ajax and a form with post method

Question

I have a problem with a form that is used to insert data into a table, I need it to show a message if the data is inserted correctly or not. by the way, the actual code is not inserting anything to the table, but if I use directly the php file used to insert it, it works. this is the file with the form and the script: registrarrack.php

    <?php 
include('conexion.php');
session_start();
?>

<html>
<head>
    <title>Inicio</title>
    <link rel="stylesheet" type="text/css" href="style/stylef.css">
    <link rel="stylesheet" type="text/css" href="style/style.css">
    <script src="js/jquery-1.12.4.js"></script>
    <script> function myFunction() {
    document.getElementsByClassName("topnav")[0].classList.toggle("responsive");
    }
    function justNumbers(e)
        {
        var keynum = window.event ? window.event.keyCode : e.which;
        if ((keynum == 8))
        return true;

        return /\d/.test(String.fromCharCode(keynum));
        }
  function showContent() {
        element = document.getElementById("content");
        check = document.getElementById("check");
        if (check.checked) {
            element.style.display='block';
        }
        else {
            element.style.display='none';
        }
    }


    </script>

</head>
<!-- _________________________________________________________________AJAX Script___________________________________________________________________________--> 
<script>
    function Validar(Noserie, WO, Locacion, Modelo)
        {
            $.ajax({
                url: "registrarrackbackend.php",
                type: "POST",
                data: "Noserie="+Noserie+"&WO="+WO+"&Locacion="+Locacion+"&Modelo="+Modelo,
                success: function(resp){
                $('#resultado').html(resp)
                }       
            });
        }</script>
<!-- _________________________________________________________________End of AJAX Script___________________________________________________________________________--> 
<body class="desarroll">
    <header>

<div class="grupo">
            <div class="caja">
                <center><nav>
                    <ul class="topnav">
                        <li><a href="index.php">| Inicio |</a></li>
                        <li><a href="estatus.php">| Estatus |</a></li>
                        <li><a href="buscarnodo.php">| Buscar nodo |</a></li>
                        <li><a href="buscarrack.php">| Buscar rack |</a></li>
                        <li><a href="estadisticas.php">| Estadisticas |</a></li>
                        <?php  if(isset($_SESSION['Nombrers'])){ echo '<li><a href="logout.php">| Cerrar Sesion |</a></li>';}else{echo '<li><a href="#modal">| Iniciar Sesion |</a></li>';}?>
                    <li class="icon">
                        <a href="javascript:void(0);" onclick="myFunction()">&#9776;</a></li>
                    </ul>
                </nav></center>
            </div>

        </div>
        <?php if(isset($_SESSION['Nombrers'])){ 
            echo '<center><div class="nombre" align="center">| '.$_SESSION['Nombrers'].' | '.$_SESSION['Mesamensrs'].' </div></center>';
        }?>

    </header>

<section>
            <!-- ********************LOGIN***********************************-->
            <?php  
            $query = mysqli_query($enlace, "SELECT Numero FROM mesas WHERE EnUso = '0'"); 

            if(!isset($_SESSION['Nombrers'])){  
                echo '<center> <div id="modal">
                <div class="modal-content ">
                    <div class="header">
                        <h2>Iniciar sesi&oacute;n</h2>
                        <center><hr width="150" align="center"/></center>
                    </div>
                    <div class="copy">
                        <div class="grupo">
                            <div class="caja">
                                <form method="post" action="login.php"  class="login">
                                <label style="color:#1BBC9B; font-weight:bold;">
                                    <input type="checkbox" style="width:0px; display:relative;" name="check" id="check" value="1" onchange="javascript:showContent()" >¿Técnico de reparación?</label><br>
                                    <div id="content" style="display: none;">
                                   <b>Mesas disponibles &nbsp;:
                                   <input type="radio" name="mesa" style="width:0px; " value="0" checked="checked"> ';

            while ($datos=mysqli_fetch_row($query) ) {
        echo '<label><input type="radio" name="mesa" value="'.$datos[0].'" style="color:black; width:30px;">'.$datos[0].'</label>&nbsp;&nbsp;&nbsp;&nbsp;';
    }

            echo '</b>
                                    </div>
                                    <input type="text" name="NoReloj" placeholder="N&uacute;mero de reloj" required maxlength="5" onkeypress="return justNumbers(event);">
                                    <input type="password" name="Pass"  placeholder="Contrase&ntilde;a" required>

                                    <input type="hidden" name="Url" value="index.php#">
                                    </script>
                                    <button class="btn1">Aceptar</button>
                                    <input class="btn2" type="button" value="Cerrar" onClick="window.location.href=\'#\'">
                                </form>

