0

Im new to php/html and I'm trying to get a value from a html form and set this as a variable in an external php script.

This variable is used to run a SQL in a postgres database. The php script is triggered by clicking a button.

My guess was to use where get value is the text in the html form:

$SQL = $_GET['get_value'];

But I can't get it working. Can somebody help me and explain what to do?

My html code is as following:

<!DOCTYPE html>
<html>
<body>

<form name="SQL" action="query_map.php" method="get">
  SQL:<br>
  <input type="text" name="SQL" id="get_value">
  <br>
 </form>
<button type="submit" id="script-button">
    Run the script
</button>

<script>
function runScript() {
    var request = new XMLHttpRequest();
    request.onreadystatechange = function() {
        if (request.readyState === 4) {
            if (request.status === 200) {
                alert('Ran the script, result was ' + request.responseText);
            } else {
                alert('Something went wrong, status was ' + request.status);
            }
        }
    };
    request.open('POST', 'http://localhost:8076/query_map.php', true);
    request.send(null);
    return false;
};

document.getElementById('script-button').onclick = runScript;
</script>

</body>
</html>

The php code is as following:

<?php 
  $SQL = $_GET['get_value'];
  $db = pg_connect("host=localhost dbname=kopse_hof_put_25 user=postgres password=baf45baf")
    or die ("Could not connect to server\n"); 

    $query = pg_query($db, "create or replace view resultaat as
            select *
            from put_25_vlak_1_vulling
            where id = $SQL");
?>

I dont see any errors in my chrome console. I tested the php and that is working fine.

marc_s
  • 675,133
  • 158
  • 1,253
  • 1,388
B.Termeer
  • 305
  • 1
  • 16
  • Instead of using id attribute of html tag use name attribute `$SQL = $_REQUEST['SQL'];` – Haridarshan Jan 25 '16 at 11:32
  • id attrribute is used in javascript to get value as getElementById . You need to use name attribute to each input field which will pass value to php script. – CodeGuy Jan 25 '16 at 11:35
  • first call this function via submit button . JavaScript function is not called. For ex. – CodeGuy Jan 25 '16 at 11:38
  • i believe the function is called. See the bottum of the code: document.getElementById('script-button').onclick = runScript; – B.Termeer Jan 25 '16 at 12:32
  • Possible duplicate of [Sending POST data with a XMLHttpRequest](http://stackoverflow.com/questions/9713058/sending-post-data-with-a-xmlhttprequest) – André Dion Jan 25 '16 at 12:42
  • @RahulDambare i added a to my form but then i get the error: Warning: pg_query(): Query failed: ERROR: syntax error at end of input LINE 4: where id = ^ in C:\xampp\htdocs\querry_map.php on line 9. So my variable is not reconized. I putted the error also in my question – B.Termeer Jan 25 '16 at 12:50

3 Answers3

1

you read GET and POST by input name not id, so it should be:

$SQL = $_GET['SQL'];
Gouda Elalfy
  • 6,337
  • 1
  • 22
  • 37
1

Use universal POST/GET 

$SQL = $_REQUEST["SQL"];
rdn87
  • 751
  • 5
  • 18
0

I believe I found the solution thanks to @Rahul Dambare

I added a to my form. So my form looks as following:

<form name="SQL" action="query_map.php" method="get">
  SQL:<br>
  <input type="text" name="SQL" id="SQL">
  <br>
  <input type="submit">
 </form>

I got then the following error:

ERROR: syntax error at end of input LINE 4: where id = ^ in C:\xampp\htdocs\query_map.php on line 9.

The reason that this error exist is because my SQL think my response is a text. There are two possible solutions for this. The first solution is to change in the form the type of text to integer.

The second solution is to add a pg_escape_string to have quotes in the SQL. The php is as followed:

<?php 
$test = $_REQUEST['SQL'];
$SQL = pg_escape_string($test);
        $db = pg_connect("host=localhost dbname=kopse_hof_put_25 user=postgres password=password")
  or die ("Could not connect to server\n"); 
  
        $query = pg_query($db, "create or replace view resultaat as
    select *
    from put_25_vlak_1_vulling
    where id = $SQL");

Thanks for all the help

B.Termeer
  • 305
  • 1
  • 16