0

I'm attempting to call a PHP file and have it return a result (a single record's 'pageLocation') from a database table ('page'). I then want to get that result into a variable, so I can use it while creating an image in html.

Currently, the image is being created but the source is not feeding into it, leaving a default empty image at the correct size.

Javascript:

        // Loads a list of comics created by the user from the database.

        function loadComic()
        {
        var xmlhttp = new XMLHttpRequest();
        var getID = '<?php echo $_SESSION["userID"]; ?>';
        var url = "loadCom.php?userID="+getID;


        xmlhttp.onreadystatechange=function()
        {
            if (xmlhttp.readyState == 4 && xmlhttp.status == 200)
            {
                loadComicJSON(xmlhttp.responseText);
            }
        }

        xmlhttp.open("GET", url, true);
        xmlhttp.send();

        }

        // JSON parsing for 'loadComic'.

        function loadComicJSON(response)
        {
            var arr = JSON.parse(response);
            var i;
            var out = "";

            document.getElementById("loadList").innerHTML="";

            if (arr.length == 0)
            {
                //Non-relevant code affecting layout if no comics are found.
            }
            else
            {   
                out+="<br>";

                for(i = 0; i < arr.length; i++)
                {

// Gets image source from database.

                    imgSrc = "";
                    tempID = arr[i].comicID;
                    $.post("getCover.php", {'comicID':tempID}, function(result)
                    {
                        imgSrc += ("" + result);
                    }
                    );

                    // Creates image item and associated radio button.

                    out += "<hr><br><img name = '" + ('com' + arr[i].comicID) + "' id='" + ('com' + arr[i].comicID) + "' onclick='resizeThumb(this)' height='100px;' src='" + imgSrc + "'><input name='comicList' type='radio' id='" + arr[i].comicID + "' value='" + arr[i].comicID + "'>" + arr[i].comicName + " </option><br><br>";
                }

            }


        }

    </script>

PHP (getCover.php):

<?php
if (isset($_POST["comicID"]))
{
    include_once('includes/conn.inc.php');
    $checkID = $_POST["comicID"];

    $query = ("SELECT FIRST (pageLocation) FROM page WHERE comicID = '$checkID' ORDER BY pageNum");
    $result = mysqli_query($conn, $query);


    $conn->close();
    echo ($result);
}
else
{   
    $checkID = null;
    echo "Error. No comic found.";
}

?>

Thanks for any help provided.

Improve this question
4
  • This is vulnerable to trivial SQL injection. Commented Mar 3, 2015 at 21:30
  • What is in your $result? It seems to me that it is just a mysqli_result. Commented Mar 3, 2015 at 21:30
  • What I'm wanting to get is a file location , for example 'comics/0/0.jpg' where '0.jpg' is the image source I want to load. If $result is the wrong thing to be looking at then what should I be doing to get it? (The query should only return one result by my estimate). Commented Mar 3, 2015 at 21:35
  • @dudeman did what I meant to do. I think he is right :) Commented Mar 3, 2015 at 21:36

1 Answer 1

Reset to default
1

You need to get he data from the result, like:

$row = $result->fetch_assoc()

Also, yes, Jim G is right, you need to escape that POST variable.

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

So in that case I would change the echo line to: echo ($row['pageLocation']); Is this correct? I assume I'd need to maybe put that in a loop.
Yes, you can print_r($row); to see the structure.
It still doesn't seem to be feeding it into the image tag.
I would do print_r($row);die(); then look in my browser debug console under XHR requests to see what that response looks like.
Pardon my ignorance but where would the XHR requests be found if I'm using Firebug
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.