
//echo "<script type='text/javascript'>alert('$message');</script>";
echo "<script>alert('Thanks, We Will Contact you Shortly');</script>";
header('Location:get_estimation.php');
}else{
echo 'Mail Not Sent';
}
//mail($from,$subject2,$message2,$headers2); // sends a copy of the message to the sender
/*if( "Mail Sent. Thank you " . $first_name . ", we will contact you shortly.")
else die; */
// You can also use header('Location: thank_you.php'); to redirect to another page.
}
?>
In your case it would be better to redirect the user
header('Location:get_estimation.php?success=true');
and pass a GET-parameter.
When the GET-Parameter is set it will display what you want on your get_estimation.php-page
There are many problems with your script, but to answer your key question... you are echo'ing out the javascript code for an alert(), which will in turn prevent your php header('Location:get_estimation.php'); from executing because there has already been output sent to the browser before header was called. See here for more info.
Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP. It is a very common error to read code with include, or require, functions, or another file access function, and have spaces or empty lines that are output before header() is called. The same problem exists when using a single PHP/HTML file.
As per your comment above...
Yes Sir I want just just wish to render a success message after the form has been submitted?
To give you an example of how to achieve what you need for this...
<?php
if (!empty($_GET['success'])) {
echo 'Thanks, we will contact you shortly';
exit;
}
if (isset($_POST['submit'])) {
$to = "eneshpal#gmail.com";
$customerMail = $_POST['formEmail'];
$first_name = $_POST['formFirstName'];
$last_name = $_POST['formLastName'];
$phone = $_POST['formPhone'];
$text = $_POST['formText'];
$projectType = implode(', ', $_POST['project_type']);
$scopeProject = implode(', ', $_POST['scope_project']);
$project_type_Str = 'Project Type : ' . $projectType;
$scope_project_Str = 'Scope of Project : ' . $scopeProject;
$subject = "Form Submission";
$message = "Hi, \n\n";
$message .= "First Name: " . $first_name . "\nLast Name: " . $last_name . " \nEmail: " . $customerMail . " \nPhone : " . $phone . "\nDescription: " . $text . "\n";
$message .= $project_type_Str . "\n";
$message .= $scope_project_Str;
if (mail($to, $subject, $message)) {
header('Location: get_estimation.php?success=1');
exit;
} else {
echo 'Mail Not Sent';
exit;
}
}
To explain, you should not be using a browser-native javascript alert rendered from php to pop-up and notify the user of a form submission success, especially immediately after a redirect. It's just a bad user experience, it hijacks the browser window until they click ok on it and you cannot really style native alert windows etc.
Instead you should redirect with a success GET variable after the mail is sent successfully (back to the original page, presuming that is get_estimation.php in my example - but you can redirect elsewhere to another script). Then you can detect the presence of this variable in the script redirected to and show an appropriate message etc.
echo "Thank You,will contact you soon";
echo "<script>setTimeout(\"location.href = 'get_estimation.php';\",3000); </script>";
In my dropdown list, i put all the "pack_name(s)" the user has posted and I display it all in the list for the user to select and update. So when the user selects one and hits submit, i want to get that "value" submitted and use it for later purposes but ive been researching and only found "pre-set" values with html and the value was given using Jquery. So i wondering if its possible to basically take the "pack_name" selected and when the user hits submit, echo out the selected value.
PHP
<?php
session_start();
if(empty($_FILES) && empty($_POST) && isset($_SERVER['REQUEST_METHOD']) && strtolower($_SERVER['REQUEST_METHOD']) == 'post'){ //catch file overload error...
$postMax = ini_get('post_max_size'); //grab the size limits...
echo "<p style=\"color: #F00;\">\nPlease note files larger than {$postMax} will result in this error!</p>"; // echo out error and solutions...
return $postMax;
}
if(isset($_COOKIE['id'])){
if($_SESSION['came_from_upload'] != true){
setcookie("id", "", time() - 60*60);
$_COOKIE['id'] = "";
header("Location: developerLogin.php");
exit;
}
try{
// new php data object
$handler = new PDO('mysql:host=127.0.0.1;dbname=magicserver', 'root', '');
//ATTR_ERRMODE set to exception
$handler->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}catch(PDOException $e){
die("There was an error connecting to the database");
}
$userid = $_SESSION['id'];
$stmt = $handler->prepare("SELECT * FROM pack_profile WHERE pack_developer_id = :userid");
$stmt->bindParam(':userid', $userid, PDO::PARAM_INT);
$stmt->execute();
echo "<select>";
while($result = $stmt->fetch()){
echo "<option>" . $result['pack_name'] ."</option>";
}
echo "</select>";
if($_SERVER['REQUEST_METHOD'] =="POST"){
$token = $_SESSION['token'];
}
}
?>
You need to give the select element a name attribute, and give each option element a value attribute.
