Refactoring webproject: php mysql javascript

751

Since my project gets bigger and bigger I start to loose overview :) I have alot of Ajax requets and for ever request an appropriate file like: "newbill.php","newcustomer.php" and so on..meaning for every singele request a new one?

My Question is: is there any way to somehow get around this? What I thought of is to pass the name of a function within the POST of the ajax to call the appropriate function within the php.. but I somehow dont feel comfortable with it neither??

Sample(javascript)

    // Kundendaten updaten
$("a#updateKunde").click(function(evt){

    formSerial2 = $('#baseForm').serialize();
    evt.preventDefault();
       $.ajax({
            type: "POST",
            **url: "ajax/updatecustomer.php"**,
            data: formSerial2,
            success: function(msg){                 
                $(".alert").html(msg)
                           .css("color","#66b451")
                           .hide()
                           .show('slow')
                           .fadeOut(2000)
                           .hide('slow');

            }
        });         
});

PHP-file(updatecostumer.php)

<?php 

    include_once("../_class/queries.php");

        $kn = $_POST['selKunden'];

        $vn = $_POST['ivname'];
        $na = $_POST['iname'];
        $st = $_POST['istrasse'];
        $pl = $_POST['iplz'];
        $or = $_POST['iort']; 
        $em = $_POST['iemail'];

        connect::getQuery("UPDATE  Kunde SET  vname =  '".$vn."', 
                             name =  '".$na."',
                             adresse =  '".$st."',
                             plz =  '".$pl."',
                             ort =  '".$or."',
                             email =  '".$em."' 
                             WHERE  Kunde.ID =".$kn."");                        


        echo(" Kunde Nr: ".$kn." wurde upgedated");

 ?>
789

Answer

Solution:

so a few comments here..

First never ever ever take direct input and push to your DB. Always escape entry from your users to avoid SQL Injection:

$st = mysql_real_escape_string($_POST['istrasse']);

Secondly; you could have an action clause in your post to a file such as ajax.php. Through this you would then be able to handle different actions. I wouldn't suggest passing a function name, but create a list of actions which lead you to the class you need done. If you have common post parameters for various actions you could then take and reuse code on your ajax page rather than having multiple other pages out there doing the exact same escaping / querying.

People are also looking for solutions to the problem: php - Dropdown list is empty

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.