1

Here is my code for AJAX. The if part runs perfectly but else part doesn't. The flow enters else part when the the mysql_query() in php code runs successfully.But when it fails it enters if and prints the message on the page.

here is the javascript function.

function process(id,id_val){

if(xmlObject.readyState==0 || xmlObject.readyState==4){

    xmlObject.open("GET","dataProc.php?id=" + id, true);
    xmlObject.onreadystatechange = callBack(id_val);
    xmlObject.send(null);
}else{
    setTimeout("process()",1000);
}
}

function callBack(nid_val){
return function(){

        if(xmlObject.readyState==4){
            if(xmlObject.status==200){
                xmlResponse = xmlObject.responseXML;
                xmlDocumentElement = xmlResponse.documentElement;
                message = xmlDocumentElement.firstChild.data;
                if(message.charAt(0)==="O"){            //This is the if statement iam talking about.
                    document.getElementById("result").style.display='block';
                    document.getElementById("result").innerHTML = message;
                }else{                          
                    str="greendiv";
                    str=str.concat(nid_val);
                    document.getElementById(str).className="btn btn-success disabled";
                }                           
            }else{
                alert("Something went wrong");
            }
        }
}; 
}

Here's the php code.

<?php

header('Content-Type: text/xml');
    require "connect.inc.php";
echo '<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>';

echo '<response>';
    $id=$_GET['id'];

    $query="UPDATE `profiles` SET `val`= '1' WHERE `id`='".$id."'";
    if(!mysql_query($query)){
        echo "Oops something went wrong for $id";
    }else{
        echo "Updated table for $id";
    }
echo '</response>';
?>
Saurabh Banore
  • 43
  • 8
  • 1
    Can you please clarify which `else` and `if` statements the code is entering? You have more than one in your code. – Adam Konieska Mar 09 '16 at 14:21
  • 2
    [Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Jay Blanchard Mar 09 '16 at 14:21
  • 2
    Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Mar 09 '16 at 14:22
  • Sorry. I've added the comment at that if. – Saurabh Banore Mar 09 '16 at 14:39

0 Answers0