0

i am trying to insert the value of JavaScript variable in database but $.ajax in not responding. if there any other method for this task kindly help me.

JS:

 var num=0;
      $('#add').click(function(){
        $.ajax({
            url: 'php/insertlevel.php',
            type: 'post',
            data: num,
        });
        });

PHP: 

<?php 
include "connect.php";
$val=$_POST['num'];
echo "i am called dont worry";
$sql="INSERT INTO `level` (`level`) VALUES ($val)";
$insert=mysqli_query($con,$sql);

if ($insert) {
    echo "Data insert";
}
 else{
    echo "not insert";
 } 
 ?>
Improve this question
2
  • Could you explain your problem more detailed? Commented Jun 7, 2020 at 16:21
  • i am trying to inter the value of JavaScript variable by clicking the button (with id add) but .click called inside a function "add()" that called by the same button. Commented Jun 7, 2020 at 16:26

2 Answers 2

Reset to default
1

Data has to be an object. The property of the object is what you fetch in your $_POST in your PHP script.

      $('#add').click(function(){
       var num = 0;

        $.ajax({
            url: 'php/insertlevel.php',
            type: 'post',
            data: {num: num},
        });
   });

Your PHP file looks good (assuming $con is the connection). There is only one thing you missed. The single quotes around the value.

<?php 
    include "connect.php";
    $val=$_POST['num'];
    echo "i am called dont worry";
    $sql="INSERT INTO `level` (`level`) VALUES ('$val')"; //NOTICE, YOU SEE THE SINGLE QUOTES AROUND THE VAL VARIABLE?
    $insert=mysqli_query($con,$sql);

    if ($insert) {
        echo "Data insert";
    } else{
        echo "not insert";
      } 
 ?>

This should do the trick for you.

However, after you have "mastered" this, I highly recommend you to look at PDO or MYSQLI and use the prepared statements. This will ensure you are safe against SQL injections.

I recommend you to look at the PHP manual, but (atleast, for me it was) w3schools explains it in a more of a newbie way. It is however a highly discouraged website when you grow as a developer and actually have to implement for a live environment.

https://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php https://www.w3schools.com/php/php_mysql_prepared_statements.asp

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

The data option can contain either a query string of the form key1=value1&key2=value2, or an object of the form {key1: 'value1', key2: 'value2'}

Try to change your code to this:

var data = {num: 0};

  $('#add').click(function(){

    $.ajax({

        url: 'php/insertlevel.php',
        method: 'POST',
        data: data,


    });

    });

or if you like to send it as a string, change the data variable to data = "num=0" instead of num = 0; The way you doing, with num=0, the data property is set to 0 {data: 0}, you need to send the data object like this: {data: {num: 0}}

Reference: https://api.jquery.com/jquery.ajax/

Please note you should never trust the user input, it's insecure because doing that you are vulnerable to SQL injections attacks. Your SQL query must be parametrized like that:

https://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php

Improve this answer

4 Comments

Use parameterized queries, not escaping.
Use parameterized queries, not escaping.
@RobertMennell Example changed to parametrized query.
Should link to php.net/manual/en/mysqli.quickstart.prepared-statements.php, and possible add mysqli example since that is the driver being used.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.