Jquery ajax call from javascript to PHP

Question

There seems to be a problem with the code I have for calling php from javascript with jquery ajax. The ajax call seems to be successful but I don\'t get the correct informa

Answer 1

You haven't passed $sql into mysql_query();

$sql = "DELETE FROM dtree_table WHERE nid='$node'";

mysql_query($sql);
// -------^^^^^^^^
return $sql;

Your code is vulnerable to SQL injection, as it only checks for an empty $node. As an end user, I could delete any id in the database I wish, or all of them if I ran the code in a loop. You will need something to check that the user running the code has permission to delete the node, and also, call mysql_real_escape_string() on $node.

$node = mysql_real_escape_string($node);
$sql = "DELETE FROM dtree_table WHERE nid='$node'";
$result = mysql_query($sql);

// Check for success...
if ($result) {
  // return success codes to ajax caller
}
else {
  // return error codes to ajax caller
}

ADDENDUM

We don't see the code where you call upTree() in PHP. Are you actually calling the function? If you don't call it and that's your whole PHP script, then it will execute, do nothing, and return a blank HTTP response to your Ajax calling function with a successful 200 response code.