Reputation: 95
Get value from select and compare with the DB to obtain a price
I'm using a select to choose from different products, then with that value I perform a DB query consult to obtain the price of the product and then set a input tag with it.
<section id="products">
quantity: <input type="number" id="quantity"><br><br>
<section id="selectProd">
<?php
$query = $conn->query("SELECT name FROM Products ORDER BY name");
?>
Product: <select id="comProduct" class="comProduct">
<?php while ($option = $query->fetch_object()) { ?>
<option><?php echo $option->name; ?></option>
<?php } ?>
</select>
<script>
$(document).on("ready",function(){
$("#comProduct").on("click", function(){
var value = $("#comProduct option:selected").text();
<?php
$servername = "localhost";
$username = "root";
$password = "";
$database = "BERAKA";
$conn = new mysqli($servername, $username, $password, $database);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$valuephp = $_GET['value'];
$query = $conn->query("SELECT price FROM products where name='$valorphp'");
?>
document.getElementById("ppu").value = "<?php $query->fetch_object(); ?>";
});
});
</script>
</section> <br>
Price per unit: <input type="text" id="ppu" >
</section>
Don't know why it's not working, Please help
Upvotes: 0
Views: 172
Answers (1)
Reputation: 360592
You are vulnerable to sql injection attacks. Sit back and relax - your problem will become moot when your server gets pwn3d.
As well, your code is highly flawed:
document.getElementById("ppu").value = "<?php $query->fetch_object(); ?>";
Your fetch call doesn't DO anything useful. fetch will RETURN an object, but since you don't capture that object or output it in any way, the DB row data will simply be lost. Even if the fetch call DID by some miracle do output, you can't just dump a PHP object into a Javascsript code context.
You need something more like this:
<?php
...
$row = $query->fetch_object();
$price = $row->price;
?>
document.getElementById('ppu').value = <?php echo json_encode($price); ?>;
Never EVER dump text from PHP directly into a JS context without using json_encode(). You're at risk of dumping invalid text into the JS code block, which will trigger a JS syntax error, and kill the entire <script> block that this bad code is in. Always use json_encode() so that no matter what you're dumping into the JS code, that value will be VALID javascript.
Upvotes: 1
Related Questions
- Retrieve data from database and save it in a variable to do some calculation and diplay it
- How to fetch the price from database for the selected product in Dynamic row input fields?
- Get price from database on click event
- how to get value from php select item with java script, or jquery, where select item value is from query mysql
- Change price variable based on a dropdown selection with php and jquery
- Pick a price from database on intersection row and column
- Grabbing the correct price column from MySQL without having extra queries and php to do it
- Using ajax to check price based on selected option
- How to show price in drop down list using php and mysql
- to get value from database table into select box