-1

This question is pretty much what I am trying to do, but I cannot understand how to use it in my context.

I have tried the marked answer and the answer submitted by xdazz. Both of these answers seem to send the variables from the client-side to the php script through POST. When I attempt this, it simply does not hit my alerts, which leads me to believe that the php script receiving the POST variables is never being executed.

Here is the function which runs when I click a button on my js canvas

function updateLeaderboard() 
{
    alert("before");

$.post("process.php", { postantNum: antNum, postantRate: antRate },
    function(data)
    {
        alert(data);
    } );

    alert("after");
}

Here is the process.php file

<?php

$antNum = $_POST['antNum'];
$antRate = $_POST['antRate'];
echo $antNum;
echo $antRate;
$con=mysqli_connect("localhost","root","pass","login");

mysqli_query($con,"UPDATE userdata SET `words`='$antNum' WHERE `player`='$antRate'");

?>

HTML running the javascript:

<!DOCTYPE html>
<html lang="">
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>p5.js example</title>
    <style> body {padding: 0; margin: 0;} </style>
    <script src="../p5.min.js"></script>
    <script src="../addons/p5.dom.js"></script>
    <script src="../addons/p5.dom.min.js"></script>
    <script src="../addons/p5.sound.min.js"></script>
    <script src="antclicker.js"></script>
  </head>
  <body>
  </body>
</html>

I wish to be able to send in antNum and antRate from the client-side js game I have created to the database for storage. There are no error messages, I just know it never gets to the echos in the process.php and never hits the after alert, only the before alert is triggered.

EDIT:

Now since I have dipped my feet into chromes tools, I have discovered that on the line $.post("process.php", { postantNum: antNum, postantRate: antRate }, (yes I have changed the code a little bit) I get the error : ReferenceError: $ is not defined, how can it be singling out the "$". I'm guessing this probably means that there are some syntax errors nearby.

Improve this question
20
  • 5
    WARNING: When using mysqli you should be using parameterized queries and bind_param to add any data to your query. DO NOT use string interpolation or concatenation to accomplish this because you have created a severe SQL injection bug. NEVER put $_POST, $_GET or data of any kind directly into a query, it can be very harmful if someone seeks to exploit your mistake. Commented May 28, 2019 at 21:24
  • 2
    Note: The object-oriented interface to mysqli is significantly less verbose, making code easier to read and audit, and is not easily confused with the obsolete mysql_query interface where missing a single i can cause trouble. Example: $db = new mysqli(…) and $db->prepare("…") The procedural interface is largely an artifact from the PHP 4 era when mysqli API was introduced and should not be used in new code. Commented May 28, 2019 at 21:24
  • 3
    Note: A lot of problems can be detected and resolved by enabling exceptions in mysqli so any mistakes made aren’t easily ignored. Many return values cannot be ignored, you must pay attention to each one. Exceptions don’t require individual checking, they can be caught at a higher level in the code. Commented May 28, 2019 at 21:24
  • 4
    It is so ridiculously easy to fix SQL injections by using bound parameters that the number of keystrokes it takes to complain about it is significantly longer than just doing it correctly. As a bonus, if you use placeholder values you will no longer have annoying, difficult to debug escaping issues. You'll save time immediately. You'll have fewer bugs. As a bonus you can go live without SQL injections. Commented May 28, 2019 at 21:38
  • 6
    The Developer Menu is something you'll need to figure out on an immediate basis, there's no shortcuts here, but the good news is it only takes about 30 minutes to get familiar with where to look and how to read the output. It is impossible to survive as a developer doing JavaScript and AJAX without that fundamental tool. Commented May 28, 2019 at 21:39

1 Answer 1

Reset to default
0

First off in the HTML I did not know I needed to include 

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>

as I did not know I was using ajax, this is why the $ was undefined.

the updateLeaderboard function should look like this.

function updateLeaderboard() 
{
    alert("before");

$.post("process.php", { antNum, antRate },
    function(data)
    {
        alert(data);
    } );

    alert("after");
}

antNum and antRate are just vars which are previously defined.

and the process.php should look like

<?php

$antNum = $_POST['antNum'];
$antRate = $_POST['antRate'];

$con=mysqli_connect("localhost","root","pass","login");

mysqli_query($con,"UPDATE userdata SET `antNum`='$antNum' , `antRate`='$antRate' WHERE `player`='bob'");

?>

just swap bob out for the user in question.

PS. This was also a factor in helping me find the answer, by first allowing me to notice the $ was undefined.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Danger: You are vulnerable to SQL injection attacks that you need to defend yourself from.
As a note, newer versions of jQuery ship without AJAX by default, so you often need the "complete" jQuery including it.
@tadman note taken.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.