1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

help on how to send data from a prompt box

Discussion in 'HTML & JavaScript' started by clem25, Mar 20, 2012.

  1. clem25

    clem25 Newbie

    Joined:
    Mar 20, 2012
    Messages:
    1
    Likes Received:
    0
    I would like to send data that the user the filled in a show prompt box. I originally planned to send the data from a regular form, but changed my mind and want to do it through a show prompt box.
    Here is my code:
    Code:
      <script type="text/javascript">
    function show_prompt()
    {
    var name=prompt("question");
    if (name!=null && name!="")
      {
      document.write("<p>This is your question " + name + "</p>");
      }
    }
    </script>
    
    the html for the form is:
    Code:
      <form id="propose" name="input" action="insertpropose.php" method="post"><br/>
    <input type="submit" onclick="show_prompt()" value="propose" />
    </form> 
    
    and the PHP is
    Code:
      $query="SELECT propose* FROM propose";
    $result=mysql_query($query);
    
    
    $result = mysql_query("SELECT * FROM propose");
    
    I also try this:
    Code:
    <script type="text/javascript">
    function show_prompt()
    {
    var name=prompt("question");
    if (name!=null && name!="")
      {
      //set the hidden input value to the value entered in the prompt
      document.input.purpose.value = name; //document.input referring to the form named 'input'
      document.input.submit(); //submit the form
      }
    }
    </script>
    
    And for the Mysql:
    Code:
    $purpose = $_POST['purpose'];
    $query="SELECT propose FROM propose WHERE purpose = ". $purpose;
    $result=mysql_query($query);
    
    I m new to programming, so I hope I was clear.
    Thank you

    Edit by Jazzc: don't forget the code tags - makes the post actually readable :p
     
    Last edited by a moderator: Mar 21, 2012
  2. dunker

    dunker Newbie

    Joined:
    Jun 16, 2010
    Messages:
    15
    Likes Received:
    1
    I'm not entirely sure what you're trying to do, however I should give you another pointer. You saved $_POST['purpose'] to the $purpose variable, and then you used this variable in your MySQL query, like this: "WHERE purpose = " . $purpose;

    When you're including a variable into the actual MySQL query, you should *ALWAYS* escape it first. What does that mean? When you're reading from the $_POST array, save the variable like this:

    $purpose = mysql_real_escape_string($_POST['purpose']);

    This way your code will be much safer.