Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 778
  • Last Modified:

Ajax return a form using innerHTML

I got two selectboxes and when select each option it returns the ajax data through innerHTML. The ajax data return a complete form including labels,buttons,textfields. This seems to be working but i want to know if its safe or practical to send a complete form via ajax? if not, are there any alternative method i can use to send ajax data into a form? i've attached my code below. please let me know any comments.
************** Ajax code *************
function ajaxFunction(){
 
var ajaxRequest; // The variable that makes Ajax possible!
 
try{
// Opera 8.0+, Firefox, Safari
ajaxRequest = new XMLHttpRequest();
} catch (e){
// Internet Explorer Browsers
try{
ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try{
ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
} catch (e){
// Something went wrong
alert("Your browser broke!");
return false;
}
}
}
// Create a function that will receive data sent from the server
ajaxRequest.onreadystatechange = function(){
if(ajaxRequest.readyState == 4){
var ajaxDisplay2 = document.getElementById('priceDiv');
ajaxDisplay2.innerHTML = ajaxRequest.responseText;
}
}
var prodref = document.getElementById('prodref').value;
var color = document.getElementById('color').value;
var packaging = document.getElementById('packaging').value;
 
var queryString = "?prodref=" + prodref + "&att1=" + color + "&att2=" + packaging ;
ajaxRequest.open("GET", "/includes/php/ajax_shopping_update.php" + queryString, true);
ajaxRequest.send(null); 
//alert(queryString);
}
 
 
***************product.php**********************
<select name="packaging" class="product_formDropdown" onChange="ajaxFunction();">
<option value="">--- Select Packaging ---</option>
<?php 
while($rsatt2 = mysql_fetch_array($rsgetatt2))
{
echo '<option value="'.$rsatt2['packaging'].'">'.$rsatt2['packaging'].'</option>';
}
?>
</select>
<div id='priceDiv'><p><strong>choose options</strong>
 
*******************************************************
*********ajax-shopping-update.php**************
$prodref = $_GET['prodref'];
$color = $_GET['att1'];
$packaging = $_GET['att2'];
 
if ($prodref != "")
{
$query2 = "SELECT * FROM sub_products WHERE prod_ref='".$prodref."' AND attribute1='".$color."' AND attribute2='".$packaging."'";
$result=mysql_query($query2);
$row=mysql_fetch_array($result);
echo '<form method="post" class="product_form" action="shopping_basket.php">
		<h2><strong>Price : ' .$row['price']. '</strong></h2>
		<p>
		<input type="image" src="/images/product-add.gif" value="Submit" class="product_form_button">
		</p>
	</form>';
 
mysql_close();
 
}
*************************************************

Open in new window

0
Herci
Asked:
Herci
1 Solution
 
FugasCommented:
I'm using prototype.js to make Ajax calls. It also directly supports POST method and to the call you may use only the serialize() method of the form. All you need to know is here http://www.prototypejs.org/
0
 
HerciAuthor Commented:
I managed to solve this by just calling the form containing page through an ajax request display in a DIV
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now