0

can i use javascript to save an item to a database using sql script?

asked Sep 12, 2009 at 14:11

4 Answers 4

4

Not directly, unless you are working with a client-side database. However, you can hook JavaScript up with a server-side script (whichever backend you'd prefer) using XMLHttpRequest.

answered Sep 12, 2009 at 14:16
Sign up to request clarification or add additional context in comments.

Comments

3

You really don't want to do this. If you store SQL in your client-side javascript, you are exposing the details and structure of your database to an attacker. Creating an AJAX method to execute passed in javascript without creating a hole and attacker could use to perform SQL Injection attacks would be quite difficult.

answered Sep 12, 2009 at 14:34

1 Comment

As long as your server-side script does a thorough job of input sanitization, this isn't a bad idea. Assuming that you don't pass a string of raw SQL as a variable...that would be bad.
1

As in Javascript on the browser? No, you can't.

Hypothetically you could use AJAX techniques to push SQL commands through a server layer and thence to the database but you really, really wouldn't want to since that would be an unholy mother of all security risks.

answered Sep 12, 2009 at 14:16

Comments

0

no, you'd have to use some serverside processing language , such as php, asp....

answered Sep 12, 2009 at 14:16

4 Comments

can i pass a javascript value to a php variable? for example i will get the value of a textarea through javascript then copy it to a php variable.
yes, you can pass JS data as a querystring param or in a form input when you make a request
can you give me an example. i'm sorry i'm such a noob.
if you are a noobie, i suggest you use the jquery javascript library. It will ease your learning curve a lot. Then you could do something like: $.post("test.cgi", { name: "John", time: "2pm" }, function(data){ alert("Data saved: " + data); } ); Here is a good starting point: sitepoint.com/article/ajax-jquery

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.