0

am not sure what is happenning here or what i am doing wrong.

my ajax response from cakephp controller returns null when i do console.log() in chrome developer tool. also when i examine the network tab it says no response. here is my code

view.ctp

var formUrl = "<?php echo Router::url(array('controller' => 'ExamsScores','action' => 'ajaxReturn')); ?>";
        //console.log(form);
        //console.log(exam);
        //console.log(formUrl);
        var string = "form="+form + "&exam="+ exam;
        $.ajax({
            type: "POST",
            url: formUrl,
            data: string,
            dataType: "json",
            success: function(response) {
                console.log(response);
            },
            error: function(xhr,status,error) {
                console.log(status);
            }
        });

controller_action

function ajaxReturn(){
    if($this->RequestHandler->isAjax()){
        $this->autoRender = false;
        $form = $this->request->data['form'];
        $exam = $this->request->data['exam'];
        $results = $this->ExamsScore->query("SELECT concat(students.first_name,' ',students.last_name) as NAME,
            exam_type as EXAM,form_name as FORM,sum(score) as TOTAL,avg(score) as MEAN,exams_scores.admission_no from
            students,exams,forms,exams_scores where (exams_scores.admission_no = students.admission_no) and 
            (exams_scores.exam_id = $exam) and (exams.id = $exam) and (students.form_id = $form) and (forms.id = $form)
            group by exams_scores.admission_no order by TOTAL desc 
            ");
    }
    $jsonData = json_encode($results);
    //print_r($jsonData);
    $this->set('response',$jsonData);

here is the catch..

if i comment out the print_r($jsonData) in the controller..the ajax response is null.. if i dont comment it the response comes back as i expect.

what exactly is causing this to happen and why is the response null because i was only using print_r for debugging purposes.

any help ?

Improve this question
3
  • Are you planning to create a "How to implement SQL Injections" example website? Because that's what your query looks like. book.cakephp.org/2.0/en/models/… Commented Mar 1, 2015 at 18:55
  • its just easier with raw queries other than cakephp find Commented Mar 1, 2015 at 19:05
  • And still you managed to create an SQL injection vulnerability. Commented Mar 1, 2015 at 19:35

2 Answers 2

Reset to default
1

Ok, several things to note.

Reformat your ajax request as the following:

  var url = window.app.url+"/exams/ajaxReturn"; 

  $.ajax({
        type: "POST",
        url: url,
        data: {form:form,exam:exam},
        dataType: "json",
        success: function(response) {
            console.log(response);
        },
        error: function(xhr,status,error) {
            console.log(status);
        }
    });

Notice how the data field has changed to a different format than yours, this will arrive in the php file as $_POST['form'] and $_POST['exam']

Now, your for your php file:

  function ajaxReturn(){

   $this->request->onlyAllow('ajax');
   $this->autoRender = false;
   $this->layout = 'ajax';

   $form = $this->request->data['form'];
   $exam = $this->request->data['exam'];

   // Other code that was omitted for example purposes

   echo json_encode($results);

}

The first 3 lines ensure that it will only accept ajax requests, and it tells cakephp to not render any .ctp file with the method.

Also, notice how the way I return the json object is with an echo. This is the way to return the json back to the ajax.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

thanks Christian.the echo json_encode(); really did what i needed.
@Gordon glad it worked! Would you mind marking it as the answer? Thanks!
0

It says that CakeRequest is now responsible for that. You can find the appropriate paragraph here.

function ajaxReturn(){
    if($this->request->is('ajax')){
        $this->autoRender = false;
        $form = $this->request->data['form'];
        $exam = $this->request->data['exam'];
        $results = $this->ExamsScore->query("SELECT concat(students.first_name,' ',students.last_name) as NAME,
            exam_type as EXAM,form_name as FORM,sum(score) as TOTAL,avg(score) as MEAN,exams_scores.admission_no from
            students,exams,forms,exams_scores where (exams_scores.admission_no = students.admission_no) and 
            (exams_scores.exam_id = $exam) and (exams.id = $exam) and (students.form_id = $form) and (forms.id = $form)
            group by exams_scores.admission_no order by TOTAL desc 
            ");
    }
    $jsonData = json_encode($results);
    //print_r($jsonData);
    $this->set('response',$jsonData);
Improve this answer

1 Comment

tried that and no change.just to ask what has the print_r method got to do with the returned data

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.