ajax search bar multiple url value - javascript

In ajax url parameter i try to use multiple value to search. one value's data from user what they're enter. The other value will detect event.
but after i enter value there's no result.
here's my code(JS):
var currentURL = window.location.href;
currentURL = currentURL.split("=");
currentURL = currentURL[1];
console.log('php/Search.php?key=%QUERY' + currentURL);
$('#search.typeahead').typeahead({
name: 'typeahead',
remote: 'php/Search.php?key=%QUERY&map='+parseInt(currentURL[1]),
limit: 100
});
here's my code(PHP):
$key = $_GET['key'];
$map = $_POST['map'];
echo $map;
$array = array();
$array2 = array();
list($key2, $map) = split(',_+', $key);
$con = mysql_connect("localhost","test","test");
mysql_set_charset('utf8');
$db = mysql_select_db("test",$con);
$query = mysql_query("select `indicate_id`,`indicate_name` from `map_node` where `indicate_id` LIKE '%{$key}%' and map_sn =".$map." ;");
while ($row = mysql_fetch_assoc($query))
{
$array[] = $row['indicate_id'] ."\n\n". $row['indicate_name'];
}
echo json_encode($array);

Related

PHP get URL value in mysql SELECT

in my current project I want to show statistics in a pie chart with chart.js, but they are different for each team on my page.
I tried to give the WHERE value in the Select in playerOne.php via the URL, but it doesn't seem to work because this PHP file is triggered by a JS function.
I have passed the team_id on the URL via isset get, but this doesn't seem to work.
How can I pass the team_id value on the URL to the query?
playerOne.php
if(isset($_GET['team_id'])) {
$team_id = $_GET['team_id'];
}
$query = "SELECT * FROM user WHERE team_id = 7 LIMIT 1";
$select_team = mysqli_query($connection, $query);
$row = mysqli_fetch_assoc($select_team);
$user_id = $row['user_id'];
$query = "SELECT SUM(game_stats.match_stats_kills) AS Kills, SUM(game_stats.match_stats_deaths) AS Deaths FROM game_stats WHERE game_stats.user_id = $user_id";
$select_kd = mysqli_query($connection, $query);
$data = array();
foreach($select_kd as $row) {
$data[] = $row;
}
mysqli_close($connection);
echo json_encode($data);
stats.js
$(document).ready(function() {
showData();
});
function showData() {
{
($.post("includes/stats/playerOne.php",
function(data) {
var kills = [];
var deaths = [];
for(var i in data) {
kills.push(data[i].Kills)
deaths.push(data[i].Deaths);
}
var pieChartData = {
labels: [
'Kills', 'Deaths'
],
datasets: [
{
backgroundColor: ['#f56954', '#00c0ef'],
data: [kills, deaths]
}
]
};
var pieChartTarget = $('#playerKD').get(0).getContext('2d');
var pieChart = new Chart(pieChartTarget, {
type: 'pie',
data: pieChartData
});
}));
}
}
URL
http://localhost/r6team/team/team.php?team=stats&team_id=7
In your JS, you need to send a GET request and leave room for the ID to be dynamic.
stats.js should look like this:
$(document).ready(function() {
showData(7);
});
function showData(teamId) {
{
($.get("includes/stats/playerOne.php?team_id=" + teamId,
function(data) {
var kills = [];
var deaths = [];
for(var i in data) {
kills.push(data[i].Kills)
deaths.push(data[i].Deaths);
}
var pieChartData = {
labels: [
'Kills', 'Deaths'
],
datasets: [
{
backgroundColor: ['#f56954', '#00c0ef'],
data: [kills, deaths]
}
]
};
var pieChartTarget = $('#playerKD').get(0).getContext('2d');
var pieChart = new Chart(pieChartTarget, {
type: 'pie',
data: pieChartData
});
}));
}
}
playerOne.php should then look like this:
$team_id = 0;//initialize team ID
if(isset($_GET['team_id'])) {
$team_id = $_GET['team_id'];
}
//double quotes are important so the $team_id variable will be interpreted to the value it holds
$query = "SELECT * FROM user WHERE team_id = $team_id LIMIT 1";
$select_team = mysqli_query($connection, $query);
$row = mysqli_fetch_assoc($select_team);
$user_id = $row['user_id'];
$query = "SELECT SUM(game_stats.match_stats_kills) AS Kills, SUM(game_stats.match_stats_deaths) AS Deaths FROM game_stats WHERE game_stats.user_id = $user_id";
$select_kd = mysqli_query($connection, $query);
$data = array();
foreach($select_kd as $row) {
$data[] = $row;
}
mysqli_close($connection);
echo json_encode($data);

