0

I have an issue with sending json data with ajax to a php file and then use it to upload to the server.

If I'm making echo of the variable $email_info->Name the returned data value is empty. I've tried json_decode but it doesn't do it.

This is the code I have,

Jquery: 

$( document ).on('click', '#send_touch', function(){

    new_email = [];

    new_email.push({
    Name: $('#name').val(),
    Phone: $('#phone').val(),
    Email: $('#email').val(),
    Interested_in: $('#interested_in').val(),
    User_id: $('#email_user_id').val()
    });

    new_email = JSON.stringify({Email: new_email}, null, "\t");

        $.ajax({
            url: "core.php",
            type: "post",
            data: { NewMail: new_email
                  },
            success: function(data){  
                alert(data)          
            },
            error: function(){
            }   
     });    

});

PHP:

if ($_POST['NewMail']) {

 $timeStamp = time();

 $new_email = json_decode($_POST['NewMail'], true);

 $email_info = $new_email->Email[0];

 // New Email
 mysql_query("INSERT INTO " . $dbPrefix . "touches (date, user_id, name, phone, email, interested_in, seen, status) VALUES ('".safeSQL($timeStamp)."', '".safeSQL($email_info->User_id)."', '".safeSQL($email_info->Name)."','".safeSQL($email_info->Phone)."', '".safeSQL($email_info->Email)."', '".safeSQL($email_info->Interested_in)."', '0', '1')") or die("Query failed: " . mysql_error());

 echo $email_info->Name;

}

If I make an echo on the PHP side for $_POST['NewMail'] I get returned this:

{
\"Email\": [
    {
        \"Name\": \"John Doe\",
        \"Phone\": \"1234567\",
        \"Email\": \"[email protected]\",
        \"Interested_in\": \"Text here..\",
        \"User_id\": \"1\"
    }
]
}

How can I fix this?

Improve this question
1
  • 1
    You need to stop using mysql. It is outdated. Move to PDO or mysqli which means "mysql improved". That should tell you it's better. I prefer PDO. I don't know what you "safeSQL" is, but scratch that and use prepared statements instead. Prepared statements guarantee your queries can't be attacked via sql injection. Commented Sep 3, 2013 at 17:51

3 Answers 3

Reset to default
1

Replace this part in PHP :

$new_email = json_decode($_POST['NewMail'], true);

by this :

if (get_magic_quotes_gpc()) {
    $_POST['NewMail'] = stripslashes($_POST['NewMail']);
}
$new_email = json_decode($_POST['NewMail'], true);

This should fix the issue.

Improve this answer
Sign up to request clarification or add additional context in comments.

9 Comments

NOTE!!! magic quotes ought to be off anyway!! If magic quotes are on, this is not really the solution! See php.net/manual/en/security.magicquotes.php. Magic quotes are totally removed in php 5.4
I think his problem is that (magic quotes) are turned on, Check out what he got after echo'ing $_POST['NewMail'].
Right, then the solution is to turn them off, not write code to deal with them.
I am not stick at leaving magic quotes = on , but there is no effective way to turn it off in the script. He can only turn it off through php.ini only if he have access to this config file.
Thanks, this actually helped me to get to my answer. Just realized that I have magic quotes turned 'on' on my server.
|
1

I had magic_quotes turned 'on' on my server.

I realized it when testing Hossams code:

if (get_magic_quotes_gpc()) {
    $_POST['NewMail'] = stripslashes($_POST['NewMail']);
}

So finally this got to work with this code:

if ($_POST['NewMail']) {

$timeStamp = time();

if (get_magic_quotes_gpc()) {
    $_POST['NewMail'] = stripslashes($_POST['NewMail']);
}

$new_email = json_decode($_POST['NewMail'], true);

$email_info = $new_email['Email'][0];

// New Email
mysql_query("INSERT INTO " . $dbPrefix . "touches (date, user_id, name, phone, email, interested_in, seen, status) VALUES ('".safeSQL($timeStamp)."', '".safeSQL($email_info['User_id'])."', '".safeSQL($email_info['Name'])."','".safeSQL($email_info['Phone'])."', '".safeSQL($email_info['Email'])."', '".safeSQL($email_info['Interested_in'])."', '0', '1')") or die("Query failed: " . mysql_error());

var_dump($email_info['Name']);

}

And I got the array with $email_info['Name'] instead of $email_info->Name

Improve this answer

Comments

0

you need to specify to jquery that your sending data is a JSON type. Please configure the type of data in the ajax options. For example:

$.ajax({
       url: "core.php",
       type: "json", //here comes the data's type
       data: { NewMail: new_email
       },
       success: function(data){  
        alert(data)},
        error: function(){
        }`
Improve this answer

2 Comments

It doesn't hurt to specify that, but jQuery shouldn't be having trouble determining the data type automatically. I believe it because he used stringify rather than sending the object normally. Actually, I feel pretty sure setting it as json and then sending a string (like he is doing) will be bad.
Check this out please, stackoverflow.com/questions/8926805/…

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.