Yes, day. Can someone help me to understand why my code result is not saving for Jason? I'm sure there is an error in my code but it does not seem so. What's going to be worth $ DEPT and the $ box is going to be returned in a warning, but it does not. Thanks
& lt ;? Php function run SQL ($ rsql) {$ hostname = "localhost"; $ Username = "root"; $ Password = ""; $ Dbname = "sample"; $ Connect = mysql_connect ($ hostname, $ user name, $ password) or die ("Error: Can not connect to database"); $ Db = mysql_select_db ($ dbname); $ Result = mysql_query ($ rsql) or die ('test'); Return result; Mysql_close ($ connect); } $ New = 1; $ Items = RTRM ($ _ POST ['item'], ","); $ Sql = "SELECT * FROM 'boxes in' WHERE id ($ item)"; $ Result = run SQL ($ sql); $ I = 0; $ Rows = mysql_num_rows ($ result); While ($ line = mysql_fetch_array ($ result)) {if ($ i & lt; $ rows) {$ dept. $ $ [['Department'] ","; $ Box = $ Row ['custref']. ","; } And {$ Department. = $ Line ['department']; $ Box = $ Row ['custref']; } $ I ++; } / * $ Items = rtrim ($ _ POST ['item'], ","); $ Sql = "UPDATE` boks` SET status = 'deleted' WHERE id ($ items)"; $ Result = runSQL ($ sql); Include * / // $ sql = "` act` (`item`) values (\ '. $ Box.' \ ')"; // $ result = run SQL ($ sql); $ Total = count (explosion (",", $ item)); $ Result = run SQL ($ sql); $ Total = mysql_ffect_ro (); /// Line 18/19 commented for demo purposes. MySQL query has not been executed in this case. When line 18 and 19 are unsupported, the MySQL query will be executed. Header ("End: Mon, 26 July 1997 05:00:00 GMT"); Header ("Last-Modified:" .GMDAT ("D, Dm YH: I: S"). "GMT"); Header ("Cash-Control: No-Cash, Just-Recallidate"); Header ("Prestama: no-cache"); Header ("content-type: text / x-json"); $ Json = ""; $ Json = "{\ N"; $ Json = "Section: '". $ Section ", '\ N"; $ Json = "Box: ''. $ Box. '' \ N"; $ Json = "} \ N"; Echo $ json; ? & Gt; Ajax
Success: function (data) {dept = data.dept; Box = data. Box; Warning ("You have successfully deleted \ n \ r \ n \ rBox (es):" + data.dept + data.box); $ ("# Flex1") flexReload () .; } 'Boxes' where the id is from *
$ sql = "select * ($ Item) "; SQL-injection vulnerability If for each string you want mysql_real_escape_string for each code, or to make sure that they are only numbers, then what are they (e.g. Use the intval () ) or parameterized queries.
header ("content-type: text / x-json"); Application / Jason .
$ json. = "Dept: '". $ Dept. ", '\ N"; In addition to JSON, double-quotes are required around keys and string values, you will also need the JavaScript-string-element-escape value to be injected in the string . Otherwise an apostrophe / quote / backslash / newline string will be broken. You mostly addslashes () .
But in reality, there is no call to create their own JSON values (or other javascript literal). PHP lets you use it simple, fast, more reliable.
echo json_encode (array ('dept' = & gt; $ dept, 'box' = & gt; $ box); 
Comments
Post a Comment