1

I am sending echoing some data to be received in Javascript however when i debug it, it seems that a new line has been added.

PHP

<?php
header("Content-Type: application/json; charset=UTF-8");
require './connection.php';

$obj = json_decode($_POST["x"], false);

$usernamequery = "SELECT * FROM User WHERE username='$obj->newUser'";

$result = mysqli_query($db, $usernamequery);
$row = mysqli_fetch_assoc($result);

if($row["Username"] == null){

    $updatequery = "UPDATE User SET User='$obj->newUser' WHERE username ='$obj->username'";
    $result = mysqli_query($db, $updatequery);

    echo "valid";
} else{
    echo "invalid";
}

?>

JS

///// USERNAME
$(document).ready(function () {

$("#userSubmitForm").on("click", function(e) {

   $username = document.getElementById("user").value;
   $newUser = document.getElementById("newUser").value;
   user = $newUser;
   obj = { "username":$username, "newUser":$newUser};
   dbParam = JSON.stringify(obj);

   xmlhttp = new XMLHttpRequest();
   xmlhttp.onreadystatechange = function() {
   if (this.readyState === 4 && this.status === 200) {
    validity = this.responseText;

    if (validity === "valid"){
            $('#usernameModal .modal-header .modal-title').html("Result");
            $('#usernameModal .modal-body').html("Your Username Has Been Changed to '$newUser'");
            $("#passSubmitForm").remove(); 
            $("#userCloseForm").remove();

            window.setTimeout(redirect,3000);
    } else{

   $('#error').html("This Username Already Exists"); ;
          } 
    }
 };

What is happening is responseText will be receive "valid"/"Invalid" as "valid[newline]"/"invalid[newline]"

skandal
  • 93
  • 2
  • 3
  • 12
  • 4
    Your script is at risk of [SQL Injection Attack](//stackoverflow.com/questions/60174) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](//stackoverflow.com/questions/5741187) Use [prepared parameterized statements](https://php.net/manual/en/mysqli.quickstart.prepared-statements.php). – John Conde Mar 09 '18 at 13:15
  • 2
    check for extraneous spaces / newlines at the beginning and end of your PHP script (outside the `` and `?>` tags. Also check any other PHP scripts which are included in the main script. – ADyson Mar 09 '18 at 13:17
  • There's probably a newline after `?>`, consider getting rid of the php end tag, [why?](https://stackoverflow.com/questions/4410704/why-would-one-omit-the-close-tag) – James Mar 09 '18 at 13:18
  • Make sure there is nothing, preceding the opening – Ashish Tiwari Mar 09 '18 at 13:19
  • To make sure that you do not have an erroneous space at the end of your script, you can just remove the closing PHP tag ( ?> ). This is actually not a bad idea to do most of the time if your script is all php. Check here for more details: https://stackoverflow.com/questions/3219383/why-do-some-scripts-omit-the-closing-php-tag – dkasipovic Mar 09 '18 at 13:39

2 Answers2

0

As stated at http://php.net/manual/en/function.echo.php that can't be a "problem" of the echo. There must be some newline-character after your -tags

Kai Adelmann
  • 199
  • 6
  • 15
-1

A simple solution would be to just trim your response text like this: var validity = this.responseText.trim(); in order to strip it from unwanted space/tab/newline characters.

baeyun
  • 228
  • 1
  • 6
  • 4
    Simple, maybe, but not a good way in the sense that you're patching something client-side that's caused by the server. – AKX Mar 09 '18 at 13:19
  • Indeed, however I also just provided a server side code suggestion now. – baeyun Mar 09 '18 at 13:21