Comments on: Sorting items on the fly (AJAX) using jQuery UI Sortable, PHP & MySQL.

By: Mahmoud M. Abdel-Fattah

Mahmoud M. Abdel-Fattah — Tue, 20 Apr 2010 17:51:36 +0000

Before asking for help, you should use real email, and you’re using FAKE ONE, so how can we help you ?!

By: Arne

Arne — Tue, 20 Apr 2010 17:45:28 +0000

Since you didn’t include your exact versions of compiled jQuery and jQuery UI, the script gives me “there’s an error with AJAX.” I appreciate the tutorial and don’t want to disparage you taking the time to share your work freely with the world, but if you’re going to write a tutorial, put up all the files required, preferably as a downloadable ZIP, and take the time to explain the code.

By: paceto

paceto — Wed, 10 Mar 2010 14:11:37 +0000

// Great tutorial but … please fix this SQL INJECTION style mysql_query

!!!!!!!!! SQL INJECTION via $menu[$i] !!!!!!!!!!
mysql_query(“UPDATE `menu` SET `sort`=” . $i . ” WHERE `id`=’” . $menu[$i] . “‘”) or die(mysql_error());
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

$menu[$i] variable is send by the client so it’s insecure …
what if I send post … $menu[$i] = blabla’ or 1=1;# … this will update all records in this table …

!!!!!!!! CORRECT !!!!!!!!!!!!!
mysql_query(“UPDATE `menu` SET `sort`=” . mysql_real_escape_string($i) . ” WHERE `id`=’” . mysql_real_escape_string($menu[$i]) . “‘”) or die(mysql_error());
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Great tutorial 10x again

By: jorin

jorin — Sun, 14 Feb 2010 16:50:24 +0000

still doesnt makes sense where the $_POST["menu"] variable is beeing created..

By: lardlad

lardlad — Fri, 05 Feb 2010 19:47:23 +0000

This got me hung up too. I think this is where ‘menu’ is posted from:
echo ” .

I guess the syntax looks for an id and everything after the “_” is what gets posted.

By: sholn

sholn — Fri, 15 Jan 2010 18:08:43 +0000

Hi there!
nice tutorial, I’ve used with Drupal and works really fine thx!
I own you a beer

By: Colin O. Below

Colin O. Below — Mon, 23 Nov 2009 02:52:29 +0000

Hi,

is it possible to post more data than only one array? Or add some data tho this array before post to php?

I have more than one of these sortable div and i’d like to add the possibility to move elements of one sortable div to another sortable div.

How would you solve this problem?

Regards
Colin

By: Mahmoud M. Abdel-Fattah

Mahmoud M. Abdel-Fattah — Wed, 07 Oct 2009 11:11:09 +0000

Dear daj, Sorry but we’re not using ASP.

By: daj

daj — Tue, 29 Sep 2009 17:37:05 +0000

Any chance that you can provide a classic ASP sample of sort_menu.php…?

Converting menu_list.php to an ASP version is not a problem at all, but i really don’t know how to read the array in ASP like you’re doing from line #8 in sort_menu.php.

Thanks in advance

By: Mahmoud M. Abdel-Fattah

Mahmoud M. Abdel-Fattah — Thu, 10 Sep 2009 09:47:09 +0000

Can you explain in more details, please ?