0

Knowing me, I've probably done something wrong, but I was having a look at how parsing data from Javascript to PHP looked like using ajax and it looked fine but it doesn't want to send the data through and update it in my Database.

All that happens is a dialogue box shows up with nothing inside.

AJAX:

    $.ajax({
        url: 'updateCredits.php',
        type: 'GET',
        data: {
            credits: totalcash
        },
        success: function(data){
            alert(data);
        }
    });

PHP:

<?php

require 'steamauth/steamauth.php';
include ('steamauth/userInfo.php');
include('mysql/config.php');

if(isset($_SESSION['steamid'], $_GET["credits"]))  {
    $credits = $_GET['credits'];
    mysqli_query($db,"UPDATE set credits = credits + '".$credits."' WHERE steamid = '".$steamprofile['steamid']."'");
} else {
echo 'An Error has occurred, this is either due to you not being logged in or something went wrong!';

}

?>
Samuel Stubbings
  • 31
  • 5
  • 1
    What do you expect to happen? You aren't echoing anything out on success. Also your code is very very very vulnerable to [SQL Injection](https://www.owasp.org/index.php/SQL_Injection) – ntzm Oct 17 '17 at 19:02
  • side note: You should be using PUT if its an update operation – Andrew Lohr Oct 17 '17 at 19:02
  • it is working properly. Empty alert in your code means, no error and data is most likely in DB. – Unamata Sanatarai Oct 17 '17 at 19:16
  • 1
    I'm voting to close this question as off-topic because it is working properly. – Unamata Sanatarai Oct 17 '17 at 19:17
  • **Danger**: You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that you need to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Oct 17 '17 at 19:18
  • Well then it seems that my mysql code isn't working, any ideas? Credits is an integer and so is totalcash? – Samuel Stubbings Oct 18 '17 at 14:24

1 Answers1

0

You are not returning anything from PHP snippet on success

 <?php require 'steamauth/steamauth.php';
 include ('steamauth/userInfo.php');
 include('mysql/config.php');
 if(isset($_SESSION['steamid'], $_GET["credits"]))
 { 
   $credits = $_GET['credits']; mysqli_query($db,"UPDATE set credits = credits + '".$credits."' WHERE steamid = '".$steamprofile['steamid']."'"); 
echo 'Success fully updated';
} else { echo 'An Error has occurred, this is either due to you not being logged in or something went wrong!'; } ?>
GaneshSreeju
  • 303
  • 1
  • 13