API receiving Half Data

I have a PHP API but when I send data to it using a post or get request the API receives half data, I don't know what the issue is. this same API works on the localhost but gives error on the Public server.
API sendrequset URL:
https://peer.infusiblecoder.com/android/loanapp/sendrequesttoperson.php?request_is_seen=hjhj&loan_request_code=100&req_status=hjh&request_sender_user_name=ghjgjh&request_reciver_user_name=hjhjh&request_sender_user_id=jkjkj&request_reciver_user_id=hjhj&request_time_stamp=ghhgjhh
And this is my Api sendrequesttoperson.php
<?php
require 'db.php';
if(isset( $_GET["$req_status_db"]) && isset($_GET["$loan_request_code_db"]) && isset($_GET["$request_sender_user_name_db"]) && isset($_GET["$request_reciver_user_name_db"]) && isset($_GET["$request_sender_user_id_db"]) && isset($_GET["$request_reciver_user_id_db"]) && isset($_GET["$request_is_seen_db"]) && isset($_GET["$request_time_stamp_db"])){
$loan_request_code = $_GET["$loan_request_code_db"];
$request_sender_user_name = $_GET["$request_sender_user_name_db"];
$request_reciver_user_name = $_GET["$request_reciver_user_name_db"];
$request_sender_user_id = $_GET["$request_sender_user_id_db"];
$request_reciver_user_id = $_GET["$request_reciver_user_id_db"];
$request_time_stamp = $_GET["$request_time_stamp_db"];
$request_is_seen = $_GET["$request_is_seen_db"];
$req_status = $_GET["$req_status_db"];
$sql = "select * from $table_requests where $loan_request_code_db like '".$loan_request_code."';";
$result = mysqli_query($con, $sql);
$response = array();
if(mysqli_num_rows($result) > 0){
$code = "failed";
$message = "Request already exists";
array_push($response, array("code" => $code, "message" => $message));
echo json_encode($response);
} else {
$sql = "INSERT INTO $table_requests VALUES (NULL,'$loan_request_code','$request_sender_user_name','$request_reciver_user_name','$request_sender_user_id','$request_reciver_user_id','$request_time_stamp','$request_is_seen','$req_status')";
if (mysqli_query($con, $sql)) {
$code = "success";
$message = "Request sent";
array_push($response, array("code" => $code, "message" => $message));
echo json_encode($response);
echo "Request sent successfully";
} else {
$code = "failed";
$message = "Error: " . $sql . "<br>" . mysqli_error($con);
array_push($response, array("code" => $code, "message" => $message));
echo json_encode($response);
}
//$message = "Thank you for registration";
// array_push($response, array("code" => $code, "message" => $message));
// echo json_encode($response);
}
mysqli_close($con);
}else{
$loan_request_code = $_GET["$loan_request_code_db"];
$request_sender_user_name = $_GET["$request_sender_user_name_db"];
$request_reciver_user_name = $_GET["$request_reciver_user_name_db"];
$request_sender_user_id = $_GET["$request_sender_user_id_db"];
$request_reciver_user_id = $_GET["$request_reciver_user_id_db"];
$request_time_stamp = $_GET["$request_time_stamp_db"];
$request_is_seen = $_GET["$request_is_seen_db"];
$req_status = $_GET["$req_status_db"];
$myresponse = 'Enter missing fields_'.$request_sender_user_name."_".$loan_request_code."_".$request_reciver_user_name."_".$request_sender_user_id."_".$request_reciver_user_id."_".$request_time_stamp."_".$request_is_seen."_".$req_status."_";
echo json_encode($myresponse);
}
?>
And this is my db.php file required for the variable names and db connection
