0

I have the following Ajax code to send information from an HTML form to a PHP file. 

   $(document).ready(function(){
         $('#txt').load( '../../do_comment.php' );
     });
     $(function(){
        $("#submit").click(function(e) {
            e.preventDefault();
            var name = $("#user_name").val();
            var comment = $("#user_comment").val();
            var ID = '2'; //must change for each post
            $.ajax({
            type: "POST",
            url: "../../do_comment.php",
            data: {user_name:name, user_comment:comment, ID:ID},
            success: function(){
                $('#txt').load( '../../do_comment.php' );
            },
            error:function(e){alert("it failed");}
            });
        }); 
});

In my PHP file I declare the variables like this: 

$name = $_POST[user_name];
$comment = $_POST[user_comment];
$ID = $_POST[ID];

And correctly populate my database with this:

 if($_POST[user_comment] != Null) {
    $sql = "INSERT INTO $table_name (post_ID, user_name, comments)
    VALUES ('$ID','$name', '$comment')";

    $result = @mysql_query($sql,$connection) or die(mysql_error());

 }

The problem is none of the variables will echo any sort of value, and when I try to query the database it only works if I hard code the ID value in instead of using the variable.

$data = mysql_query("SELECT * FROM $table_name WHERE post_ID = 
 '".mysql_real_escape_string($ID)."'") or
    die(mysql_error());
Improve this question
4
  • In your $_POST invocations you should do $_POST['user_name']; instead of $_POST[user_name]; Notice the quotes. Commented Mar 8, 2013 at 20:39
  • 1
    Also, don't user mysql_query. Use PDO. Search PDO php and use it. Commented Mar 8, 2013 at 20:41
  • You should include in your post what is it your getting echoed back Commented Mar 8, 2013 at 20:47
  • that variables will echo back nothing, meaning they must be null. But if they are null, how come they are populating the database properly? Commented Mar 9, 2013 at 0:37

1 Answer 1

Reset to default
2

Use the following when gathering from $_GET/$_POST/$_REQUEST:

$name = $_POST['user_name'];
$comment = $_POST['user_comment'];
$ID = $_POST['ID'];

Notice the tics. Proper syntax is $_POST[''].

Have you checked the database to make sure the proper values are being inserted?

Also, if the post_id is an integer, don't use tics

SELECT * FROM table WHERE post_ID = 1234

NOTICE: do not use MySQL_*, it has been deprecated in PHP 5.5. Use MySQLi or PDO. Watch out for SQL injections as well, especially when using MySQL_*.

Improve this answer
Sign up to request clarification or add additional context in comments.

14 Comments

I added the tics into the declaration. No luck. My database is being filled with the proper values, which is why this does not make sense to me. Also if I do not use tics around the variable name in the select statement when using a variable, I receive an error.
what's your error? Integers do not use tics and may cause the query to return nothing
also, try echo $data; and see how the query was built
I can hardcode the integers in with no error. But when I try to use the ID variable with the select statement I receive a syntax error.
when I echo $data I get Resource id #4
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.