php query not being processed that has been delivered by ajax post

Question

I got two pages:

Page 1:

<input type="hidden" name="rateableUserID" value="<?php echo $rateableUserID;?>"/>
<input type="hidden" name="rateablePictureID" value="<?php echo $rateablePictureID;?>"/>

<script>
var rateableUserID = $('input[name="rateableUserID"]').val();
var rateablePictureID = $('input[name="rateablePictureID"]').val();

$('#mR-RateableFramePicture').dblclick(function () {
    $.ajax({
        type: "POST",
        url: 'moduleRateable/scriptSavedStyle.php',
        data: {"rateableUserID": rateableUserID, "rateablePictureID": rateablePictureID},
        success: function() {
        }
    });
});
</script>

Page 2:

<?php
session_start();

$userID = $_SESSION["ID"];

$ratedUserID = $_POST['rateableUserID'];
$ratedPictureID = $_POST['rateablePictureID'];

include '../../scriptMysqli.php';

$sql = $conn->query("UPDATE styles SET savedByUser = '$userID' WHERE userID = '$ratedUserID' AND pictureID = '$ratedPictureID'");

?>

<script>alert("success");</script>

But the $sql variable never gets executed and the part with the alert is not being shown on the original page (page 1) eiher :/

What am I doing wrong here?

I'd firstly look into how to [prevent an SQL injection](https://stackoverflow.com/questions/332365/how-does-the-sql-injection-from-the-bobby-tables-xkcd-comic-work?rq=1) because bad practice, even as a learning curve, will mean you forget about security in the future. — Jaquarh, Aug 25 '17 at 17:57
You have to inject the response into your side, but the `success`-handler is empty. change it to: `success: function(scriptCode) { $('body').append(scriptCode); }` — Joshua K, Aug 25 '17 at 17:57
It's an ajax request, it doesn't update the page unless you actually do something with the returned data — adeneo, Aug 25 '17 at 17:57
Are you sure your script is working? check browser console for error. also may be its better:- `` — Serving Quarantine period, Aug 25 '17 at 17:58
Please don't dump code in comments @AlivetoDie, it is impossible to read that. — Jay Blanchard, Aug 25 '17 at 18:01
@JoshuaK alright i didn't know it had to be executed in the success-handler, but what you write is like chinise to me hehe, could you write that code with my $sql variable included? so i know how to get this php inside the success handler :O — , Aug 25 '17 at 18:01
[Have you watched the AJAX request / response in the browser's developer tools? Have you included the jQuery library in the project? Are there any errors reported? Are you running this on a web-server?](http://jayblanchard.net/basics_of_jquery_ajax.html) — Jay Blanchard, Aug 25 '17 at 18:01
no i'm not familiar with that tool and yes i'm running everything on a xampp server @JayBlanchard — , Aug 25 '17 at 18:03
öhhh. no not realy. the only thing you have to do is copy and paste one line... and the line is given by my comment. So there is nothing more I can do for you. Replace the empty success handler with my code and it should work. — Joshua K, Aug 25 '17 at 18:05

score 1 · Accepted Answer · answered Aug 25 '17 at 18:07

From the comments the changed code:

<input type="hidden" name="rateableUserID" value="<?php echo $rateableUserID;?>"/>
<input type="hidden" name="rateablePictureID" value="<?php echo $rateablePictureID;?>"/>

<script>    
$('#mR-RateableFramePicture').dblclick(function () {
    var rateableUserID = $('input[name="rateableUserID"]').val();
    var rateablePictureID = $('input[name="rateablePictureID"]').val();

    $.ajax({
        type: "POST",
        url: 'moduleRateable/scriptSavedStyle.php',
        data: {"rateableUserID": rateableUserID, "rateablePictureID": rateablePictureID},
        success: function(scriptCode) { $('body').append(scriptCode); }
    });
});
</script>

The important line is the success handler. It takes the response from your ajax call (echoed by your php script) and add it to the DOM, so it will executed in case of javascript code.

php query not being processed that has been delivered by ajax post

1 Answers1