0

Can anyone see why I get a 0 in return everytime I get a response from my database? Fx if I put in the number 5 in my form, I get back 0 5 etc. I have posted the relevant code.

I hope somebody can help me. Best Regards Julie

HTML:

<div class="content">
        <p>Number</p>
            <div class="form">
                <fieldset>
                    <legend>Record Number</legend>
                        <form id="myForm" action="select.php" method="post">
                            <input type="number" name="numbervalue" min="1" max="2">
                            <button id="sub">Save</button>
                        </form>
                </fieldset>
            </div>
            <span id="result"></span>
        </div>

JS

// Insert function for number
function clearInput() {
    $("#myForm :input").each( function() {
         $(this).val('');
    });
}

    $(document).ready(function(){
         $("#sub").click( function(e) { 
       e.preventDefault(); // remove default action(submitting the form)
       $.post( $("#myForm").attr("action"), 
         $("#myForm :input").serializeArray(), 
         function(info){ $("#result").html(info); 
       });
       clearInput();
    });
    })


// Recieve data from database
$(document).ready(function() {
            setInterval(function () {
                $('#show').load('response.php')
            }, 3000);
        });

Response.php

<?php 

include('session.php');

    $query  = "SELECT numbers FROM numbertable";
    $result = mysql_query($query);

    while($row = mysql_fetch_assoc($result))
    {
        echo "{$row['numbers']} <br>";

    } ;

select.php

    <?php

    include('session.php');


// Insert To Database
$strSQL = "INSERT INTO numbertable(numbers) VALUES('" .$_POST["numbervalue"] . "')";


        if(mysql_query("INSERT INTO numbertable VALUES('numbers')"))
            echo "Insert Succesfull";
        else
            echo "Failed";


// The SQL statement is executed 
    mysql_query($strSQL) or die (mysql_error());

// Close the database connection
    mysql_close();

?>

session.php

<?php

// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$connection = mysql_connect("localhost", "root", "root");

// Selecting Database
$db = mysql_select_db("roulette_db", $connection);
session_start();// Starting Session

// Storing Session
$user_check=$_SESSION['login_user'];

// SQL Query To Fetch Complete Information Of User
$ses_sql=mysql_query("SELECT username FROM login WHERE username='$user_check'", $connection);
$row = mysql_fetch_assoc($ses_sql);
$login_session =$row['username'];

if(!isset($login_session)){
    mysql_close($connection); // Closing Connection
    header('Location: index.php'); // Redirecting To Home Page
    }
?>
Julie24
  • 279
  • 4
  • 6
  • 19
  • 1
    unknowing if you want to enter a string literal here `VALUES('numbers')` or as a variable from/for an integer (integers need to be stored as integer types). check for errors, and check your console. `select.php` and you have INSERT syntax; kind of contradictory. – Funk Forty Niner Dec 11 '15 at 21:51
  • 1
    Your present code is open to [**SQL injection**](http://stackoverflow.com/q/60174/). Use [**`mysqli_*` with prepared statements**](http://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php), or [**PDO**](http://php.net/pdo) with [**prepared statements**](http://php.net/pdo.prepared-statements). – Funk Forty Niner Dec 11 '15 at 21:54
  • The "0" is probably coming from the response from `select.php`, while the number is coming from the `response.php`. You return a number (0) as output from the first script, and then append with the second. I have no idea what is going on with the `if` statement in the `select.php` file; there are no braces, so this doesn't seem to be valid code. – Sablefoste Dec 11 '15 at 21:59
  • @Sablefoste The `if(mysql_query("INSERT INTO numbertable VALUES('numbers')"))` isn't invalid because of the non braces, that just makes the next line execute (makes the reading a bit confusing and can have unexpected results but no issue there). The query itself though is incorrect (probably); presuming `numbers` is an `int` column.. – chris85 Dec 11 '15 at 22:01
  • 1
    Thanks a lot for all your answers. I have just corrected the braces on the if statement. I will try to look into your sugestions here. I forgot to write that 'numbers' are an int column. – Julie24 Dec 11 '15 at 22:20

1 Answers1

1

The 0 is coming from this line:

    if(mysql_query("INSERT INTO numbertable VALUES('numbers')"))

The string 'numbers' gets converted to the number 0, and this gets inserted into the table. Then it executes the query in $strSQL, which inserts the number that the user submitted. Then response.php retrieves all the rows from the table, so it returns both 0 and 5.

Change select.php to:

<?php

include('session.php');

// Insert To Database
$strSQL = "INSERT INTO numbertable(numbers) VALUES(" . intval($_POST["numbervalue"]) . ")";

if(mysql_query($strSQL)) {
    echo "Insert Succesfull";
} else {
    echo "Failed: " . mysql_error();
}

mysql_close();

?>
Barmar
  • 741,623
  • 53
  • 500
  • 612
  • argh shoot... of course that makes sence. Thank you so much. It works perfectly now :) Happy christmas to everyone here, and thanks for the effort. Best Regards to all from Julie. – Julie24 Dec 11 '15 at 22:30