<?php
$host = "localhost";
$db_user = "ur5kq7835fnc4";
$db_password ="ch%2#3/^c<1b";
$db_name = "dbhrzz2e49skck";
//Folder Path
$mainpath = "http://192.168.0.101/android/loanapp/";
$profilepic_folder = "profilepics/";
$fileupload_folder="uploadedFiles/";
$fileuploadfullpath_folder="uploadedFiles/";
// loan request statuses {"pending", "rejected","accepted","awaiting money", "paid out", "completed"};
// Table RegisteredUser attributes:
$table_user = "registered_users";
$user_id_db = "user_id";
$firstname_db = "firstname";
$lastname_db = "lastname";
$address_db = "address";
$whatyoupretend_db = "whatyoupretend";
$fieldofactivity_db = "fieldofactivity";
$phone_db = "phone";
$email_db = "email";
$password_db = "password";
$status_db = "status";
$user_img_url_db = "user_img_url";
// Table LoanRequest attributes:
$table_loan_request = "loan_request";
$loan_id_db = "loan_id";
$loan_request_code_db = "loan_request_code";
$user_full_name_db = "user_full_name";
$user_img_url_request_db = "user_img_url_request";
$loan_amount_db = "loan_amount";
$loan_purpose_db = "loan_purpose";
$loan_collateral_db = "loan_collateral";
$loan_market_value_db = "loan_market_value";
$loan_type_db = "loan_type";
$loan_due_date_db = "loan_due_date";
$loan_doc_urls_db = "loan_doc_urls";
$loan_borrowing_rate_db ="loan_borrowing_rate";
$loan_loan_ratio_db ="loan_loan_ratio";
$loan_status_db = "loan_status";
$loan_paid_out_date_db ="loan_paid_out_date";
$loan_duration_db = "loan_duration";
//loan_duration
//loan_paid_out_date
// Table Requests
$table_loan_request = "loan_request";
$loan_id_db = "loan_id";
$loan_request_code_db = "loan_request_code";
$user_full_name_db = "user_full_name";
$user_img_url_request_db = "user_img_url_request";
$loan_amount_db = "loan_amount";
$loan_purpose_db = "loan_purpose";
$loan_collateral_db = "loan_collateral";
$loan_market_value_db = "loan_market_value";
$loan_type_db = "loan_type";
$loan_due_date_db = "loan_due_date";
$loan_doc_urls_db = "loan_doc_urls";
$loan_borrowing_rate_db ="loan_borrowing_rate";
$loan_loan_ratio_db ="loan_loan_ratio";
$loan_status_db = "loan_status";
$loan_lender_id_db = "loan_lender_id";
$loan_paid_out_date_db ="loan_paid_out_date";
$loan_duration_db = "loan_duration";
/*
Table User attributes:
tbname = registered_users
user_id
firstname
lastname
address
whatyoupretend
fieldofactivity
phone
email
password
status [true,false]
user_img_url
*/
/*
Table LoanRequest attributes:
tbname = loan_request
loan_id
loan_request_code
user_full_name
loan_amount
loan_purpose
loan_collateral
loan_market_value
loan_type
loan_due_date
loan_doc_vehicle_id_url
loan_doc_owner_id_url
loan_doc_insurance_url
loan_status
Vehicle ID,Owner´s ID,Insurance
*/
/*
Table Requests attributes:
tbname = requests
request_id
loan_request_code
request_sender_user_name
request_reciver_user_name
request_sender_user_id
request_reciver_user_id
request_time_stamp
request_is_seen
*/
$con = mysqli_connect($host, $db_user,$db_password,$db_name);
if (!$con){
die("connection failed". mysqli_connect_error());
}
/*
else{
echo "connected susscesful";
}
*/
?>
it gives this result
The problem is $_GET["$req_status_db"]
It should be $_GET["req_status_db"]
You will have to remove $ from all the $_GET keys.
Also, you do not have req_status_db as query param in the URL you have shared.

How to embed Javascript function in restful api in php?

