0

Actually, I have a javascript variable I pass this to PHP variable and use this variable as a MySQL query when I submit the query the page gets reloaded and value of the javascript variable is finished and therefore query doesn't work I just want a modification in my code or there is another relevant solution regarding my problem then kindly please help me. Everything works fine when echo the PHP variable it shows me the variable only problem is in the query of my SQL that in the query the PHP variable which has javascript variable is not working.

    <script>
var buttontext="esteem";
    <?php 
             $ff ="<script>document.write(buttontext);</script>";             
          ?>

</script>

<?php
  $servername="localhost";
    $username="root";
    $password="";
    $dbname="beelist";

$conn=mysqli_connect($servername,$username,$password,$dbname);
error_reporting(0);

    $connDB= mysqli_select_db($conn,'beelist');

if($_POST['sub'])
{
    echo $ff;

  $code=$_POST['Bid'];
     if($code!=""){
 $query="SELECT beaconid FROM `customer` WHERE `beaconid`  = '$code' && name = '$ff'";

$data = mysqli_query($conn,$query);

$res1=mysqli_fetch_array($data);

         if ($res1) {
     echo '<script> alert("Beacon found")</script>';               
            echo '<script> showp();</script>';

        } 
         else {
        echo '<script> alert("Beacon ID is wrong!")</script>';}

    }else{
     echo '<script> alert("Beacon ID is required")</script>';
    }
}

?>
Martijn Pieters
  • 1,048,767
  • 296
  • 4,058
  • 3,343
  • 2
    Where do I start, Client and Server (JS and PHP) are separate. One runs on the server one runs on the clients computer. PHP goes first and as such only PHP can affect JS (as that is part of the output of the PHP) the JS's state cannot be known in PHP as it's on a entirely different computer. Basically you are left with making a request, either from a page reload (such as form submission) or AJAX where you can pass that data back to the server so it can work on it. – ArtisticPhoenix Feb 06 '19 at 07:24
  • @ArtisticPhoenix same issue it is not working bro –  Feb 06 '19 at 07:33
  • 1
    It's not going to ever work, you have to understand the relationship between Client and Server. This is probably one of the first things you should learn even before learning PHP. Basically you should have a basic understanding of how requests and http works in general. That sounded a bit mean, but what I mean is everyone has to start somewhere. I am just hoping to save you a lot of frustration by learning these concepts up front. – ArtisticPhoenix Feb 06 '19 at 07:36
  • i know that i have to make ajax call but my concepts in ajax are not clear and i need to submit the project early ,,,kindlly help me if u can –  Feb 06 '19 at 07:49
  • It's way too much code, you would have to split the file into 2 parts as well. I guess you could do it in one file, but it's way messier. – ArtisticPhoenix Feb 06 '19 at 07:53

1 Answers1

1

As I said in the comments

Where do I start, Client and Server (JS and PHP) are separate. One runs on the server one runs on the clients computer. PHP goes first and as such only PHP can affect JS (as that is part of the output of the PHP) the JS's state cannot be known in PHP as it's on a entirely different computer. Basically you are left with making a request, either from a page reload (such as form submission) or AJAX where you can pass that data back to the server so it can work on it.

Basically what you have now is $ff literally is this text:

 $ff ="<script>document.write(buttontext);</script>";

And because you don't echo it, it's actually never passed to the Client as part of the source.

Your query is like this:

$query="SELECT beaconid FROM `customer` WHERE `beaconid`  = '$code' && name = '<script>document.write(buttontext);</script>'";

It's too broad of a topic for me to really give you a working answer, and there are plenty of tutorials out there that can do it better justice them me. But hopefully, you understand what is going on now.

PS. you can test this easily by doing echo $query; right after the query. Also be aware you should not put PHP variables directly in SQL, or you risk SQLInjection type attacks against your site. For example if $_POST['Bid']="' OR 1 -- your query would be this:

 $query="SELECT beaconid FROM `customer` WHERE `beaconid`  = '' OR 1 --' && name = '<script>document.write(buttontext);</script>'";

Where -- is the start of a comment in MySQL. So now I just selected your entire table by injecting SQL commands into your Query, which is a very bad thing.

Cheers!

ArtisticPhoenix
  • 21,464
  • 2
  • 24
  • 38