1

What I'm trying to do with this is if number of rows selected is greater than or equal to 1 echo this json_encode(array("item" => $item));, or else if number selected rows is equal to zero echo this echo json_encode(array("failed" => 'failed'));. But this isn't working. The output of this was there's no post value returning even the record selected was greater to one. Any help?

Php

<?php
if(isset($_POST['id'])) {
$id= $_POST['id'];

$sql = $mysqli->query("SELECT item FROM table WHERE id='$id'");
while($row = $sql->fetch_assoc())
  {
  $item= $row['item'];
  }
  if(($sql->num_rows)>= 1){
    echo json_encode(array("item" => $item));
  } else {
    echo json_encode(array("failed" => 'failed'));  
  }
}
?>

Ajax

$.ajax({
type: "POST",
url: "autocomplete-ajax.php",
data :"id="+id,
dataType:'json',
type:'POST',
success: function(msg){
        console.log(msg)
var item_ajax=data.item;

if(msg == 'failed') {
    $('#item').val('');
} else {
//send to element ID
    $('#item').val(item_ajax);
}
}
user3631428
  • 131
  • 3
  • 14
  • **Danger**: You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that you need to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Jan 23 '15 at 09:23
  • It would be trivially more efficient SQL to use "SELECT EXISTS (SELECT 1 FROM table WHERE id='$id')". Then just test for 1 (true) or 0 (false). – dkretz Jan 26 '15 at 07:27

2 Answers2

0

In your .php file you are checking if $_POST['id'] is set but you are posting pr_code.

Check if(isset($_POST['pr_code'])) should do it.

And you need to change:

if(($sql->num_rows)>= 1)

to

if(($row->num_rows)>= 1){
q0re
  • 1,401
  • 19
  • 32
0

Assumption: id=... means there is either one or 0 records, not more.
Just try to fetch this one record. if fetch_assoc() "tells" you that there is no such record (by returning something FALSy), send the error message.
Also make sure that your script always returns something ...in a consistent way.
Edit: Also the query itself might fail; you have to check (and maybe report) that as well.

<?php
if(!isset($_POST['id'])) {
    $result = array('failed'=>'missing parameter: id');
}
else {
    // remember little Bobby Tables, http://xkcd.com/327/
    $id= $mysqli->real_escape_string($_POST['id']);
    $sql = $mysqli->query("SELECT item FROM table WHERE id='$id'");
    if ( !$sql ) {
        $result = array('failed' => 'query failed');
    }
    else {
        $result = $sql->fetch_assoc();
        if ( !$result ) {
            $result = array("failed" => 'no such item');
        }
    }
}

echo json_encode($result);
VolkerK
  • 95,432
  • 20
  • 163
  • 226
  • I selected more than 1 column. I just mention 1 to get short my question. – user3631428 Jan 23 '15 at 08:51
  • Doesn't matter. Do you select more than one record, i.e. row? – VolkerK Jan 23 '15 at 08:51
  • No, more than one column per row. – user3631428 Jan 23 '15 at 08:52
  • "No, more than one column per row" - but only one row? One row only? "Give me a ping, Vasili. One ping only, please"? ;-) It doesn't matter whether your actual query looks like `SELECT item,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,x,y,z FROM table LEFT JOIN ... RIGHT JOIN ... UNION ... EXISTS WHERE id='$id'` as long as you only need one fetch_assoc() to fetch the one record/row (having as many fields/columns as you like) . Is that the case? One row? – VolkerK Jan 23 '15 at 09:13