1

I have a form that generates lots and lots of rows. Each row has an "Add Notes" button like this

<button onclick=\"myFunction()\">Add Note</button>

and it triggers a popup input through this snippet

<script language="JavaScript" type="text/javascript">
    function myFunction() {
        var x;
        var note = prompt("Customer Note","Write your customer note here...");

        if (note != null) {
            document.getElementById("notes").value = note;
            document.getElementById("notesForm").submit();
        } 
    else{
       return false;
        }
    }
</script>

and submits a form through this section

<form action=\"http://calls.fantomworks.com/functions/notes.php\" 
id='notesForm' name='notesForm' method='post'>
    <input type='hidden' id='ID' name='ID' value='{$row['ID']}' />
    <input type='hidden' id='notes' name='notes' />
    </form>

The problem is that the note is getting passed to the top row instead of the correct {$row['ID']}. How do I pass the {$row['ID']} through this popup and back to the form so that it will be gotten in the notes processor below correctly??

$notesID = $_POST['ID'];
$note = $_POST['notes'];
$note = mysql_real_escape_string($note);
$date= date('Y-m-d');

$result = mysql_query("UPDATE Project_Submissions SET 
                       Notes=CONCAT(Notes,'<br />".$date." ".$note."') 
                       WHERE ID ='".$notesID."'");

I am so lost and could really use some help here. Thank you so much in advance!!

Improve this question
3
  • 2
    You are vulnerable to sql injection attacks. Escaping $note is NOT enough. you have to escape ALL external data. Commented Jul 31, 2015 at 21:13
  • As you are new2programming please use the MYSQLI or PDO extensions for you database access. the mysql extension will soon disappear as it is deprecated. Dont waste your time with it. Learn one of the others, please read stackoverflow.com/questions/12859942/… Commented Jul 31, 2015 at 21:56
  • Dont actually understand what youare trying to say, please look at your question with the tought... they are not clarevoyant and the cannot see over my shoulder Commented Jul 31, 2015 at 21:59

1 Answer 1

Reset to default
1

You need to include WHICH row you're working on in, e.g.

while(...) { 
   <button onclick="myFunction(<?php echo $id ?>);">....</button>
}

and then use that function parameter when you do the ajax call.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

THAT DID THE TRICK! THANK YOU! <button onclick=\"myFunction('{$row['ID']}')\">Add Note</button> <script language="JavaScript" type="text/javascript"> function myFunction(ID) { var x; var ID = ID; var note = prompt("Customer Note","Write your customer note here..."); if (note != null) { document.getElementById("notes").value = note; document.getElementById("notesID").value = ID; document.getElementById("notesForm").submit(); } else{ return false; } } </script>

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.