Refactoring webproject: php mysql javascript
751
Since my project gets bigger and bigger I start to loose overview :) I have alot of Ajax requets and for ever request an appropriate file like: "newbill.php","newcustomer.php" and so on..meaning for every singele request a new one?
My Question is: is there any way to somehow get around this? What I thought of is to pass the name of a function within the POST of the ajax to call the appropriate function within the php.. but I somehow dont feel comfortable with it neither??
Sample(javascript)
// Kundendaten updaten
$("a#updateKunde").click(function(evt){
formSerial2 = $('#baseForm').serialize();
evt.preventDefault();
$.ajax({
type: "POST",
**url: "ajax/updatecustomer.php"**,
data: formSerial2,
success: function(msg){
$(".alert").html(msg)
.css("color","#66b451")
.hide()
.show('slow')
.fadeOut(2000)
.hide('slow');
}
});
});
PHP-file(updatecostumer.php)
<?php
include_once("../_class/queries.php");
$kn = $_POST['selKunden'];
$vn = $_POST['ivname'];
$na = $_POST['iname'];
$st = $_POST['istrasse'];
$pl = $_POST['iplz'];
$or = $_POST['iort'];
$em = $_POST['iemail'];
connect::getQuery("UPDATE Kunde SET vname = '".$vn."',
name = '".$na."',
adresse = '".$st."',
plz = '".$pl."',
ort = '".$or."',
email = '".$em."'
WHERE Kunde.ID =".$kn."");
echo(" Kunde Nr: ".$kn." wurde upgedated");
?>
Answer
Solution:
so a few comments here..
First never ever ever take direct input and push to your DB. Always escape entry from your users to avoid SQL Injection:
Secondly; you could have an action clause in your post to a file such as ajax.php. Through this you would then be able to handle different actions. I wouldn't suggest passing a function name, but create a list of actions which lead you to the class you need done. If you have common post parameters for various actions you could then take and reuse code on your ajax page rather than having multiple other pages out there doing the exact same escaping / querying.