Ajax post script not completing

Please refer to jsFiddle at "https://jsfiddle.net/midnightCabbie/mpm4uqtw/1/"  The issue is when clicked the submit button tries to send the data, but never succeeds. I'm not sure if the button is configured correctly, or if there is an issue with the php script.  

Here is the db_config.php  file:
<?php

//PDO
$db_host="localhost";
$db_user="pricelea_root";
$db_pass="pd5765166";
$db_name="pricelea_client_register";

try{
    $db_con = new PDO("mysql:host=$db_host;dbname=$db_name",$db_user,$db_pass);
     // set the PDO error mode to exception
    $db_con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    echo "Connected successfully";
    }
catch(PDOException $e)
    {
    echo "Connection failed: " . $e->getMessage();
    }

?>

Open in new window


Thanks in advance
dlearman1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Swatantra BhargavaTechnical Specialist/DeveloperCommented:
When you Click on Submit button, there are Javascript errors. First, resolve them to run the code.
<script type="text/javascript" src="http://www.pricelearman.com/_modules/registration/signup_process.php"></script>
How can you call your PHP file like this? Please correct this and test again.
Specify full Path in your included files.
    <script src="./_js/modules/bootstrap.min.js"></script>
    <script src="./signup.js"></script>
0
Julian HansenCommented:
The script pointed to in that fiddle does not exist

https://fiddle.jshell.net/midnightCabbie/mpm4uqtw/1/show/signup_process.php

Gives a 404
0
ste5anSenior DeveloperCommented:
Just a comment:

Imho a "Secure New Client Register" should be free of any unnecessary external reference. This includes any external JS library and CSS files. Anything need should be inlined to be easily audited.

Just my 2¢.
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

dlearman1Author Commented:
Swatantra... I believe these issues have been removed in the uploaded files below.

Julian... The files should be there. I'm not that great with jsFiddle and this was my first attempt to include multiple html/php files. Giving up on jsFiddle and uploading the files below.

ste5an... This code would be used in a very low security environment. Right now I just want to get it running.

Currently, the code seems to stall at the ajax post inside signup.js.

Thanks for your help.
signup.php
signup.js
signup_process.php
db_config.php
0
Julian HansenCommented:
I am guessing your signup_process.php is erroring but errors are turned off so you are not seeing it.

The error is probably generated on the data exatraction where you are using mysq_real_escape_string. This function has been deprecated and removed in later versions of PHP so it is either generating a Warning or an Error.

Then you have all this space at the top of the signup_process.php - that counts as output and will be returned to your AJAX procedure.

Rule 1 with PHP scripts - remove all space before <?php and don't put a closing tag in (unless you need to put non-PHP output after the script). In your case you have whitespace after the ?> which ALSO counts as output.

In your success callback for register you target button with id btn-submit - no such button - did you mean btn-signup.

With respect to the mysql_escape_string - you shouldn't need it in this script as you are already using prepared statements. What you would probably want to do is sanitize with respect to the length and characters you want in each using something like preg_match() or preg_replace()

To safely extract your post variables you can do this
$user_name = isset($_POST['name']) ? $_POST['name'] : false;
$user_email     = isset($_POST['email']) ? $_POST['email'] : false;
$user_password  = isset($_POST['password']) ? $_POST['password'] : false;

Open in new window


Then later in your code check to see if you got all of them
if (!$user_name || !$user_email || !$user_password) throw new Exception('Invalid Parameters');

Open in new window

Here is my version of your signup script. Still needs work but should pass muster for now
<?php
// mysql_real_escape_string use of deprecated library
// not checking post
require_once 'db_config.php';
if($_POST)
{
  $user_name      = isset($_POST['name']) ? $_POST['name'] : false;
  $user_email     = isset($_POST['email']) ? $_POST['email'] : false;
  $user_password  = isset($_POST['password']) ? $_POST['password'] : false;
  $date_added   = date('Y-m-d H:i:s');
  try
  {
    if (!$user_name || !$user_email || !$user_password) throw new Exception('Invalid Parameters');
    //password_hash see : http://www.php.net/manual/en/function.password-hash.php
    $password   = password_hash( $user_password, PASSWORD_BCRYPT, array('cost' => 11));

    $stmt = $db_con->prepare("SELECT * FROM clients WHERE user_email=:email");
    $stmt->execute(array(":email"=>$user_email));
    $count = $stmt->rowCount();

    if($count==0){
      $stmt = $db_con->prepare("INSERT INTO t3242_clients (user_name,user_email,user_password,date_added) VALUES(:uname, :email, :pass, :adate)");
      $stmt->bindParam(":uname",$user_name);
      $stmt->bindParam(":email",$user_email);
      $stmt->bindParam(":pass",$password);
      $stmt->bindParam(":adate",$date_added);

      if($stmt->execute())
      {
        echo "registered";
      }
      else
      {
        echo "Query could not execute !";
      }
    }
    else{
      echo "1"; //  not available
    }
  }
  catch(PDOException $e){
    echo $e->getMessage();
  }
  catch(Exception $e) {
    echo $e->getMessage();
  }
}

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dlearman1Author Commented:
Julian,
Thanks for your time and expertise. Your posts are always the best thought out and helpful on-the-point. I will work with your solution this evening.

I know the online code I started with is old and dated. Once it works I'm planning to convert to mySQLi.

Thanks
0
dlearman1Author Commented:
Working on mysqli version now... stay tuned!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.