0

Using PHP, and MySql, I am trying to implement this rather snazzy in-place editor available here:

tutorial: http://www.davehauenstein.com/code/jquery-edit-in-place/

js file: http://davehauenstein.com/code/scripts/jquery.inplace.min.js

OK what is happening is,

  1. I click the element to edit the text.
  2. I clear the old text, and enter the new text.
  3. I click outside of the element to initiate Ajax to save the new text.
    1. Ajax shows "Saving..", which is default text for updating element.
    2. The new text is updated in the database.
  4. Element reloads, and instead of showing the new text inside of element, the element shows (Click here to edit text), which is the default text in the js file for an element that returns empty.

The Problem: Only once I refresh the page manually, is the new text loaded in element. Instead of loading in the element without refreshing.

The element with in-place edit:

<div class="editme1"><?php
$content = $_GET['update_value'];
// i added this to try and get the updated value but im
// not really sure, just a guess. i have also used $_POST
// in an attempt to catch it....but i feel stupid even
// saying that..lol
if(!empty($content)) { echo "$content"; } else 
{ echo "$row[profilevalue_8]"; }
?></div>

The file (update.php) which updates the database:

<?php include('includes/config.php');
include('includes/functions.php');
$name = $_POST[update_value];
$update = mysql_query("UPDATE profilevalues SET profilevalue_8 = '".$name."' 
WHERE profilevalue_user_id = '".uid()."'") or die(mysql_error());
?>

The javascript

<script type="text/javascript">
    $(document).ready(function(){
        $(".editme1").editInPlace({
            url: "http://www.mysite.com/update.php",
            params: "ajax=yes",
        });
</script>

The issue is I guess, is that I cant seem to reflect the changes in the element as expected.

I would be so grateful for any help.

Thanks

Improve this question
2
  • By inserting form POST data straight into SQL you have a huge SQL Insert issue. Commented Mar 27, 2009 at 9:03
  • Hi Jon, Thanks for your comment. I am aware of the danger of not sanitizing the input before posting into the database, but this is just a "preliminary example" of what i am trying to achieve. Either way, thanks for your input, as this is important information for all to know. Commented Mar 27, 2009 at 9:39

2 Answers 2

Reset to default
1

Your forgot something in the update.php :) Every In Place Editor does an AJAX request to the update file and then puts in the edited element the things it gets in the update.php with that request.

So your update.php needs to be like this

<?php include('includes/config.php');
include('includes/functions.php');
$name = $_POST[update_value];
$update = mysql_query("UPDATE profilevalues SET profilevalue_8 = '".$name."' 
WHERE profilevalue_user_id = '".uid()."'") or die(mysql_error());

echo $_POST['update_value']; //add this to your file and it should be working now
?>
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I am so silly.... but sometimes it takes a person to point out the obvious for someone(me) to get it...lolol.... Thank you, I am forever in your debt...lol
0

To add to what Bogdan Constantinescu said, I think it is worth pointing out that to guard against people entering nasty data you should really

  • Call htmlspecialchars() on any untrusted strings you are sending to the browser as HTML. This will help prevent XSS attacks.
  • Call mysql_real_escape_string() on any strings you are putting directly into SQL statements. This will protect you from SQL injection attacks.
Improve this answer

1 Comment

Hi tomhaigh, thanks for your comment. I whole heartedly agree, very much so worth point out those two important functions. And to also note to any readers, that this is a "preliminary example" used to test, and that all input should be sanitized before posting. Thanks!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.