Ajax call outputs the same message

Question

I have below ajax call that checks if a card_number exists in the customers' table or not, however, on both cases, I get the same response that it does not exist even if the card number exists. So both final messages will be "does not exist"

agent_reload.php

<script type="text/javascript">
    $(document).ready(function()
    {
        $("#card_number").change(function() 
        { 
            var card_num = $("#card_number").val();

            $.ajax({  
                type: "POST",  
                url: 'CheckUserCardNumber.php',  
                data: "card_number="+card_number,  
                success: function(msg){            
                    var Result = $.trim(msg);

                    if(Result === "does_not_exists")
                    { 
                        alert("does not exist");
                    }  
                    else  
                    {  
                        alert("exists");
                    }  
                } 
            }); 

            return false;
        });
    });
</script>

CheckCardNumber.php

<?php
include('dbconnection.php');
if(isset($_POST['card_number']))
{
    $Card_Number = $_POST['card_number'];
    $sql = "select * from customers where card_id='$Card_Number'";
    $Result = $db->query($sql);

    if ($Result->num_rows != 0)
    {
        echo "exists";
    }
    else
    {
        echo "does_not_exists";
    }
}

Answer 1

Looks like you set the var to card_num but pass card_number to ajax:

var card_num = $("#card_number").val();
.
.
.
data: "card_number="+card_number,

Answer 2

A tip

A good programming practise would be to use camelcase naming and proper indenting.

// <!-- CheckCardNumber.php --> 
<?php
if (isset($_POST['card_number'])) {

  include('dbconnection.php');

  $cardNumber = $_POST['card_number'];
  $sql        = "SELECT * from customers where card_id= '$cardNumber'";
  $result     = $db->query($sql);

  echo $result->num_rows > 0 ? 'Exists' : 'Does not exist.';
}

Solution

In your ajax request, you can just alert whatever response you got from if you set a proper message.

Also, make sure the value you send with your request is correct.

            $.ajax({  
                type: "POST",  
                url: 'CheckUserCardNumber.php',  
                data: "card_number="+$(this).val(),  
                success: function(msg){            
                   alert(msg); 
                } 
            }); 

Additionally, please always use PDO/Prepared MySQLI. How can prepared statements protect from SQL injection attacks?