• Passing data from jQuery(ajax) to Javascript
    12 replies, posted
I'm novice in jquery and javascipt, Can any one send me script in which we can pass data from jquery to javascript so that it is easy for me to understand the script. please do send both javascript as well as jquery script in totality. It will be really appreciable. thanks in advance please help
jQuery is Javascript, dude. jQuery is a framework built with Javascript, that simply gives you some sugar to make your life easier. Also, nobody's going to send you anything "in totality" - people have better things to do. If you post an example of what you're trying to do, someone might come along and help.
ya sure i got what you saying. But Joe thing is what ever data suppose which we are getting from data or inserting in the database through jquery in php. the same data which we get through jquery must now be transferred from jquery to javascript.
var data = $.get("data.php"); like that...?
[QUOTE=rohit;42291187]I'm novice in jquery and javascipt, Can any one send me script in which we can pass data from jquery to javascript so that it is easy for me to understand the script. please do send both javascript as well as jquery script in totality. It will be really appreciable. thanks in advance please help[/QUOTE] This reminds me of those comments you see on blog posts, asking totally irrelevent questions in a completely wrong manner
[QUOTE=rohit;42291582]ya sure i got what you saying. But Joe thing is what ever data suppose which we are getting from data or inserting in the database through jquery in php. the same data which we get through jquery must now be transferred from jquery to javascript.[/QUOTE] This just does not make sense.
[CODE] // Jquery == javascript; // book(1).page(1); $.ajax({ type: 'POST', url: 'path/to/script.php', data: {postValue: value}, dataType: "json", success:function(result){ // Here you can do anything javascript document.write(result); } }); [/CODE] [PHP] // MySQLi connection require_once '../functions/connection.php'; // OWASP super (Danish character hating) filter. require_once '../addons/php/OWASP/Reform.inc.php'; // Filter for security $filter = new Reform(); // Filter the value you get $data = $filter->HtmlAttributeEncode($_POST['checkname']); // An sql string $SQL = "SELECT something FROM sometable WHERE something='$data'"; // Run the query $query = $con->query($SQL); // If the query returns something if($query->num_rows == 1){ $value = true; } else{ $value = false; } // JSON encode what you get form the database // so you can use it in the javascript/jquery $stuff = json_encode($thing); // Echo the JSON so the javascript/jquery can run it. echo $stuff; [/PHP] Like this?
[QUOTE=gokiyono;42312879] [PHP] // MySQLi connection require_once '../functions/connection.php'; // OWASP super (Danish character hating) filter. require_once '../addons/php/OWASP/Reform.inc.php'; // Filter for security $filter = new Reform(); // Filter the value you get $data = $filter->HtmlAttributeEncode($_POST['checkname']); // An sql string $SQL = "SELECT something FROM sometable WHERE something='$data'"; // Run the query $query = $con->query($SQL); // If the query returns something if($query->num_rows == 1){ $value = true; } else{ $value = false; } // JSON encode what you get form the database // so you can use it in the javascript/jquery $stuff = json_encode($thing); // Echo the JSON so the javascript/jquery can run it. echo $stuff; [/PHP] Like this?[/QUOTE] This code is vulnerable to SQL injection, at the very least you should use mysqli::real_escape_string, even better would be to use prepared statements. HtmlAttributeEncode in OWASP's Reform isn't intended for preventing injection and they recommend using PDO prepared statements.
[QUOTE=gokiyono;42312879][CODE] // Jquery == javascript; // book(1).page(1); $.ajax({ type: 'POST', url: 'path/to/script.php', data: {postValue: value}, dataType: "json", success:function(result){ // Here you can do anything javascript document.write(result); } }); [/CODE] [PHP] // MySQLi connection require_once '../functions/connection.php'; // OWASP super (Danish character hating) filter. require_once '../addons/php/OWASP/Reform.inc.php'; // Filter for security $filter = new Reform(); // Filter the value you get $data = $filter->HtmlAttributeEncode($_POST['checkname']); // An sql string $SQL = "SELECT something FROM sometable WHERE something='$data'"; // Run the query $query = $con->query($SQL); // If the query returns something if($query->num_rows == 1){ $value = true; } else{ $value = false; } // JSON encode what you get form the database // so you can use it in the javascript/jquery $stuff = json_encode($thing); // Echo the JSON so the javascript/jquery can run it. echo $stuff; [/PHP] Like this?[/QUOTE] Seriously, does no one use prepared statements anymore...
[QUOTE=CBastard;42312985]This code is vulnerable to SQL injection, at the very least you should use mysqli::real_escape_string, even better would be to use prepared statements. HtmlAttributeEncode in OWASP's Reform isn't intended for preventing injection and they recommend using PDO prepared statements.[/QUOTE] That's why I wrote book 1 page 1.
[QUOTE=gokiyono;42313170]That's why I wrote book 1 page 1.[/QUOTE] That is not a clear indication that the code is unsafe and there is no reason to post bad code if you know it is bad. We could do with a thread for common issues like this and examples that we can direct people to.
[QUOTE=CBastard;42313640]We could do with a thread for common issues like this and examples that we can direct people to.[/QUOTE] That would actually be a good thing to have. Or maybe a website where you could search and find those kinds of errors.
[QUOTE=gokiyono;42314719]That would actually be a good thing to have. Or maybe a website where you could search and find those kinds of errors.[/QUOTE] [url]http://stackoverflow.com[/url]
Sorry, you need to Log In to post a reply to this thread.