AJAX issue, returning spurious results

droopsnoot · October 27, 2015, 7:24pm

I have a very basic web site that I use on a local WAMP server, it’s a magazine index I’m trying to compile for a club I’m a member of. For the specific problem I’m having, I have a html form where I enter some car details, when I move away from the text box where I enter the registration number, I call a very short php function that searches the database for that registration number, and returns the details or the string “Not Found”. If the details are found, the rest of the forum is populated.

The problem I am having is that sometimes I enter a registration number that I know is in the database, but it returns “Not Found” and therefore the form is left empty. If I call the lookup php code directly with the registration as the argument in the url, it returns the correct information. For the sake of completeness here is the lookup code:

<?php
require_once("../magissues_db.php");

header('Content-Type: text/xml');
echo '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>';
echo '<response>';
$reg = strtoupper(StripReg($_GET['reg'])); // added toupper() although stripreg should already do it.
$q = "select * from vehicles where vehicle_reg = :r";
$b = $dbc->prepare($q);
$b->bindParam(':r', $reg);
$b->execute();

if ($row = $b->fetch()) { 
  echo $row['vehicle_type'];
  }
else
  {
  echo 'Not Found';
  }
echo '</response>';
?>

// This is Stripreg, it's in the include file usually
function StripReg($inreg) {
$newreg = "";
$a = 0;
while ($a < strlen($inreg)) {
	$x = strtoupper(substr($inreg, $a, 1));
	if (($x >='A' && $x <= 'Z') || ($x >= '0' && $x<= '9')) {
		$newreg .= $x;
		}
	$a += 1;
	}
return $newreg;
}

The function just removes anything that isn’t valid in the registration, and converts to upper case. The same function is used to store the registration as well.

But sometimes it returns “Not Found” when it should return the vehicle details. Could it be some kind of buffering issue? I noticed today that I created a new vehicle entry, realised I’d made a typo, opened phpmyadmin on another IE tab, made the change, stored the data, but when my code above ran, it still returned the old information even though phpmyadmin had stored the correction.

I added some alert() functions into the javascript to show the registration as it arrives, and the response from the above code, and it is receiving “Not Found”, not just getting no response.

Any ideas would be appreciated.

lorenw · October 27, 2015, 9:07pm

Just to make sure the reg # is getting to the script

echo $_GET['reg'].' Not Found';

also you can alert the reg # that was entered, I prefer console.log and view the results in the console. (I hate clicking OK all the time.)

felgall · October 28, 2015, 1:02am

The delay to display the alert can also affect how some scripts function.

spaceshiptrooper · October 28, 2015, 5:08am

I’m thinking (I could be wrong), it’s because you are missing somethings to check for proper things. Assuming you are using PDO, you can do

$reg = strtoupper(StripReg($_GET['reg'])); // added toupper() although stripreg should already do it.
$q = "select vehicle_type from vehicles where vehicle_reg = :r";
$b = $dbc->prepare($q);
$b->bindParam(':r', $reg);
$b->execute();

if($b->rowCount()) {

    while($row = $b->fetch()) {

        echo $row['vehicle_type'];

    }

} else {

    echo 'Not Found';

}

The reason why I give the codes a lot of spacing is for readability. If you can’t even read your own codes, there’s something totally wrong there. So give it the proper spacing & padding. I typically make a new line when it comes to num_rows & rowCount. This is because it’s telling me that I am going to do some outputting so I shouldn’t have all of the other tags side-by-side because it’ll be hard to identify where your error checking are.

Back on-topic.

When I tried your method without any while loop. this is the error I got.

Notice:  Undefined index: vehicle_type in C:\dev\www\sample\index.php on line 18

This is because you are missing the while loop and proper rowCount. Without while loop, you can’t really take columns from the query. Also, if you are just going to use 1 column, just define that column in your query. Don’t use * because if you get hacked some how, the hacker doesn’t need to do any hard work because you have provided them with x amount of columns without them requesting it. So they can see let’s say your columns; id, admin, vehicle_type, .etc. If you define just 1 column. All the hacker is going to see is vehicle_type. Nothing else.

EDIT: Sorry I had to edit out PDO::FETCH_ASSOC. I forgot that I forced my connection to use objects.

droopsnoot · October 28, 2015, 10:21am

Thanks for the suggestions. I hadn’t got the while() loop in there because the vehicle_reg column is a unique index, so there will only be either one result (which I figured fetch() would return), or no results. When it returns no results (even though it should), it is returning “Not found” to the calling javascript code. I did notice that I’m retrieving all columns when only one is actually needed, but I didn’t imagine it would make any difference to the specific problem I’m having. I take your point on security, but this is running on a local PC and isn’t intended to ever be a live site.

I will play around with console.log - not something I’ve tried out. I had removed quite a bit of space from the code to make the post shorter.

droopsnoot · October 28, 2015, 7:14pm

I’m doing some more playing with this, but can’t make it fail on demand so it’s a long job. I was hoping someone might say ‘Oh, there’s a buffering thing unless you do x,y,z’ but obviously not. Found that console.log appears to be Firefox only, so I’ll have a look at other logging options.

felgall · October 28, 2015, 7:42pm

console.log is a valid JavaScript command in all browsers - or at least in IE, Edge, Chrome, Opera and Safari.

lorenw · October 28, 2015, 7:58pm

In Chrome hit F12 and you will see the console tab.

droopsnoot · October 29, 2015, 10:06am

Thanks, I did a quick search on console.log and the first few results appeared to suggest FF. I will play some more with this.

droopsnoot · October 29, 2015, 12:58pm

I added a debug_to_console function to write to console.log, but it either doesn’t seem to work, or causes problems in the lookup function, probably because it’s sticking the javascript in the middle of the XML output. So I downloaded a Chrome extension that seems to be helping. Now I just need it to go wrong again so I can see what’s happening.

system · January 28, 2016, 7:58pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.