                            </div>
                             </div>
                        </div>
                    </div>
                    <div class="overlay"></div>
                </div></center>'
                ;
}





                echo '<center> <div id="modalmesa">
                <div class="modal-content ">
                    <div class="header">
                        <h2>Elegir mesa</h2>
                        <center><hr width="150" align="center"/></center>
                    </div>
                    <div class="copy">
                        <div class="grupo">
                            <div class="caja">
                                <form method="post" action="elegirmesa.php"  class="login">
                                <div id="resultado"></div>

                                    <input type="hidden" name="Url" value="index.php#">
                                    </script>
                                    <button class="btn1">Aceptar</button>

                                </form>

                            </div>
                             </div>
                        </div>
                    </div>
                    <div class="overlay"></div>
                </div></center>'
                ;





            ?>

<!-- _________________________________________________________________Form___________________________________________________________________________-->            
            </section>
            <center>
<?php  $query = mysqli_query($enlace, "SELECT Nombre FROM familia"); ?>

<div class="grupo-centar">
<div class="caja">
<br><br>
<h2>Registrar rack</h2><br>
<div id="resultado"></div>
<table class="tablaregistro">
<tr>
    <form class="RegistroR" method="POST" action="return false" onsubmit="return false" id="formregistro">

    <td><input type="text" name="Noserie" id="Noserie" placeholder="N&uacute;mero de serie" required form="formregistro" maxlength="10" pattern=".{10,}"  ></td>
</tr>
<tr>    
    <td><input type="text" name="WO" id="WO" placeholder="WO" required form="formregistro" maxlength="9" pattern=".{9,}"></td>
</tr>
<tr>    

    <td><input type="text" name="Locacion" id="Locacion" placeholder="Locaci&oacute;n: TRXX-XX" required form="formregistro" maxlength="8" pattern=".{7,}"></td>
</tr>
<tr>
<td><Select name="Modelo"  id="Modelo" required form="formregistro" placeholder="Modelo">
    <option  value="" disabled selected>Modelo</option>
<?php  
while ($datos=mysqli_fetch_row($query) ) {
        echo '<option  value="'.$datos[0].'">'.$datos[0].'</option>';
    }
?>
</Select></td>
</tr>
<tr>
<td><Button class="btnregistrar" form="formregistro" onclick="Validar(document.getElementById('Noserie').value, document.getElementById('WO').value, document.getElementById('Locacion').value, document.getElementById('Modelo').value);"><h1>Registrar</h1></Button></td>
</tr>
</table>


    </form>

</center>
</div>
</div>

             <section>

<!-- _________________________________________________________________AJAX Script___________________________________________________________________________-->                 

</body>
</html>

and heres the other php file: registrarrackbackend.php

<?php 
error_reporting(0);
include('conexion.php');
session_start();
$NoSerie = $_POST['Noserie'];
$Locacion = $_POST['Locacion'];
$WO = $_POST['WO'];
$Familia = $_POST['Modelo'];
$Tecnico = $_SESSION['No_Relojrs'];

$consulta=mysqli_query($enlace, "SELECT * FROM rack WHERE NoSerie= '$NoSerie'");

if($cons=mysqli_fetch_array($consulta)){

    echo '<span>Error: rack is already registered</span>';

}else{

    $sql2="INSERT INTO rack (NoSerie, WO, Familia, Locacion, Tecnico) VALUES ('$NoSerie','$WO' ,'$Familia','$Locacion','$Tecnico')";
     if(mysqli_query($enlace, $sql2)){
        //echo "<script>location.href = 'index.php'</script>";
        echo '<span>rack was successfully registered</span>';
    }else{echo "<span>Error updating record: " . mysqli_error($conn).'</span>';}
}


 ?>

I don't know what is wrong with the code, I hope you can help me please. and sorry for my bad english

Have you watched the AJAX request / response in the browser's developer tools? Have you included the jQuery library in the project? Are there any errors reported? Are you running this on a web-server? — Jay Blanchard, Jun 06 '16 at 16:50
[Little Bobby](http://bobby-tables.com/) says [your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! — Jay Blanchard, Jun 06 '16 at 16:51
I haven't watched it, I don't know how to do it. I included the jquery-1.12.4.js library, it doesn't show any errors, it doesn't do anything when I click the button. Yes I'm trying it on Xampp with Apache and MariaDB (MySQL) — Omar Mora, Jun 06 '16 at 17:02
Click the F12 key and you'll see the developer tools, console, etc. — Jay Blanchard, Jun 06 '16 at 17:03
Ok I changed some part of the code and now it inserts the data into the table but the message is not showing yet. I have edite my question to put the new lines — Omar Mora, Jun 06 '16 at 17:28

ajax and a form with post method

0 Answers0