http://www.ils.unc.edu/~lstacey/inls992test/ajaxtest.php
<?php
include ('header.php');
?>
<!-- metadata that we want crawl-able or different -->
<link rel='stylesheet' type='text/css' href='styles/print.css' media='print' />
<link rel='stylesheet' type='text/css' href='styles/fire.css' media='screen' />
<meta name='keywords' content='storytelling, story, folktale, fairy tale, database' />
<meta name="copyright" content="January 2008, S Lunden" />
<meta name="description" content="A database to collect and share information on stories and folktales" />
<title>Storytime: A Database for Storytellers, Submit Stories</title>
<script type="text/javascript" src="ajaxTest.js" ></script>
</head>
<body>
<!-- OUTER container for background art -->
<div id="outer">
<!-- CONTENT is for entire content box -->
<div id="content">
<!-- TEXT is for actual content -->
<div id="text">
<span class="title">Submit Stories...</span>
<div id="one">
<div id="oneleft">
<p>Please type in a Username <br >and hit enter</p>
<p><input id="uname" type="text" name="username" onchange="getData( 'ajaxPost.php', 'oneright', document.getElementById('uname').value )" /></p>
</div>
<div id="oneright">
<p>text here</p>
</div>
</div>
<div id="eight">
<br />
<!--<p><input type="button" value="Check Username" onclick="" /></p>-->
<br />
</div>
</form>
</div>
<!-- MAINMENU is for the menu buttons -->
<?php
include ('menu.php');
?>
<!-- close CONTENT -->
</div>
<!-- FOOTER -->
<?php
include ('footer.php');
?>
<!-- close OUTER -->
</div>
</body>
</html>
http://www.ils.unc.edu/~lstacey/inls992test/ajaxPost.php
<?php
/*--if ($_POST["username"] == "cookie" )
{
echo "<p>testing A</p>";
}
else
{
echo $_POST['username'];
}--*/
/*--Match all fields to known fields--*/
$allowed = array( 'username' );
$form = array_keys( $_POST );
if ( $form === $allowed )
{
/*--Clean for html--*/
$clean_username = htmlentities($_POST[username]);
/*--Open connection, select database, select table--*/
include ('db_login.php');
$connection = mysql_connect($db_host, $db_username, $db_password);
if (!$connection)
{
die ("<p>Could not connect to the database: </p>". mysql_error());
}
else
{
$db_select=mysql_select_db($db_database);
if (!$db_select)
{
die ("<p>Could not select the database: </p>". mysql_error());
}
else
{
/*--Clean for mySQL: reverse magic quotes and use mysqlrealescape string to prevent SQL injection--*/
if (get_magic_quotes_gpc())
{
$clean_username = stripslashes($clean_username);
}
$clean_username = mysql_real_escape_string($clean_username);
/*--Query0 used to determine if username exists--*/
$query0 = "select username from users";
/*--Result0 is used to determine of the username already exists.--*/
$result0 = mysql_query($query0);
if (!$result0)
{
die ("<p>Could not query0 the database: </p>". mysql_error());
}
while ($array0 = mysql_fetch_array($result0, MYSQL_ASSOC))
{
$newarray[] = $array0['username'];
}
if (in_array($clean_username, $newarray))
{
echo "<p>Username $clean_username already exists</p>";
}
else
{
echo "<p>Ajax loves you, $clean_username</p>";
}
}
}
mysql_close($connection);
}
?>