0

I want a simple that when I click, it loads the content from a file file.php. I also need the Ajax to send a string to file.php

This is my file.php

session_start();

include("../database.php");

if (isset($_GET['id'])) {

$to = $_GET['to'];

mysql_query("UPDATE `flashchat` SET `open` = '1' WHERE `to` = '$to' AND `from` = '$_SESSION[id]'");

}

The PHP string

$chatinfo[id];

Thanks!

MariusT
  • 11
  • 3
  • In general, avoid using the `mysql_` functions as they are deprecated, use `mysqli_` or PDO instead. You also should definitely google "SQL injections" as your code is currently susceptible to that and thus, very unsafe. – TheWolf Oct 03 '14 at 10:48
  • the question is not that clear and you should avoid using mysql_* since it is deprecated. Please check the official documentation, use mysqli or PDO and sanitize your inputs, then **try something**. You're talking about AJAX, about clicking and so one but I don't see anything you tried yet. – briosheje Oct 03 '14 at 10:48
  • How can I do it safe with mysqli? – MariusT Oct 03 '14 at 10:57
  • @MariusT http://php.net/manual/en/book.pdo.php, http://php.net/manual/en/book.mysqli.php are good starts. – TMH Oct 03 '14 at 11:00
  • (many useful links here) **Danger**: You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are also **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Oct 03 '14 at 11:03
  • It's my first Ajax project. So I say thanks for all the help I can get from you guys! Im grateful. – MariusT Oct 03 '14 at 11:07

2 Answers2

1
$(function(){
    $('#link').click(function(){
        var to = <?php echo $chatinfo['to']; ?>;
        $.ajax({
            type: 'GET',
            url: 'lukk.php',
            data: 'id='+to+,
            sucess: function() {
                $('#sucess').html(data);
            }
        });
        return false;
    });
});
MariusT
  • 11
  • 3
1
<a id="link" href="#">Click on me to get the contents of the file.php</a>

<div id="result">Result form file.php</div>

<script>
  $("#link").click(function(){
    $.ajax({
      type: "GET",
      url: "file.php",
      data: { id: 123, to: 456 }
    })
    .done(function( html ) {
      $("#result").html( html );
    });
  })
</script>
Radu Dumbrăveanu
  • 1,266
  • 1
  • 22
  • 32