0

I am building a review system with php jquery and ajax. I have written the following code already for the 'Was this review helpful?' button:

<input type='button' value='Yes' onClick = 'myCall()' 
       style='background-color:#556B2F;color:white;padding:2px; cursor:pointer'
       name='help' />
<input type='hidden' id='randomdirectory' value='$g' name='ids'/>

$g is the variable I assigned to the id of the review which is stored in a database. The ajax script is this:

<script>

function myCall() {

var ids = $('#randomdirectory').val(); 
var self = this;

    $.ajax({
        url: 'rev.php',
        type: 'POST',

        data: {ids: ids},
         success: function(data) {
        $('#ques1').hide();
    }

    });

}

and the code in the "rev.php" file is this:

<?php
include 'includes/db.php';

$q = $_POST['ids'];
if ($q != ""){

$result = mysql_query("SELECT * FROM table where id='$q'");

while($row = mysql_fetch_array($result))
  {
  $finalproduct = $row['numberofhelpfulvotes'];
  $finalproduct1 = $finalproduct + 1;


  }


mysql_query("UPDATE table SET numberofhelpfulvotes='$finalproduct1' WHERE id ='$q'");
}

?>

The problem is when I have multiple reviews on the page. When you click any of the "Yes" buttons on any of the reviews, the first review displayed gets the vote added to it, not the actual review where the button was clicked. Also when the button and text is hidden after the ajax call, the first review button and text is hidden, not the review where the button was clicked. Also a black line appears on the bottom of the page.

Any solutions to these problems will be greatly appreciated.

Jai
  • 74,255
  • 12
  • 74
  • 103
Ids Surrrrr
  • 49
  • 1
  • 6
  • have you given different ids to all buttons ? – Deepanshu Goyal Apr 10 '13 at 10:06
  • No all the buttons have the id of #randomdirectory – Ids Surrrrr Apr 10 '13 at 10:09
  • then it is not supposed to happen, you must use button click event, and in that this.val(), and id of all buttons should be different – Deepanshu Goyal Apr 10 '13 at 10:10
  • You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are also **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Apr 10 '13 at 10:11
  • Thanks, but if all ids of the buttons are different then you would have to type all the code out manually for each button? – Ids Surrrrr Apr 10 '13 at 10:13
  • @Deepanshu — Assuming multiple reviews appear on a single page. – Quentin Apr 10 '13 at 10:13
  • @IdsSurrrrr — Do you have multiple reviews on a single page? If you do, then you shouldn't use ids to bind the JS and you need a way to associate the `$q` with the specific button. If not, then you don't need to move away from having an id. – Quentin Apr 10 '13 at 10:14
  • Yes i have, what other way should i bind the JS and cant i just put the id in the value of the hidden input? – Ids Surrrrr Apr 10 '13 at 10:18
  • thanks but help isint the id of the button, its the name and randomdirectory is an id not a class aswell, – Ids Surrrrr Apr 10 '13 at 10:21
  • @IdsSurrrrr — I'd approach it by having a form (per review), making the button a submit button and binding the event handler to the submit event of all the forms (adding a class to the forms if there are other types of form on the same page) – Quentin Apr 10 '13 at 10:37
  • Thanks alot, ill try doing that if @Deepanshu suggestion doesn't work – Ids Surrrrr Apr 10 '13 at 10:41

1 Answers1

0

Thanks for all reply's. I ended up doing this which works perfectly for me:

<script>

$(function() {  
  $(".button").click(function() {  
     var ids = (this.id);

     $.ajax({
        url: 'rev.php',
        type: 'POST',

        data: {ids: ids},
         success: function(data) {
        $('.' + ids).hide();
    }

    });
  });  
});   


</script>

and this as the html:

<div class='$g'><font size='2' color='black'>Was this review helpful?</font>&nbsp;<input type='submit' value='Yes' onClick = 'myCall()' style='background-color:#556B2F;color:white;padding:2px; cursor:pointer' name='help' id='$g' class='button' /><input type='hidden' id='randomdirectory' value='$g' name='ids'/>

The php stayed the same, but I am going to update it to make it more secure.

Ids Surrrrr
  • 49
  • 1
  • 6