AJAX - Sending two variables together to a php script

  • Hi,

    i'm trying to send 2 variables together in ajax to a php script to update the user with the balance/score as seen in the photo attached and i'm wondering if i'm doing something wrong? The email and balance are both stored in a global variable so i have added the variable here.

    When i'm sending 1 variable it works and the info gets updated in mysql, but not when sending 2 together.

    I have tested the php script and it works and data gets updated in mysql when sending both variables from a form on my website using an HTML Form with a 'name' & 'balance' input field.

    But it feels like i'm putting the data incorrectly in ajax or the email variable doesn't get sent to the php script.

    Maybe someone here knows what i'm doing wrong?

    Regards

    Edgar

  • The data expression looks wrong. Try displaying it in a text object to see what it's really sending. As it stands if your balance is "abc" and the email is "xyz", it will produce balance=abcemail=xyz. Normally for URL-encoded type data you need an extra & to separate values, e.g. balance=abc&email=xyz

  • Thanks for your reply.

    It seems to be displaying the data correctly as seen below. So maybe i should use something instead of the "&" operator or format it differently? As i said using the php script below works when sending from a form.

    Regards

    Edgar

  • Update: It seems like on random occasions the text from the email variable displays duplicate emails after each other.

    Regards

    Edgar

  • I'm confused: in your first post you said it's not working, and in the second post you appear to say it is working. I don't know what to say now.

    I also have to point out: I hope you never run that code on the Internet - it's so insecure it would be trivial for a passer-by to delete or steal the entire database.

  • Hello guys,

    I have a question that may fit here..

    So, I have a PHP server aswering requests from AJAX.

    Which method should I use to secure it?

    After login send a token to the client and every request/post send the token for validation?

    Can this token be intercepted?

  • Which method should I use to secure it?

    This opens up a whole area of digital security. I'd recommend looking for a course covering the basics, because if you don't know what you're doing, you'll probably make something so insecure a passer-by can at least delete everything, or possibly steal all the data - and if you are storing people's personal data, you can become liable for significant fines if that gets leaked and you were negligent in your security measures.

    At a minimum look in to using HTTPS and protecting against injection attacks, but there's a lot more to it than that!

  • > Which method should I use to secure it?

    This opens up a whole area of digital security. I'd recommend looking for a course covering the basics, because if you don't know what you're doing, you'll probably make something so insecure a passer-by can at least delete everything, or possibly steal all the data - and if you are storing people's personal data, you can become liable for significant fines if that gets leaked and you were negligent in your security measures.

    At a minimum look in to using HTTPS and protecting against injection attacks, but there's a lot more to it than that!

    True but I'm thinking about security between mobile and server..

    Any method requires data from device to validate the autentication.

    My concern is more about if this data could be intercepted.

    Does HTTPS encript all this information?

    If yes, its fine for me..

    About injection and everything, yeah, I know.. back when Mu servers were popular I had to learn about it. Never trust the client input

  • I'm confused: in your first post you said it's not working, and in the second post you appear to say it is working. I don't know what to say now.

    It's displaying the email from the variable in a text object as you told me to try, so it means that the variable sent in ajax should be correct. Al-tough it's still not updating the data in mysql.

    I posted an update if you saw it that it seems something is wrong with the variable as on random occasions when i start the game it's displaying duplicate emails after each other.

    Would you know why this is happening?

    Regards

    Edgar

  • > Which method should I use to secure it?

    This opens up a whole area of digital security. I'd recommend looking for a course covering the basics, because if you don't know what you're doing, you'll probably make something so insecure a passer-by can at least delete everything, or possibly steal all the data - and if you are storing people's personal data, you can become liable for significant fines if that gets leaked and you were negligent in your security measures.

    At a minimum look in to using HTTPS and protecting against injection attacks, but there's a lot more to it than that!

    Nevermind..

    I found the answer.. when requesting over HTTPS the only not fully secured part is the domain.. after the first part / it is indeed secure.

  • Another update: It seems like when sending both variables together either the database gets populated with an empty email or the email and balance together in the email field. So it seems it doesn't separate the two variables when posting to a php script.

    Is there a way to separate them, because this code should be correct: "balance="&balance&"email="&email

    Regards

    Edgar

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads
  • Update: It seems like on random occasions the text from the email variable displays duplicate emails after each other.

    Regards

    Edgar

    Try

    On button clicked

    (SubEvent)System-Trigger Once, Ajax, Send-Your Data

  • "balance="&balance&"email="&email

    This is incorrect.

    "balance=" & balance & "&email=" & email

    This should work. The space characters are superfluous but help a ton with readability. As Ashley said, preview your data string in the debugger or console and you'll see if it is valid or not.

  • "balance="&balance&"email="&email

    This is incorrect.

    "balance=" & balance & "&email=" & email

    This should work. The space characters are superfluous but help a ton with readability. As Ashley said, preview your data string in the debugger or console and you'll see if it is valid or not.

    I tried to separate it but it still doesn't work, i also tried the trigger once event but to no avail. In the debugger it displays the variable email as the correct email.

    Is it because i'm using the free version and it only allows for 1 variable to be sent?

    Any other suggestions?

    Regards

    Edgar

Jump to:
Active Users
There are 1 visitors browsing this topic (0 users and 1 guests)