Code working only when the name does not contain spaces. The name is in MySQL database what's the problem?

I have in the dB users table field name. If it has 1 word that I can put the rating of user +1 and if it contains the name and surname (or between words just use a space ie 2 words) code do not want to put +1 to the rating of th problem here is the code
I have 2 tables with a rating of one for all users and the second users session for those who are on the website and in both there is a rating which varies
$query = "SELECT * FROM session";
 $ath = mysql_query($query);
 if(!$ath) exit("<p>Error in query of the session table.</p>");


if(mysql_num_rows($ath)>0)
{

 while($author = mysql_fetch_array($ath))
{
 if(!empty($author['user'])) 

 echo '&nbsp;&nbsp;<p14><a href="darkchat.php">'.$author['user'].'</a></p14><div class=doom data-plusw='.$author['user'].'>+</div>
 <div class=summaw data-summaw='.$author['user'].'></div><p124>'.$author['rey'].'</p124>&nbsp;&nbsp;<br>';

}

 }

here is the JavaScript which adds +1 to the rating
$(function (){
$('.doom').on('click', function (){
var dd = $(this).attr('data-plusw');
var box = $(this).parent().find('.summaw');
$.ajax({
url: 'shablon/plususer.php',
type: 'POST',
data: {dd:dd},
success: function(html){
box.html(html); // assumes that the html returns movie rating
}
});
});
});

and here is the processing code plususer.php
session_start();

if(isset($_SESSION['name']))
{


include("bd.php");
$ww=$_SESSION['name'];
 $rs = mysql_query("SELECT * FROM `users` WHERE `name`='$ww' ");
$rt = mysql_fetch_array($rs);

if($rt['golos']==3 OR $rt['golos']==2 OR $rt['golos']==1)
{
$ryb=$rt['golos']-1;
$ra = mysql_query("UPDATE `users` SET `golos`='$ryb' WHERE `name`='$ww' ");


$rw=$_POST['dd'];


$rs = mysql_query("SELECT * FROM `users` WHERE `name`='$rw' ");
$ro = mysql_fetch_array($rs);


$rys=$ro['rey']+1;
$rr = mysql_query("UPDATE `users` SET `rey`='$rys' WHERE `name`='$rw' ");

}

echo "successfully";

 }
March 20th 20 at 11:48
1 answer
March 20th 20 at 11:50
Solution
Start checking your code.
Where something goes wrong?
The query database is generated correct? Print it. Look at him. Think about why it turned out wrong.
Let's see, where the lost part of the data. In the called php script? In the ajax request? In js it formed? Can be a php script that outputs the list? Or the HTML is incorrect?
the problem is that when 1 word code working when 2 hours I have not seen this might just be the array only reads 1 word in the database ,the problem is that when 2 words(name and surname) nekaneet - Abigayle_Murr commented on March 20th 20 at 11:53
Yes, the error funny (by the way, this error is critical for security; in this code, a lot of problems)
But error is elementary. And that you as a beginner would be much better to master the skill of determining location of the error. You gave too much code unrelated to your error in fact. If you answer the right questions - you will be able to throw out of consideration almost all of the code. After that, if you still unclear the reason for different behaviour, I will explain, of course.

This is a key skill for a developer: look up and check where the actual execution code differs from the planned. Then speculate about the reasons for differences and to test them. But speculate about the reasons for having 2 different programming language, one query language and a markup language - too many entities. You need to verify not excess of whether a few of them. - Laisha13 commented on March 20th 20 at 11:56
@Hector.McDermott65, reorganized and simplified all beyond recognition as a 2x2(made on 1 table with 2 fields name and rey) the fact that javascript code I am green and I helped create it I think the problem is not transferred to a 2 word POST method to the file plususer.php aaham and 1 word is transmitted. See a simplified version so I think that's the problem and how to fix it?
include("bd.php");
$res = mysql_query("SELECT * FROM users");

while($author = mysql_fetch_array($res))

{

 echo '<p14>'.$author['name'].'</p14><div class=doom data-plusw='.$author['name'].'>+</div>
<p124>'.$author['rey'].'</p124><br>';

 }

$(function (){
$('.doom').on('click', function (){
var name = $(this).attr('data-plusw');
var box = $(this).parent().find('.summaw');
$.ajax({
url: 'shablon/plususer.php',
type: 'POST',
data: {"name":name},
success: function(html){
box.html(html); // assumes that the html returns movie rating
}
});
});
});

Here is the latest file plususer.php in this zapolichki PPST or transmit 2 words from dB users
include("bd.php");

$name=$_POST['name'];

$rs = mysql_query("SELECT * FROM `users` WHERE `name`='$name' ");
$ro = mysql_fetch_array($rs);


$rys=$ro['rey']+1;
$rr = mysql_query("UPDATE `users` SET `rey`='$rys' WHERE `name`='$name' ");


echo "added";
- Abigayle_Murr commented on March 20th 20 at 11:59
Continue to simplify. Still too much extra.
What you have in $_POST came from? Sent browser?
spoiler
div class=row or doom div class="row doom" - what's the difference? What will be the HTML attribute, and what is its value?
- Laisha13 commented on March 20th 20 at 12:02
@Hector.McDermott65I received an ajax request, only the 1st word (if in the users table, the cell name contains 1 word all turns out, but if 2, then sends $POST['name'], only the first word of where to go second behind him, I XS, therefore, finds that name in the database and does not increase to the rating). Why so Hz because with JavaScript helped me and I just delve into it so I can't simplify it I have users only with names=) still a problem in the javascript code - Abigayle_Murr commented on March 20th 20 at 12:05
still a problem in the javascript code

here is exactly what I am. Even though it is not a direct cause, but a great point where you can still stop and ask the question is very much less in size.
But why did you leave all of the code associated with the database? var_dump($_POST) as a result of an ajax request - or better yet, report from the browser developer tools that the data was sent. That is, the handler of this ajax request is possible from a consideration to throw out entirely. What's the point if the data it already sent damaged?
Once the problem is apparently on the client side - throw of the question and the formation of html too. Replace with static html. In ajax the request is still only one word? So neither the database nor the php is irrelevant to the issue have not.
And now we consider 3 listing, and one js + one line of html.

Otgadka.
And the error does not concern programming languages. JS is also nothing to do with it. At all. Seriously. Just an error in the HTML
<input name=user required>
What is the name? "user required"? No? Why? Is this an example of your HTML?
<div class=doom data-plusw=my name>
No. All the same HTML parser, which for historical reasons has to try to chew almost anything and not angry at the same time. There is a name attribute value, and attribute data-plusw value is only my.
<div class="doom" data-plusw="my name">
And so there is a data attribute-plusw with the value my name
Because space plays a crucial role: it modifies the markup of the document. And because this is a critical security error, XSS is called.

'<div class="doom" data-plusw="' . htmlspecialchars($author['user']) . '">'
- Laisha13 commented on March 20th 20 at 12:08
@Hector.McDermott65, Just krasava you need a computer science teacher to go or detectives to write) with the intriguing end. Has taught me to find my own mistakes. Thank you very much! I also previously thought to remove the spaces and put this silly code htmlspecialchars to the output file and nothing happened I threw this option without even thinking where it had to start, now everything on the shelves. Have all work checked now I have not just nicknames and full-fledged citizens of the Russian Federation. Thanks again. - Abigayle_Murr commented on March 20th 20 at 12:11

Find more questions by tags PHPMySQLJavaScript