1) I dont think you can access browser sessions from a php script called with ajax.
2) You should send the username as another GET variable within the javascript like this:
url = 'backstagefunctions.php?f=' + url + '&u=' + <?= $_SESSION['username']; ?>
This is assuming the javascript is within a php file that has sessions enabled before it reaches the <head> tags of the html.
3) In the "edithandler" function change ( within the mysql query ) $_SESSION['username'] to $_GET['username']
Remember a function called with AJAX returns a string only sent using echo or print. You then must break that string down withhin the javascript. So for example, if your php gets the users details you may have it generate and return a string like this $output = 'usernamehere&agehere&firstnamehere'; echo $output;
Then in the javascript you can get each variable like this:
var response = ajaxobect.responseText;
response = response.split ( '&' );
var username = response[0];
var age = response[1];
var firstname = response[2];
Then fill your form fields in a way like this;
document.formname.fieldname.value = variable;
Is all of that right? Just trying to get a second opinion.
handlers function
Code: Select all
function handlers() {
print '<h1 class=backstage>Handler Management</h1><br />';
print "<h2 class=\"backstage\">Handlers :: <a href=\"#\" onclick=\"ajaxpage('addhandler', 'content'); return false;\">Add New</a></h2><br />";
print '<table width="100%" class="table1">';
print '<tr class="rowheading">';
print '<td width="30"> </td>';
print '<td align="center">Username</td>';
print '<td align="center">Surname</td>';
print '<td align="center">First Name</td>';
print '<td align="center">E-Mail</td>';
print '</tr>';
$query = "SELECT * FROM users ORDER BY `username`";
$result = mysql_query ( $query ); // Run The Query
if ($result) {
// Fetch and print all records.
$i = 0;
while ( $row = mysql_fetch_array ( $result, MYSQL_ASSOC ) ) {
$sClass = 'row2';
if ($i ++ & 1) {
$sClass = 'row1';
}
printf ( "<tr class=\"%s\">", $sClass );
print "<td valign=\"top\" align=\"center\" width=\"30\"><a href=\"#\" onclick=\"ajaxpage('edithandler', 'content'); return false;\">Edit</a></td>";
printf ( "<td valign=\"top\" align=\"center\">%s</td>", $row [username] );
printf ( "<td valign=\"top\" align=\"center\">%s</td>", $row [surname] );
printf ( "<td valign=\"top\" align=\"center\">%s</td>", $row [firstname] );
printf ( "<td valign=\"top\" align=\"center\">%s</td>", $row [email] );
print '</tr>';
}
}
print '</table><br />';
print '<h2 class=backstage><form method=POST><input type=hidden name=action value=mainmenu><input type=submit value="Return to Main Menu" class=button200></form></h2>';
} Code: Select all
function edithandler() {
$query = "SELECT * FROM `users` WHERE `username` = '" . $_GET['username'] . "'";
$result = mysql_query ( $query ); // Run The Query
$row = mysql_fetch_array ( $result, MYSQL_ASSOC );
print '<h1 class=backstage>Handler Management</h1><br />';
print '<h2 class=backstage>Edit Handler Details</h2><br />';
print '<form name="edithandler" method="post" action="backstage.php" id="edithandler">';
print '<table width="100%" class="table2">';
print '<tr>';
print '<td width=120 class=rowheading>Username:</td><td class=row3><input type=text name=login class=fieldtext490 value="'.$row['username'].'"></td>';
print '</tr>';
print '<tr>';
print '<td class=rowheading>Password:</td><td class=row3><input type=password name=password class=fieldtext490 onfocus="this.select()" value=""></td>';
print '</tr>';
print '<tr>';
print '<td class=rowheading>Surname:</td><td class=row3>';
print '<input type=text name=surname class=fieldtext490 value="'.$row['surname'].'"></td>';
print '</tr>';
print '<tr>';
print '<td class=rowheading>Firstname:</td>';
print '<td class=row3><input type=text name=firstname class=fieldtext490 value="'.$row['firstname'].'"></td>';
print '</tr>';
print '<tr>';
print '<td class=rowheading>Email:</td>';
print '<td class=row3><input type=text name=email class=fieldtext490 value="'.$row['email'].'"></td>';
print '</tr>';
print '<tr>';
print '<td class=rowheading>AIM:</td>';
