0

Nothing is returned into the text area when I click on the "query" button at the bottom. The data is fetched from Mysql properly but I cannot get the results into a textarea (textContent). Also I cannot find in PHP a definition for creating an array i.e. x = []; as in Javascript. basically I am trying to return query reqults from MYSQL into Javascript/HTML. THANKS for the help. Yes I have researched this and trial and errored it with no good results.

<!DOCTYPE html>
<html>
<head>
<textarea rows="10" cols="50" maxlength = "20000" id = "textContent">Content</textarea> 
<style>
table {
    width: 100%;
    border-collapse: collapse;
}

table, td, th {
    border: 1px solid black;
    padding: 5px;
}

th {text-align: left;}
</style>
</head>
<body>

<?php
$q = intval($_GET['q']);

$con = mysqli_connect('localhost','root','gwatchgwatch63','mdmmp');
if (!$con) {
    die('Could not connect: ' . mysqli_error($con));
}

mysqli_select_db($con,"jvrs");
$sql="select objectID,objectTextLine from objecttextline where objectID = '".$q."' order by objectTextLineOrder";
echo "SQL::".$sql;
$result = mysqli_query($con,$sql);
$textContent[0] = " "; 
$textContent[1] = " "; 
$textContent[2] = " "; 
$textContent[3] = " "; 
$textContent[4] = " "; 
$textContent[5] = " "; 
$i=0;
while($i < 6 and $row = mysqli_fetch_array($result)) {  
$textContent[$i] = $row['objectTextLine'] ;
    echo $textContent[$i];
           }
mysqli_close($con);
?>
<button onclick={document.getElementById("textContent").value="<?php echo $textContent[0]; ?>";}>query</button>
<button 
onclick={x=document.getElementById("textContent").value;alert(x);}>query1</button>
</body>
</html>
Martin Levine
  • 27
  • 1
  • 4
  • 2
    [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)*** Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! [Don't believe it?](http://stackoverflow.com/q/38297105/1011527) – Jay Blanchard Oct 20 '16 at 17:22
  • You have duplicate id's `textContent` which is not allowed. ID's *must be unique*. – Jay Blanchard Oct 20 '16 at 17:24
  • Your first button click is putting " " (a single space) into the text area – CptMisery Oct 20 '16 at 17:51
  • I tried renaming the first text area didn't help. I could not find that there were 2 items with the same ID (textContent). I do not see how I am putting a space in front with the onclick as I am echoing the first contents of the array. ALSO, this will work if the mysql text field is a single line and less than 50 characters with no spaces!! – Martin Levine Oct 20 '16 at 18:20

0 Answers0