why is this not working?
derek.sullivan
30 Dec 2011
I can't seem to find what the issue is. The only thing it isn't doing is processing the post. When I click the button, I get the alert saying it processed, but nothing happens to the data.. Any suggestions? attached is a copy of the PHP file and the JQUERY file
jquery
php:
jquery
$(document).ready(function() {
var setInt = setInterval(function() {
$("#screen").load('messages.html');
}, 100);
});
function submitForm() {
$("#btn").click(function() {
$.ajax({
type: 'POST' ,
url: 'process.php?action=post' ,
data: $("#msg").val() ,
success: function() {
$("#msg").val(' ');
alert('Successful Post!');
}
});
});
return false;
}php:
<?php
$file = "messages.html";
if ($_GET['action'] == 'post') {
$msg = htmlspecialchars($_POST['msg']);
$user = "Derek".rand(0,100);
$old_content = file_get_content($file);
$post = "$user : $msg<br>\n";
$submission = "$post<br>$old_content";
$fp = fopen($file, 'w');
fwrite($fp, $submission);
fclose($fp);
}
?>
1P0
31 Dec 2011
Which version of jQuery are you using?
If you can zip all the files ready to run including jQuery, I can run it and debug it this side.
Are you already using firebug or something to debug client side and ZendStudio to debug server side?
I'll wait for your files.
If you can zip all the files ready to run including jQuery, I can run it and debug it this side.
Are you already using firebug or something to debug client side and ZendStudio to debug server side?
I'll wait for your files.
Hayden
31 Dec 2011
Have you checked the php error log for anything? Perhaps a permissions issue on the file that it is unable to open it or write to it?
JimmyJames
04 Jan 2012
This should fix it
You were using a POST in your ajax call, and looking for a GET variable in your PHP, I also removed the redundant IF statement looking for action=='post', and removed the action parameter from being sent from the AJAX call. The 'msg' parameter is passed using the simple JSON. A bigger JSON might look like this:
An important tip about this trick in IE8, you CANNOT leave a trailing apostrophe ( , ) on the end of the array or object or it will not work (technically IE8 is right this time, other browsers do overlook this syntax error however).
Also added result variable into the AJAX success function, the result variable will contain HTML spit out by the form handler page (added datatype:'HTML' to ajax call). If you prefer to return a JSON to the AJAX call use datatype:'JSON' and in on your PHP page build an array to pass back and apply echo json_encode($thearray); to return an array for javascript handling.
Untested, but should be damn close atleast, cheers!
Edited by JimmyJames, 04 January 2012 - 10:10 PM.
$(document).ready(function() {
var setInt = setInterval(function() {
$("#screen").load('messages.html');
}, 100);
});
function submitForm() {
$("#btn").click(function() {
var msg = $("#msg").val();
$.ajax({
type: 'POST' ,
url: 'process.php' ,
data: {"msg":msg},
datatype:'HTML'
success: function(result) {
$("#msg").val(' ');
alert(result);
}
});
});
return false;
}
$file = "messages.html";
if ($_POST) {
$msg = htmlspecialchars($_POST['msg']);
$user = "Derek".rand(0,100);
$old_content = file_get_content($file);
$post = "$user : $msg
\n";
$submission = "$post
$old_content";
$fp = fopen($file, 'w');
fwrite($fp, $submission);
fclose($fp);
}
?>
You were using a POST in your ajax call, and looking for a GET variable in your PHP, I also removed the redundant IF statement looking for action=='post', and removed the action parameter from being sent from the AJAX call. The 'msg' parameter is passed using the simple JSON. A bigger JSON might look like this:
{
'msg' : 'This is the message',
'name' : 'Batman!',
'email' : '[email protected]'
}
An important tip about this trick in IE8, you CANNOT leave a trailing apostrophe ( , ) on the end of the array or object or it will not work (technically IE8 is right this time, other browsers do overlook this syntax error however).
Also added result variable into the AJAX success function, the result variable will contain HTML spit out by the form handler page (added datatype:'HTML' to ajax call). If you prefer to return a JSON to the AJAX call use datatype:'JSON' and in on your PHP page build an array to pass back and apply echo json_encode($thearray); to return an array for javascript handling.
Untested, but should be damn close atleast, cheers!
Edited by JimmyJames, 04 January 2012 - 10:10 PM.
1P0
05 Jan 2012
nice catch JimmyJames,
I frequently use $_REQUEST
to be sure I can read anything either from $_POST or $_GET.
I frequently use $_REQUEST
to be sure I can read anything either from $_POST or $_GET.
JimmyJames
05 Jan 2012
Thanks 
- be careful using $_REQUEST though as it looks at $_POST, $_GET, and Cookies. Cookies with the same key as a POST or a GET will override the POST or GET which hackers can use to their advantage, this article will explain it a little better, cheers!
http://devlog.info/2...y-is-dangerous/
- be careful using $_REQUEST though as it looks at $_POST, $_GET, and Cookies. Cookies with the same key as a POST or a GET will override the POST or GET which hackers can use to their advantage, this article will explain it a little better, cheers!http://devlog.info/2...y-is-dangerous/
1P0
06 Jan 2012
yes, I guess everything including POST and GET can be "hacked", so depending on the system we need to use https, check user IP on requests after login, check rights on objects he/she want to modify and if we sent something client side, we should encrypt the content of hidden fields saving the key server side in the session if possible.
but all depends on the criticality of the system at hand and how lazy we feel that day
but all depends on the criticality of the system at hand and how lazy we feel that day
JimmyJames
06 Jan 2012
IMHO the goal should be to write a secure web application SSL or not(not that I am a security expert myself 
)
I typically reserve SSL certificates for my E-Commerce customers.
)I typically reserve SSL certificates for my E-Commerce customers.
1P0
09 Jan 2012
sure. It's a good idea to follow the best practices either you have just a few or a full set of tools in your toolbox.
There're plenty of good discussions on "secure session management" out there, like http://stackoverflow...ession-security
In the following days I will need to change a couple of things here at P2L, so I'll be refreshing my mind again on the subject
There're plenty of good discussions on "secure session management" out there, like http://stackoverflow...ession-security
In the following days I will need to change a couple of things here at P2L, so I'll be refreshing my mind again on the subject
artlover
08 May 2013
yep, its actually related to permissions, check the php error log
