0

I am trying to add devextreme SelectBox with following code, but the issue is that it search dropdown items while open dropdown but not display default value, it works in Asp.net MVC but now i am trying to implement this with php.

$("<div />").dxSelectBox({
    dataSource: new DevExpress.data.DataSource({
        key: "Id",
        load: function(loadOptions) {
            var d = $.Deferred(),
                params = {};
            [
                "skip",     
                "take",  
                "sort", 
                "filter", 
                "searchExpr",
                "searchOperation",
                "searchValue",
                "group", 
            ].forEach(function(i) {
                if(i in loadOptions && isNotEmpty(loadOptions[i])) 
                    params[i] = JSON.stringify(loadOptions[i]);
            });
            $.getJSON("/include/ajax/api.php?action=get_all", params)
                .done(function(result) {
                    d.resolve(result.data);
                });
            return d.promise();
        },
        byKey: function(key) {
            var d = new $.Deferred();
            $.get('/include/ajax/api.php?action=get_by_id&id=' + key)
                .done(function(result) {
                    d.resolve(result);
                });
            return d.promise();
        }
    }),
    displayExpr: "Name",
    valueExpr: "Id",
    searchEnabled: true,
    value: 1
}).appendTo(cell);

And Here is my service code

$id = $_REQUEST["id"];
        
$sql = "SELECT id, description FROM `table` WHERE id = " . $database->escape_value($id);
$result = $database->query($sql);
$result = [];
while ($row = $database->fetch_array($result)) {
    $result = array(
            'Id' => (int)$row["id"],
            'Name' => $row["description"]
        );
}

echo json_encode($result);die;
Leonardo
  • 2,439
  • 33
  • 17
  • 31
Touseef Mansoori
  • 11
  • 1
  • 1
    **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/5741187) – Dharman Feb 16 '22 at 09:52

0 Answers0