0

Im opening a inappbrowser window for a payment service. After the Payment is done and sucessfull entries in my db will be updated.

user table - rows like

ID - USERNAME - VIPSTATUS - CALLSTATUS

The vipstatus and callstatus gets changed to "1" after payment.When the inappbrowser will be closed i want to get the new data from the vipstatus and callstatus from the user and overwrite the existing localstorage items callstatus and vip status. Username is saved in localstorage as username. Im guessing my ajaxcode is wrong, because it dont work, it dont even load the script.

My Ajax Code

$(document).ready( function() {
                  $("#paybutton").click(function() {
                                        var params = "projectpaymentoption=1195&id=",
                                        usernamepay = window.localStorage.getItem("username"),
                                        paymenturl = params + usernamepay;

                                        $.ajax({
                                               type: 'POST',
                                               url: 'http://www..de/phone/encode.php',
                                               data: $.param({"paymenturl": paymenturl}),
                                               success: function(result) {
                                               var paybrowser = window.open(result,'_blank','location=no','closebuttoncaption=Zurück');

                                               paybrowser.addEventListener('exit',function(event) {


                                               $.ajax({
                                               type: 'POST',
                                               url: 'http://www..de/update.php',
                                               data: $.param({"username": username}),
                                               success: function(data) {
                                               window.localStorage.setItem("vipstatus", data[2]);
                                               window.localStorage.setItem("callstatus",data[3]);
                                      }
                         });
                  }

My UPDATE.PHP Code

<?php 


  $dbhost = "blabla";
  $dbuser = "blabla";
  $dbpass = "blabla";
  $dbname = "blabla";
  $tableName = "user";


  print_r($_POST);
  $user = $_POST['data']['username'];
  print PHP_EOL . $user . PHP_EOL;

  $con = mysqli_connect($dbhost,$dbuser,$dbpass);
  $dbs = mysqli_select_db($dbname, $con);
  $result = mysqli_query("SELECT user$ FROM $tableName");         
  $array = mysqli_fetch_row($result);           
  $conn->close();
  ?>
Improve this question
1
  • 1
    Why don't you tag your posting with JQuery? Commented Jul 7, 2015 at 13:27

2 Answers 2

Reset to default
1

Your Javascript code is not valid Javascript. It misses some closing brackets. Try this:

$(document).ready(function() {
    $("#paybutton").click(function() {
        var params = "projectpaymentoption=1195&id=",
            usernamepay = window.localStorage.getItem("username"),
            paymenturl = params + usernamepay;

        $.ajax({
            type: 'POST',
            url: 'http://www..de/phone/encode.php',
            data: $.param({
                "paymenturl": paymenturl
            }),
            success: function(result) {
                var paybrowser = window.open(result, '_blank', 'location=no', 'closebuttoncaption=Zurück');

                paybrowser.addEventListener('exit', function(event) {

                    $.ajax({
                        type: 'POST',
                        url: 'http://www..de/update.php',
                        data: $.param({
                            "username": username
                        }),
                        success: function(data) {
                            window.localStorage.setItem("vipstatus", data[2]);
                            window.localStorage.setItem("callstatus", data[3]);
                        }
                    });
                });
            }
        });
    });
});
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1 
<?php 

  $dbhost = "blabla";
  $dbuser = "blabla";
  $dbpass = "blabla";
  $dbname = "blabla";
  $tableName = "user";

  $con = mysqli_connect($dbhost,$dbuser,$dbpass);
  $dbs = mysqli_select_db($con, $dbname);

  print_r($_POST);
  $user = mysqli_real_escape_string($con, $_POST['data']['username']);
  print PHP_EOL . $user . PHP_EOL;

  $result = mysqli_query($con, "SELECT $user FROM $tableName");         
  while ($array = mysqli_fetch_row($result)) {
  echo $array['vipstatus'];

  echo $array['callstatus'];
  }           
  $conn->close();
  ?>

Fixed your mysqli_* query. On $result and $dbs.

Improve this answer

7 Comments

Just tidied up the code and sanitized the username, I don't like variables that are not prepared/sanitized.
Technically, that's just a sanitized variable and may not be enough to prevent SQL injection. It would be better to use parameterized queries
When i use that the the variables in local storage for vipstatus will be "a" and for vipstatus "r". @JamieSterling
@mav It will input anything you want it to input into vipstatus.
yeah but i want to get the callstatus and vipstatus from the row for the user and not "a" and "r" :P
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.