print '<td class=row3><input type=text name=aim class=fieldtext490 value="'.$row['aim'].'"></td>';
print '</tr>';
print '<tr>';
print '<td class=rowheading>MSN:</td>';
print '<td class=row3><input type=text name=msn class=fieldtext490 value="'.$row['msn'].'"></td>';
print '</tr>';
print '<tr>';
print '<td class=rowheading>Forum ID:</td>';
print '<td class=row3><input type=text name=forumid class=fieldtext490 value="'.$row['forumid'].'"></td>';
print '</tr>';
print '<tr>';
print '<td class=rowheading>Account:</td>';
print '<td class=row3><select name=enabled class=selection>';
print '<option value=1>Enabled</option><option value=0>Disabled</option>';
print '</select></td>';
print '</tr>';
print '<tr>';
print '<td class=rowheading>Administrator:</td>';
print '<td class=row3><select name=isadministrator class=selection>';
print '<option value=1>Yes</option><option value=0>No</option>';
print '</select></td>';
print '</tr>';
print '<tr>';
print '<td class=rowheading>Default Character:</td>';
print '<td class=row3></td>';
print '</tr>';
print '</table><br />';
print '<input type=checkbox name=deletehandler> <span class=table1heading>Delete Handler?</span><br /><br />';
print '<input type="submit" value="Save Handler" class="button" name="edithandler"></form><br />';
print '<form method=POST><input type=hidden name=action value=handler><input type=submit value="Return to Handler List" class=button200></form><br />';
print '<h2 class=backstage>Characters<br /><br /><form method=post><input type=hidden name=action value=handler><input type=hidden name=routine value=addcharacter><input type=hidden name=option value=0><input type=hidden name=id value="130"><select name=characterid class=dropdown>';
print '<option value=0>- Select -</select> <input type=submit value="Add" class=button></form></h2><br />';
print '<br /><br />';
print '<h2 class=backstage><form method=POST><input type=hidden name=action value=mainmenu><input type=submit value="Return to Main Menu" class=button200></form></h2>';
} Code: Select all
var loadedobjects=""
var rootdomain="http://"+window.location.hostname
function ajaxpage(url, containerid)
{
url = 'backstagefunctions.php?f=' + url;
var page_request = false
if (window.XMLHttpRequest) // if Mozilla, Safari etc
page_request = new XMLHttpRequest()
else if (window.ActiveXObject)
{
// if IE
try
{
page_request = new ActiveXObject("Msxml2.XMLHTTP")
}
catch (e)
{
try
{
page_request = new ActiveXObject("Microsoft.XMLHTTP")
}
catch (e)
{
}
}
}
else
{
return false
}
page_request.onreadystatechange=function()
{
loadpage(page_request, containerid)
}
page_request.open('GET', url, true)
page_request.send(null)
}
function loadpage(page_request, containerid)
{
if (page_request.readyState == 4 && (page_request.status==200 || window.location.href.indexOf("http")==-1))
document.getElementById(containerid).innerHTML=page_request.responseText
}
function loadobjs()
{
if (!document.getElementById)
return
for (i=0; i<arguments.length; i++)
{
var file=arguments[i]
var fileref=""
if (loadedobjects.indexOf(file)==-1)
{
//Check to see if this object has not already been added to page before proceeding
if (file.indexOf(".js")!=-1)
{
//If object is a js file
fileref=document.createElement('script')
fileref.setAttribute("type","text/javascript");
fileref.setAttribute("src", file);
}
else if (file.indexOf(".css")!=-1)
{
//If object is a css file
fileref=document.createElement("link")
fileref.setAttribute("rel", "stylesheet");
fileref.setAttribute("type", "text/css");
fileref.setAttribute("href", file);
}
}
if (fileref!="")
{
document.getElementsByTagName("head").item(0).appendChild(fileref)
loadedobjects+=file+" " //Remember this object as being already added to page
}
}
}
function WrestlerList()
{
var addWrestler = document.getElementById("character_selection").value
if (addWrestler) {
// Here we append a new wrestler to your hidden field using a comma
document.getElementById("chars").value += addWrestler+",";
// Continue your original functionality
document.getElementById("characterlist").innerHTML += "<li>" +
addWrestler + "</li>";
return WrestlerList;
}
}