0

I have a form which sumbit a message. Now I would like to show an alert to user that the submitting is done. by regular alert in js it is possible but with costume alert I could not stop redirecting to another page. here is the codes

<form action="suggest_data.php" method="post" onsubmit="return check_suggest()">
  <div id="login_form">
     <div id="user_reg">
        <span>email</span>
        <input type="text" name="email">
     </div><!--user_reg-->  
     <div id="user_reg">                
        <div id="user_reg">
        <span>suggestion</span>
        <textarea name="suggest"></textarea>
     </div><!--user_reg-->   
     <div id="user_reg">
        <input type="submit" value="submit">    
     </div><!--user_reg-->   
   </div><!--suggestform-->
</form>

and the js codes is here:

function check_suggest(){
   var error=0;
   var email=$("input[name='email']").val();
   var regex=(/.+\@.+\..+/);    
   if(regex.test(email)==false){
       error=1;
       $("input[name='email']").addClass('error');}
   else{
       $("input[name='email']").removeClass('error');}
   if(error==1){
       return false;        
   }
   else {
      swal("Good job!", "You clicked the button!", "success")
   };   
}

and php code is here:

<?php
session_start();
include ('injection.php');
include_once ('func_database.php');
$object=new func_class; 
$email=$_POST['email'];
$email=check($email);
$email=addslashes($email);
$suggest=$_POST['suggest'];
$suggest=check($suggest);   
$sql="insert into tsuggest (email, suggest) values('$email', '$suggest')";
$st=$object->update($sql);
header('location:suggest.php');
?>

the problem is when user submit the form, alert is coming just before redirecting and then disappear. I just want to have a costume alert like js alert which stop until press ok.

ali mohammadi khah
  • 1
  • 4
  • [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)*** Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! – Jay Blanchard Aug 10 '17 at 12:30
  • yes I know, I prepared them later – ali mohammadi khah Aug 10 '17 at 12:33
  • 2
    _"I'll do it later"_ - The famous last words before the site gets breached. – M. Eriksson Aug 10 '17 at 12:34
  • I'm actually not sure what you're trying to accomplish. You have a script that validates the form when the user clicks submit. If the validation fails, you return `false`, which stops the form from submitting. But if it passes, you _still_ want to stop the form from submitting and show a popup instead? When will the form be submitted? Anyway, tried to return `false` after your `swal()`-call as well? – M. Eriksson Aug 10 '17 at 12:36
  • I do not want to stop when it passes. I just want to show user a message as an alert then redirection will done. but when return false after swal (sweetalert js function) the function and redirection completely stoped and it does not continue after click ok or yes – ali mohammadi khah Aug 10 '17 at 12:41
  • I don't know anything about your application, but why not post the form first and show the message when it's done, if you're going to post it anyway? – M. Eriksson Aug 10 '17 at 12:46
  • How I could post form then show the message. Now I would like to do this but I do not know how – ali mohammadi khah Aug 10 '17 at 12:56

0 Answers0