Passing PHP variable through javascript and back again

Question

I have a form that generates lots and lots of rows. Each row has an "Add Notes" button like this

<button onclick=\"myFunction()\">Add Note</button>

and it triggers a popup input through this snippet

<script language="JavaScript" type="text/javascript">
    function myFunction() {
        var x;
        var note = prompt("Customer Note","Write your customer note here...");

        if (note != null) {
            document.getElementById("notes").value = note;
            document.getElementById("notesForm").submit();
        } 
    else{
       return false;
        }
    }
</script>

and submits a form through this section

<form action=\"http://calls.fantomworks.com/functions/notes.php\" 
id='notesForm' name='notesForm' method='post'>
    <input type='hidden' id='ID' name='ID' value='{$row['ID']}' />
    <input type='hidden' id='notes' name='notes' />
    </form>

The problem is that the note is getting passed to the top row instead of the correct {$row['ID']}. How do I pass the {$row['ID']} through this popup and back to the form so that it will be gotten in the notes processor below correctly??

$notesID = $_POST['ID'];
$note = $_POST['notes'];
$note = mysql_real_escape_string($note);
$date= date('Y-m-d');

$result = mysql_query("UPDATE Project_Submissions SET 
                       Notes=CONCAT(Notes,'<br />".$date." ".$note."') 
                       WHERE ID ='".$notesID."'");

I am so lost and could really use some help here. Thank you so much in advance!!

You are vulnerable to [sql injection attacks](http://bobby-tables.com). Escaping `$note` is **NOT** enough. you have to escape **ALL** external data. — Marc B, Jul 31 '15 at 21:13
As you are new2programming please use the `MYSQLI` or `PDO` extensions for you database access. the `mysql` extension will soon disappear as it is deprecated. Dont waste your time with it. Learn one of the others, please read http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php — RiggsFolly, Jul 31 '15 at 21:56
Dont actually understand what youare trying to say, please look at your question with the tought... they are not clarevoyant and the cannot see over my shoulder — RiggsFolly, Jul 31 '15 at 21:59

score 1 · Accepted Answer · answered Jul 31 '15 at 21:59

1

You need to include WHICH row you're working on in, e.g.

while(...) { 
   <button onclick="myFunction(<?php echo $id ?>);">....</button>
}

and then use that function parameter when you do the ajax call.

answered Jul 31 '15 at 21:59

Marc B

356,200
43
426
500

THAT DID THE TRICK! THANK YOU! – new2programming Aug 03 '15 at 12:37

Passing PHP variable through javascript and back again

1 Answers1