Look at the response returned from your AJAX request. It is not simply the string "yes" or "no"; it includes the
<html>
,
<head>
, and
<body>
tags that you've declared on that page.
The string "
<html><head></head><body>yes</body></html>
" is clearly not equal to the string "
yes
"!
Remove those tags from your
checkname
page. You'll also want to remove any white-space from outside of the
<?php ... ?>
markup.
You'll also want to fix the
SQL Injection[
^] vulnerability in your code.
The page should look something like this:
<?php
error_reporting(0);
include('connection2.php');
if(isset($_POST['firstname']))
{
$name = $_POST['firstname'];
$checkdata = "SELECT firstname FROM customer WHERE firstname = ?";
$stmt = mysqli_prepare($con, $checkdata);
mysqli_stmt_bind_param($stmt, 's', $name);
mysqli_stmt_execute($stmt);
$rowCount = mysqli_stmt_affected_rows($stmt);
mysqli_stmt_close($stmt);
if ($rowCount > 0) {
echo "yes";
}
else {
echo "no";
}
}
mysqli_close($con);
?>
Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]
PHP: SQL Injection - Manual[^]
PHP: Prepared statements and stored procedures - Manual[^]