JavaScript in PHP echo sequence not right

Question

I have the current issue, my php script is demanding on some JS code. It is declared in a PHP echo. But it seams like when its loading that all the "task" are triggered at once when the page is done loading.

So after the php is loaded in I get all the $messages popped-up when they are compliant. Example: At the last php alinea the status: "Goedgekeurd door klant" will be updated into the database. But I'll get the popup declared in the IF (first alinea) afterwards

I want the script to be functioning from top to bottom. (like the rest of php is doing)

Before any comments, yes I know this script is bad, and is open for Injection. But this is just a test scenario. In the real code, this is not the case.

Here is my code:

<?php
if($status == "Goedgekeurd door klant"){
    $message = "Offerte $oid is reeds beantwoord met de status: Goedgekeurd door klant.";
    echo "<script type='module'>alert('$message');
    window.location.href = 'customer_quote.php?offerteid=$offerteid&comp=$comp&ikey=$ikey&fail=1';
    </script>";
}

if($status == "Afgewezen door klant"){
    $message = "Offerte $oid is reeds beantwoord met de status: Afgewezen door klant.";
    echo "<script type='module'>alert('$message');
    window.location.href = 'customer_quote.php?offerteid=$offerteid&comp=$comp&ikey=$ikey&fail=1';
    </script>";
}

//getting customerid from url
$id = $_GET['id'];
$omschrijving = "$klantnaam heeft offerte $oid goedgekeurd.";
$date = date("d-m-Y G:i");
$link1 = "/modules/quotes/offerte.php?offerteid=$offerteid";
 

//Connect to DB
$companyname = $_GET['comp'];
include("$root/connections/customerdbconnection.php");

// Attempt insert query execution
$sql = "INSERT INTO notifications (klant, omschrijving, link, uid, createdat) VALUES ('$klantnaam', '$omschrijving', '$link1', '$oid', '$date')";
if(mysqli_query($link, $sql)){
    echo "Notificatie gecreeerd!";
} else{
    echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
 
// Attempt insert query execution
$sql = "UPDATE offertes SET status='Goedgekeurd door klant' WHERE offerteid=$offerteid";
if(mysqli_query($link, $sql)){
    $message = "Dankuwel, offerte $oid is door u gemarkeerd als 'Goedgekeurd'.";
    echo "<script type='module'>alert('$message');
    window.location.href = 'customer_quote.php?offerteid=$offerteid&comp=$comp&ikey=$ikey&fail=1';
    </script>"; 
} else{
    echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
// Close connection
mysqli_close($link);
?>

This question loooks very similar. Did you ask this an hour ago? — user3783243, Oct 22 '20 at 13:55
Please do not share SQL vulnerable examples on the internet. Show us the real code that uses prepared statements. — Dharman, Oct 22 '20 at 14:08
I think you are fundamentally misunderstanding when the output is generated. Try this answer: https://stackoverflow.com/questions/37062799/when-does-php-not-output-the-page-all-at-once — imposterSyndrome, Oct 22 '20 at 14:10
Does this answer your question? [When does PHP not output the page all at once?](https://stackoverflow.com/questions/37062799/when-does-php-not-output-the-page-all-at-once) — imposterSyndrome, Oct 22 '20 at 14:11

score 0 · Accepted Answer · answered Oct 26 '20 at 19:07

0

Fixed it by putting exit(); at the end of the JS scripts.

answered Oct 26 '20 at 19:07

Tim Nijland

65
1
8

score -1 · Answer 2 · answered Oct 22 '20 at 14:14

-1

Change this alert('$message') to this alert('".$message."')

answered Oct 22 '20 at 14:14

MoviesLiker

51
1
1

1

why will that help? – imposterSyndrome Oct 22 '20 at 14:17
1

That's just two different ways of doing the same thing. They will generate identical outputs. – M. Eriksson Oct 22 '20 at 14:32

JavaScript in PHP echo sequence not right

2 Answers2