Help with AJAX lookup

General PHP Help
#1

Hi all,

I have an issue with a current script… its a ajax script that looks up the database based upon the dropdown selection. Everything works apart from a security measure I’m trying to put in.

My system has several clients with different ID’s, I want my script to lookup based on the selection plus their ID. But the problem I have is passing both values across Client ID & Selection. I tried user session but as the script opens in the background this information doesnt get passed.

My scripts are as follows…
[php][/php]
This is the lookup javascript

User dropdown…
[php]<?php

if (mysqli_connect_errno($db)) {
trigger_error('Database connection failed: ’ . mysqli_connect_error(), E_USER_ERROR);
}

$quote_no = “SELECT client_enq_no, project FROM fms_tbl_enq WHERE client_id= ‘{$_SESSION[‘client_id_of_user’]}’ ORDER BY client_enq_no DESC”;
$result = mysqli_query ($db, $quote_no);

echo “”;
echo “SELECT…”;

while($r = mysqli_fetch_array($result)){
echo ‘’;
echo htmlspecialchars($r[‘client_enq_no’]);
echo ’ (’;
echo htmlspecialchars($r[‘project’]);
echo ‘)’;
echo ‘’;
}
echo “”;
?> [/php]

and this is my lookup script titled enq-fetch-data.php
[php]<?php
include(’…/…/includes/mysqli_connect.php’);

if (mysqli_connect_errno($db)) {
trigger_error('Database connection failed: ’ . mysqli_connect_error(), E_USER_ERROR);
}

$q = intval($_GET[‘q’]);
// below line doenst work
$clientid = $_SESSION[‘client_id_of_user’];

//client id doesnt work unless I manually enter this for example as ‘2’
$sql=“SELECT * FROM fms_tbl_enq WHERE client_id=’”.$clientid."’ AND client_enq_no = ‘".$q."’";
$result = mysqli_query($db,$sql);

while($row = mysqli_fetch_array($result,MYSQLI_ASSOC)) {

echo "<div class='form-group'>";
echo "<label class='col-sm-2'>Client</label>";
echo "<div class='col-sm-4'>";	
echo "<input name='client' class='form-control' type='text' value='". $row['client'] ."'>";
echo "</div>";
echo "</div>";

echo "<div class='form-group'>";
echo "<label class='col-sm-2'>Project</label>";
echo "<div class='col-sm-4'>";	
echo "<input name='project' class='form-control' type='text' value='". $row['project'] ."'>";
echo "</div>";
echo "</div>";

}
mysqli_close($db);
?>[/php]

Any help is appreciated!

#2

Welcome back Dan !

So, how I do this type of function is to just use the id from the user’s table and place into a session variable.
Then, even if you call a sub-file or PHP file using AJAX, you just make sure it checks that value and do whatever is
needed. If you call a file, as you say in the background, it is still tied to the current session so it should work correctly.
Anything dealing with the current browser connection is tied to the one session. (Well, unless you change the session
by messing with the session numbers.)

I noticed that you did not show where you started the session. Is it inside of the file “mysqli_connect.php” ??? Remember,
you need to include the start of the session as the first line of every page even external files that you call by AJAX. It is the
only way that the external file can see your session variables.

What errors are you getting?

#3

Hi ErnieAlex,

Thanks and thanks for your feedback, I didnt realise that I needed to run the session check on the ajax lookup. I’ve added my code to the lookup script and it worked first time!

Thanks for sorting and helping me, I’ll be back with more queries as I’m running into a few issues!

#4

Glad it was just a simple issue… See you in the “bitstream”… Ha! That’s all this really is…

Sponsor our Newsletter | Privacy Policy | Terms of Service