I have the following code in one of api files(DispatchJob_Public) and i need ajax here to call the other file(selectDriverForJobResult) after 2 minutes. I can do that in php with sleep(), but that will keep the server busy. Ajax call is at the end of the php code. Can i embed js in api code? Or is there any alternate to do what i am trying to do.
Moreover i have got response from the first file(DispatchJob_Public), but no response from the second file(selectDriverForJobResult) when i called the endpoint in postman. Because the call wasn't made. If the second file was called, it should have return some response. The strange thing is that i get response from second file when i run it in browser. I think that is because the browser supports the javascript but the call made from android to the end point doesn't support that.
Please can i get any solution for this?
<?php
include_once ('connection.php');
include_once ('fcm_notification.php');
//error_reporting(E_ERROR | E_PARSE);
$user_id = $_REQUEST["user_id"];
$customer_name = $_REQUEST["customer_name"];
$group_id_fk = $_REQUEST["group_id_fk"];
$readynow_checkbox = $_REQUEST["readynow_checkbox"];
$job_points = '';
date_default_timezone_set('Australia/Melbourne');
$date = date('Y-m-d H:i:s');
if(strcasecmp($benefits_type, 'Points') == 0){
if(strcasecmp($fixed_price, '') == 0){
$fixed_price_new = $estimated_price;
}else{
$fixed_price_new = $fixed_price;
}
$sql_job_points = "SELECT `points` FROM `hg_job_points` WHERE '$fixed_price_new' BETWEEN `min_price` AND `max_price`";
$res_jobPoints = mysqli_query($conn, $sql_job_points);
$row_job_points = $res_jobPoints->fetch_assoc();
$job_points = $row_job_points["points"];
}
if(strcasecmp($commission_percent, 'Amount') != 0 && strcasecmp($fixed_price, '') != 0){
$commision_price = ($commission_percent / 100) * $fixed_price;
}
//insert job in job table
$sql = "INSERT INTO `hg_jobs`(`customer_name`, `pickup_address`, `dropoff_address`, `customer_phone`, `instruction`,
`via`, `user_id_fk`, `group_id_fk`, `pickup_time`, `flight_no`, `car_type`, `post_time`)
VALUES ('$customer_name', '$pickup_address', '$dropoff_address', '$customer_phone', '$instruction', '$via', '$user_id', '$group_id_fk',
'$pick_time', '$flight_no', '$car_type', '$date')";
if(mysqli_query($conn, $sql)){
//get job id from jobs table
$job_id = $conn->insert_id;
//insert new record in advance job table
$sql_adv = "INSERT INTO `hg_job_details`(`no_of_passenger`, `no_of_bags`, `child_seats`,
`car_type_specific`, `job_type`, `job_price`, `estimated_amount`, `payment_type`, `benefits_type`, `benefit_percent`,
`benefit_amount`, `job_points`, `ready_now_job`, `job_id_fk`)
VALUES ('$passenger','$bags','$child_seats','$car_type_specific','$job_type','$fixed_price', '$estimated_price',
'$payment_type','$benefits_type','$commission_percent','$commision_price', '$job_points', '$readynow_checkbox', '$job_id') ";
$res_adv = mysqli_query($conn, $sql_adv);
if($res_adv){
echo json_encode(Array('message' => 'job success'));
//get black list users
$sql_black = "SELECT blacklist_user_fk FROM hg_black_list WHERE user_id_fk = '$user_id'";
$res_black = mysqli_query($conn,$sql_black);
//if specif type car is any
if(strcasecmp($car_type_specific, 'ANY') == 0){
if ($res_black->num_rows > 0) {
//get all fcm key and send notification (if blacklist table not empty)