For example:
echo "<select name=\"pack\">";
while($result = $stmt->fetch()){
echo "<option value=\"" . $result['pack_name'] . "\">" . $result['pack_name'] ."</option>";
}
echo "</select>";
Of course you should be escaping anything which could contain &, < or " with something like htmlspecialchars().
what is the error in this statement
<?php
session_start();
$host = "localhost";
$uname = "root";
$pass = "";
$database = "mcndb";
$cons = mysqli_connect($host, $uname, $pass, $database);
mysqli_select_db($cons, $database);
if (!$cons) {
die("Connection failed: " . mysqli_connect_error());
}
if (isset($_POST['username'])) {
date_default_timezone_set("Asia/Bangkok");
$today = date("Y/m/d h:i:s:A");
$username = mysqli_real_escape_string($cons, $_POST['username']);
$password = mysqli_real_escape_string($cons, $_POST['password']);
$firstname = mysqli_real_escape_string($cons, $_POST['firstname']);
$middlename = mysqli_real_escape_string($cons, $_POST['middlename']);
$lastname = mysqli_real_escape_string($cons, $_POST['lastname']);
// $age=mysqli_real_escape_string($cons,$_POST['age']);
$gender = mysqli_real_escape_string($cons, $_POST['gender']);
$email = mysqli_real_escape_string($cons, $_POST['usremail']);
$companyname = mysqli_real_escape_string($cons, $_POST['companyname']);
$position = mysqli_real_escape_string($cons, $_POST['position']);
$contactnumber = mysqli_real_escape_string($cons, $_POST['contactnumber']);
$addresss = mysqli_real_escape_string($cons, $_POST['address']);
$sql = "INSERT INTO tbltry (username,password,email,firstname,middlename,lastname,gender, company_name,position,contact_number,address_of_company,dateofregister)
VALUES ('$username', '$password', '$email','$firstname', '$middlename','$lastname','$gender', '$companyname','$position','$contactnumber','$addresss','$today')";
if ($cons->query($sql) == TRUE) {
echo '<script>';
echo 'alert("Successfully created an account")';
echo '</script>';
} else {
echo '<script>';
echo "Error: " . $sql . "<br>" . $cons->error;
echo 'alert("Account already exist")';
echo '</script>';
}
}
?>
enter image description here
the problem with this is that when ever i try registering a dulicate value to unique column in databse, the error message in the alert dont show up and it does not show any kind of error even in sql it just says Uncaught SyntaxError: Unexpected identifier so what is wrong with my code that the alert for error dont show?
so what is wrong with my code
This:
<script>
Error: some text<br>some more text
alert("Account already exist")
</script>
(And potentially other things, but this seems to be where the error you're currently seeing takes place.)
That first line of JavaScript code isn't actually JavaScript code. It's just text. So Error: (and everything after it) is an unexpected identifier as far as JavaScript is concerned.
I suspect you meant to put that text outside of the script block:
echo "Error: " . $sql . "<br>" . $cons->error;
echo '<script>';
echo 'alert("Account already exist")';
echo '</script>';
I want to make the result comes out in a popup window.
Code:
<?php
$con=mysqli_connect("localhost","root","1234","fyp");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,"SELECT password FROM admin WHERE email = '$_POST[email]' AND Admin = '$_POST[admin]'");
while($row = mysqli_fetch_array($result))
echo "your password is : " . " $row['password']" ;
mysqli_close($con);
?>
Is it possible to make it echoed in popup window like javascript alert messages ??
I have tried this but still not working
echo "<script> alert ("<?php echo 'your password is: ' . '$row['password']'?>")</script>";
I found a maybe strange solution for this a while back.
echo "<style onload=\"jsfunc($row['password']);\"></style>";
//in your html or javascript add this function
<script type='text/javascript'>
function jsfunc(data){
alert(data);
}
</script>
the style tag is invisible and will run the function onload, so when its gets echoed. Also I use the style tag because its one of the few tags where the onload works when you echo it like this.
Its a strange solution but it works.
There are some serious flaws in your code, including it being open to SQL Injection. I'd recommend changing it to look more like this:
$con = new MySQLi("localhost","root","1234","fyp");
if($con->connect_errorno) {
echo "Failed to connect to MySQL: ".$sql->connect_error;
}
$email = $sql->real_escape_string($_POST['email']);
$admin = $sql->real_escape_string($_POST['admin']);
$query = "SELECT password FROM admin WHERE email = '$email' AND Admin = '$admin'";
$result = $sql->query($query);
if($result) {
$row = mysqli_fetch_assoc($result);
$pass = $row['password'];
echo '<script> alert("Your password is '.$pass.'");</script>';
} else {
//do some error handling
}
//the closing of a mysqli connection is not required but
mysqli_close($con);
Real escape string is not 100% proof against injection but is a good place to start with sanitising your inputs. Additionally I would strongly advise against storing your passwords in plain text. Please take a look at the PHP sha1() function or the SQL equivalent when storing the passwords initially.
Use this code
<?php
$alert='your password is: '.$row['password'];
?>
<script>
alert("<?php echo $alert; ?>");
</script>
It will work for sure.