jquery post, error reporting, serialize not working. tried everything else

Question

I am trying to communicate with php usring jquery ajax method.

<form class="form-group" id="formm" action="check.php" method="post">
        <label for="">Testing</label><br>
        <input type="text" class="col-md-5" id="name" placeholder="" name="name"><br>
        <button type="button" name='button' id="button" class="btn  btn-default" type="submit">button</button>
        <p class="help-block" id="result">Help text here.</p>
      </form>

my jquery

$(document).ready(function(){
      $("#button").click(function(){
        $.post("check.php", $( "#formm :input" ).serialize(), function(info) {
          $("#result").html(info);
        });
      });
    });
    $("#button").click(function(e){
      e.preventDefault();
    });

my php code

 if(isset($_POST['button'])) {
    $username = $_POST['name'];
    $con = mysqli_connect("localhost","root","","test") or die ("Couldnt connect");

    $check = "INSERT INTO name WHERE name='$username'";

    $sql_check = mysqli_query($con,$check);

      if($sql_check) {
          echo "Successfully inserted";
        } else {
            echo 'Couldnt Insert';
          }
    }

Now, js script is communicating with php but not as i want it to. 1. when i use serialize(), it stops communicating 2. When i dont use serialize(), my php code sends me back "Couldnt insert" 3. I tried using php errors reporting lines, js doesnt communiate again. No errors on console either. Is there something i am missing?

UPDATE : tried serializing just the formm and not the input element, still not working.

Have you watched the AJAX request / response in the browser's developer tools? — Jay Blanchard, Mar 14 '17 at 13:17
[Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)*** Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! [Don't believe it?](http://stackoverflow.com/q/38297105/1011527) — Jay Blanchard, Mar 14 '17 at 13:23
its for practice purpose, so i am not using prepared statements. — Himakar Reddy, Mar 14 '17 at 13:24
I hate when people say *"I'm not that far along..."* or *"This site will not be public..."* or *"It's only for school, so security doesn't matter..."*. If teachers and professors are not talking about security from day one, they're doing it wrong. Challenge them. They're teaching sloppy and dangerous coding practices which students will have to unlearn later. I also hate it when folks say, *"I'll add security later..."* or *"Security isn't important now..."* or *"Ignore the security risk..."*. If you don't have time to do it right the first time, when will you find the time to add it later? — Jay Blanchard, Mar 14 '17 at 13:24
in the network log, i can see check.php But it doesnt return any value from the php file — Himakar Reddy, Mar 14 '17 at 13:25
Just use `$( "#form" ).serialize()` [Can you see what the call is sending to the PHP?](http://jayblanchard.net/basics_of_jquery_ajax.html) — Jay Blanchard, Mar 14 '17 at 13:27
You're not sending a `button` parameter in the request and your PHP code doesn't do anything if the post request doesn't contain a `button` parameter because of the `if(isset($_POST['button']))` statement. — Titus, Mar 14 '17 at 13:32
You need to get the actual error from `mysqli_error($con)` rather than your error. — Jay Blanchard, Mar 14 '17 at 13:52

score 0 · Answer 1 · answered Mar 14 '17 at 13:20

0

Serialize Form not the inputs

$.post("check.php", $( "#formm" ).serialize(), function(info) {
      $("#result").html(info);
    });

answered Mar 14 '17 at 13:20

Arianne

59
10

just tried. No communication with php. nothing on console either. – Himakar Reddy Mar 14 '17 at 13:22
why not try using $.ajax({ ... }) – Arianne Mar 14 '17 at 13:23
im not sure.. i also think jQuery.post( url [, data ] [, success ] [, dataType ] ) is the syntax of that..try puting url – Arianne Mar 14 '17 at 13:25
Because `.post()` is a jQuery `.ajax()` shorthand @Arianne – Jay Blanchard Mar 14 '17 at 13:25
in the network log, i can see check.php But it doesnt return any value from the php file – Himakar Reddy Mar 14 '17 at 13:26

score 0 · Accepted Answer · edited May 23 '17 at 12:17

0

First, some warnings:

Little Bobby says your script is at risk for SQL Injection Attacks. Learn about prepared statements for MySQLi. Even escaping the string is not safe! Don't believe it?

Add error checking, such as or die(mysqli_error($con)) to your queries. Or you can find the issues in your current error logs.

I have been looking for the wrong error all along. Your INSERT query syntax is wrong, you cannot use WHERE in an INSERT query.

Change INSERT INTO name WHERE name='$username' to INSERT INTO name_of_table (name_of_column) VALUES('$username')

edited May 23 '17 at 12:17

Community

1
1

answered Mar 14 '17 at 13:55

Jay Blanchard

32,731
15
70
112

Apologies for my temporary blindness. If error reporting had been on the PHP would have returned an error which would've pointed us in the right direction earlier. Glad I could help! – Jay Blanchard Mar 14 '17 at 14:05

jquery post, error reporting, serialize not working. tried everything else

2 Answers2