AJAX can't save request to database because of double quotes

Question

I'm trying to add something to my database that contains double quotes via AJAX, but the problem is that when I'm using double quotes, I can't submit the request with success. How can I find in a string from an HTML form the double quotes, and replace it with 2 quotes? Here it's my form:

    <form id='question-frm'>
                    <div class ="modal-body">
                        <div id="msg"></div>
                        <div class="form-group">
                            <label>Question</label>
                            <input type="hidden" name="qid" value="<?php echo $_GET['id'] ?>" />
                            <input type="hidden" name="id" />
                            <textarea rows='3' name="question" required="required" class="form-control" ></textarea>
                        </div>
                    </div>
                    <div class="modal-footer">
                        <button  class="btn btn-primary" name="save"><span class="glyphicon glyphicon-save"></span> Save</button>
                    </div>
                </form>

And here's my AJAX call:

$('#question-frm').submit(function(e){
        e.preventDefault();
        $('#question-frm [name="submit"]').attr('disabled',true)
        $('#question-frm [name="submit"]').html('Saving...')
        $('#msg').html('')

        $.ajax({
            url:'./save_question.php',
            method:'POST',
            data:$(this).serialize(),
            error:err=>{
                console.log(err)
                alert('An error occured')
                $('#quiz-frm [name="submit"]').removeAttr('disabled')
                $('#quiz-frm [name="submit"]').html('Save')
            },
            success:function(resp){
                    if(resp == 1){
                        alert('Data successfully saved');
                        location.reload()
                    }
            }
        })
    })

When I'm submitting the form in the console all I get it's: ,,XHR finished loading: POST """

save_question contains the code:

extract($_POST);

if(empty($id)){
    $last_order = $conn->query("SELECT * FROM questions where qid = $qid order by order_by desc limit 1")->fetch_array()['order_by'];
    $order_by = $last_order > 0 ? $last_order + 1 : 0;
    $data = 'question = "'.$question.'" ';
    $data .= ', order_by = "'.$order_by.'" ';
    $data .= ', qid = "'.$qid.'" ';
    $insert_question = $conn->query("INSERT INTO questions set ".$data);
    if($insert_question){
        $question_id = $conn->insert_id;
        $insert = array();
        for($i = 0 ; $i < count($question_opt);$i++){
            $is_right = isset($is_right[$i]) ? $is_right[$i] : 0;
            $insert[] = $conn->query("INSERT INTO question_opt set question_id = $question_id, option_txt = '".$question_opt[$i]."',`is_right` = $is_right ");
        }
        if(count($insert) == 4){
            echo 1;
        }else{
            $delete = $conn->query("DELETE FROM questions where id =".$question_id);
            $delete2 = $conn->query("DELETE FROM question_opt where question_id =".$question_id);
            echo 2;
            
        }

        }
    }else{

        $data = 'question = "'.$question.'" ';
        $data .= ', qid = "'.$qid.'" ';
        $update = $conn->query("UPDATE questions set ".$data." where id = ".$id);
        if($update){
            $delete= $conn->query("DELETE FROM question_opt where question_id =".$id);
            $insert = array();
            for($i = 0 ; $i < count($question_opt);$i++){
                $answer = isset($is_right[$i]) ? 1 : 0;
                $insert[] = $conn->query("INSERT INTO question_opt set question_id = $id, option_txt = '".$question_opt[$i]."',`is_right` = $answer ");
                // echo "INSERT INTO question_opt set question_id = $id, option_txt = '".$question_opt[$i]."',`is_right` = $answer <br>";
            }
            if(count($insert) == 4){
                echo 1;
            }else{
                $delete = $conn->query("DELETE FROM questions where id =".$id);
                $delete2 = $conn->query("DELETE FROM question_opt where question_id =".$id);
                echo 2;
                
            }

            }
    }

If the error occurs in your sql part, you should sanitize your input in the backend. Otherwise your website will be vulnerable to sql injections. — Akshay, Jan 21 '21 at 15:31
**Danger**: This code is [vulnerable to XSS](https://www.owasp.org/index.php/XSS) User input needs escaping before being inserted into an HTML document!. — Quentin, Jan 21 '21 at 15:34
DO NOT USE EXTRACT ON $_POST! It is possibly the easiest way for a user to simply overwrite your code and can lead to oh so many an exploit: https://www.php.net/manual/en/function.extract.php — Aaron Morefield, Jan 21 '21 at 15:35

score -1 · Answer 1 · answered Jan 21 '21 at 15:32

-1

try to change the use:

            $("#quiz-frm [name='submit']").removeAttr('disabled')

answered Jan 21 '21 at 15:32

gabrielrincon

796
5
15

Didn't helped me... – bicanul123 Jan 21 '21 at 15:35
then, I dont understand your problem. – gabrielrincon Jan 21 '21 at 15:38

AJAX can't save request to database because of double quotes

1 Answers1