$sql = "SELECT ft.fcm_token from hg_user_notify_token ft
JOIN hg_users AS u ON u.user_id = ft.user_id_fk
JOIN hg_car_details AS cd ON u.user_id = cd.user_id_fk
WHERE u.user_id != '$user_id' AND cd.car_type = '$car_type' AND u.user_id !=
(SELECT blacklist_user_fk FROM hg_black_list WHERE user_id_fk = '$user_id') ";
$result = $conn->query($sql);
while ($keys = mysqli_fetch_assoc($result)){
$token = $keys['fcm_token'];
$title = 'HIRENGO';
$message = 'New Job Request Received';
$activity_to_open = 'new job';
sendPushNotification($token, $title, $message,$activity_to_open);
}
}else{
//get all fcm key and send notification (if blacklist table empty)
$sql = "SELECT ft.fcm_token from hg_user_notify_token ft
JOIN hg_users AS u ON u.user_id = ft.user_id_fk
JOIN hg_car_details AS cd ON u.user_id = cd.user_id_fk
WHERE u.user_id != '$user_id' AND cd.car_type = '$car_type'";
$result = $conn->query($sql);
while ($keys = mysqli_fetch_assoc($result)){
$token = $keys['fcm_token'];
$title = 'HIRENGO';
$message = 'New Job Request Received';
$activity_to_open = 'new job';
sendPushNotification($token, $title, $message,$activity_to_open);
}
}
}else{
//if specific car type
if ($res_black->num_rows > 0) {
//get all fcm key and send notification (if blacklist table not empty)
$sql = "SELECT ft.fcm_token from hg_user_notify_token ft
JOIN hg_users AS u ON u.user_id = ft.user_id_fk
JOIN hg_car_details AS cd ON u.user_id = cd.user_id_fk
WHERE u.user_id != '$user_id' AND cd.car_type = '$car_type'
AND cd.car_type_specific = '$car_type_specific' AND u.user_id !=
(SELECT blacklist_user_fk FROM hg_black_list WHERE user_id_fk = '$user_id') ";
$result = $conn->query($sql);
while ($keys = mysqli_fetch_assoc($result)){
$token = $keys['fcm_token'];
$title = 'HIRENGO';
$message = 'New Job Request Received';
$activity_to_open = 'new job';
sendPushNotification($token, $title, $message,$activity_to_open);
}
}else{
//get all fcm key and send notification (if blacklist table empty)
$sql = "SELECT ft.fcm_token from hg_user_notify_token ft
JOIN hg_users AS u ON u.user_id = ft.user_id_fk
JOIN hg_car_details AS cd ON u.user_id = cd.user_id_fk
WHERE u.user_id != '$user_id' AND cd.car_type = '$car_type'
AND cd.car_type_specific = '$car_type_specific'";
$result = $conn->query($sql);
while ($keys = mysqli_fetch_assoc($result)){
$token = $keys['fcm_token'];
$title = 'HIRENGO';
$message = 'New Job Request Received';
$activity_to_open = 'new job';
sendPushNotification($token, $title, $message,$activity_to_open);
}
}
}
?>
<script>
function callDispatch()
{
nIntervId = window.setInterval(myCallback, 5000);
var baseUrl = document.location.origin;
function myCallback()
{
var user_id = '<?=$GLOBALS["user_id"];?>';
var job_id = '<?=$job_id;?>';
$.ajax({
url: baseUrl+'/android/selectDriverForJobResult.php',
type: 'POST',
dataType : 'json',
data: {'user_id': user_id, 'job_id': job_id} ,
success: function(response) {
clearInterval(nIntervId);
var resp = response.toString();
if (resp.includes('true') === true)
{
console.log('true'+ resp);
}
else
{
console.log(resp);
}
},
error: function(response)
{
console.log('Error in ajax'+response.statusText);
clearInterval(nIntervId);
}
});
}
}
callDispatch();
</script>
<?php
}
} else{
echo json_encode(Array('message' => 'error job post'));
}
$conn->close();
?>

Variable is not defined even though it is?

Hi I'm trying to call a php function when a button is pressed but I keep getting the error in the title.
I'm calling the function like so:
echo("<th><input type='button' name = 'Attack_Btn' onclick = 'FightPlayer(".$row['username'].")' value ='Attack'></th>");
just say the username that it gets from $row['user... is James the error will display
index.php:1 Uncaught ReferenceError: casualjames is not defined
This is the code that it calls next
function FightPlayer(enemyName){
var xhttpe;
if (window.XMLHttpRequest) {
xhttpe = new XMLHttpRequest();
} else {
xhttpe = new ActiveXObject("Microsoft.XMLHTTP");
}
xhttpe.onreadystatechange = function() {
if (this.readyState == 4 && this.status == 200) {
BattlePlayers();
}
};
xhttpe.open("GET", "FightPlayer.php?enemyname="+enemyName, true);
xhttpe.send();
}
and then it calls my php script passing in the variable enemyname for it to use
<?php
session_start();
include 'Training.php';
$link = mysqli_connect("","","","");
if (isset($_SESSION['username'])) {
$enemyname = $_REQUEST["enemyname"];
echo $enemyname;
$energyRemove = 1;
$ExperienceGain = 1;
$sql = "SELECT * FROM userstats WHERE username = '$enemyname'";
$result = mysqli_query($link,$sql);
$row = mysqli_fetch_assoc($result);
$Defence = $row["Defence"];
$winChance = CalculateWinChance($link,$Defence);
$sql = "SELECT Energy FROM userstats WHERE username = '".$_SESSION['username']."'";
$result = mysqli_query($link,$sql);
$row = mysqli_fetch_assoc($result);
$rand = rand ( 1 , 100 );
if($row["Energy"] < 1 ){
echo "<script type='text/javascript'>alert('Not enough energy to fight. please restore in character page');</script>";
}else{
if($rand < $winChance){
$_SESSION['Battlemessage'] = "you won against ".$enemyname;
$sql = "UPDATE userstats SET `Energy` = `Energy` - '$energyRemove' WHERE username = '".$_SESSION['username']."'";
mysqli_query($link,$sql);
$sql = "UPDATE userstats SET `Experience` = `Experience` + '$ExperienceGain' WHERE username = '".$_SESSION['username']."'";
mysqli_query($link,$sql);
$sql = "UPDATE userstats SET `Satoshi` = `Satoshi` + 2 WHERE username = '".$_SESSION['username']."'";
mysqli_query($link,$sql);
}else{
$_SESSION['Battlemessage'] = "you lost against ".$enemyname;
$sql = "UPDATE userstats SET `Energy` = `Energy` - '$energyRemove' WHERE username = '".$_SESSION['username']."'";
mysqli_query($link,$sql);
$sql = "UPDATE userstats SET `Satoshi` = `Satoshi` + 1 WHERE username = '".$enemyname."'";
mysqli_query($link,$sql);
}
echo "";
}
calculateLevel($link);
}
?>
I'm not sure where the error is actually happening I've put my scripts through online code checkers and it all returns normal. Where am I going wrong here?
The string you're passing into your javascript function needs to be quoted, or else it thinks that it's a variable:
echo("<th><input type='button' name = 'Attack_Btn' onclick = 'FightPlayer(\"".$row['username']."\")' value ='Attack'></th>");
Your error is most likely with the onclick...you need to escape quotes in the function argument here:
echo("<th><input type='button' name = 'Attack_Btn' onclick = 'FightPlayer(\"".$row['username']."\")' value ='Attack'></th>");

php returns empty JSON array

I created an array for town name, "Auckland" and "Hamilton", but the response from php is always empty, any idea?
UPDATE:
after debugging, I found that the problem is in php query
" where town = '$town' ", once i deleted this line, the rest works perfectly.
But I still can't figure out why :<
javascript:
var _addNewTowntoList = function(){
if (_request.readyState == 4) {
if (_request.status == 200) {
var data = JSON.parse(_request.responseText);
if(data.length == 0){
alert("No such town");
return;
}
var t = data[0].town;
var o = data[0].outlook;
var min = data[0].min_temp;
var max = data[0].max_temp;
var witem = new WLine(t,o,min,max);
console.log(t+" "+o+" "+min+" "+max);
_list.push(witem);
}
}
}
here is the php
$town = $POST_['town'];
$query = "Select * From weather WHERE town = '$town'";
$result = mysqli_query($conn, $query);
//create array for data
$data = array();
while($row = mysqli_fetch_assoc($result))
{
$data[] = $row;
}
echo json_encode($data);
change this
$town = $POST_['town'];
> $query = "Select * From weather WHERE town = '$town'";
to
$town = $_POST['town'];
$query = "Select * From weather WHERE town = '".$town."'";
Remember to properly escape the query string
$town = mysqli_real_escape_strin($conn, $_POST['town']);
Because else your script is opened to SQL Injection attack
The other thing to mention here other than correct name for the $_POST is that you can use mysqli_fetch_all function to fetch all results at once and avoid the loop. For example
echo json_encode(mysqli_fetch_all($result, MYSQLI_ASSOC));

Categories

Resources