在httpget上将mysql参数从java发送到php
这是android应用程序的一部分。。。当我指定mysql_查询时,php脚本可以正常工作,而不使用。$\u POST['varname']。要使用用户可定义的不同参数向应用程序添加搜索功能,我正在尝试使用调用httpget时从应用程序传递的值在PHP脚本中构建查询。。。php脚本的行如下所示:在httpget上将mysql参数从java发送到php,java,php,android,eclipse,Java,Php,Android,Eclipse,这是android应用程序的一部分。。。当我指定mysql_查询时,php脚本可以正常工作,而不使用。$\u POST['varname']。要使用用户可定义的不同参数向应用程序添加搜索功能,我正在尝试使用调用httpget时从应用程序传递的值在PHP脚本中构建查询。。。php脚本的行如下所示: $result = mysql_query("SELECT * FROM businessdata WHERE '" . $_POST['varQuery2']."' = '" .
$result = mysql_query("SELECT * FROM businessdata WHERE '"
. $_POST['varQuery2']."' = '"
. $_POST['varQuery1']"'")
or die(mysql_error());
然后方法如下所示:(为了完整性,在调用该方法时,这里为该方法指定了字符串值“GET”)
公共JSONObject makeHttpRequest(字符串url、字符串方法、,
列表参数、字符串值、字符串值2){
//发出HTTP请求
试一试{
//检查请求方法
如果(方法==“POST”){
//请求方法为POST
//defaultHttpClient
DefaultHttpClient httpClient=新的DefaultHttpClient();
添加参数(新的BasicNameValuePair(“varQuery2”,值));
添加参数(新的BasicNameValuePair(“varQuery1”,value2));
HttpPost HttpPost=新的HttpPost(url);
setEntity(新的UrlEncodedFormEntity(参数));
HttpResponse HttpResponse=httpClient.execute(httpPost);
HttpEntity HttpEntity=httpResponse.getEntity();
is=httpEntity.getContent();
}else if(方法==“GET”){
//请求方法是GET
DefaultHttpClient httpClient=新的DefaultHttpClient();
添加参数(新的BasicNameValuePair(“varQuery2”,值));
添加参数(新的BasicNameValuePair(“varQuery1”,value2));
String paramString=URLEncodedUtils.format(params,“UTF-8”);
url+=“?”+参数字符串;
HttpGet HttpGet=新的HttpGet(url);
HttpResponse HttpResponse=httpClient.execute(httpGet);
HttpEntity HttpEntity=httpResponse.getEntity();
is=httpEntity.getContent();
}
}捕获(不支持的编码异常e){
e、 printStackTrace();
}捕获(客户端协议例外e){
e、 printStackTrace();
}捕获(IOE异常){
e、 printStackTrace();
}
试一试{
BufferedReader reader=新的BufferedReader(新的InputStreamReader(
is,“iso-8859-1”),8);
StringBuilder sb=新的StringBuilder();
字符串行=null;
而((line=reader.readLine())!=null){
sb.追加(第+行“\n”);
}
is.close();
json=sb.toString();
}捕获(例外e){
Log.e(“缓冲区错误”,“错误转换结果”+e.toString());
}
//尝试将字符串解析为JSON对象
试一试{
jObj=新的JSONObject(json);
}捕获(JSONException e){
Log.e(“JSON解析器”,“错误解析数据”+e.toString());
}
//返回JSON字符串
返回jObj;
}
使用*\u real\u escape\u字符串处理sql注入。行字符串paramString=URLEncodedUtils.format(params,“UTF-8”);在你添加参数后再来?不知道,但听起来很合理。。。让我看看会发生什么…我将在尝试后用当前代码更新帖子…您的PHP代码和问题涉及HTTPPost,但您正在HTTPClient中执行HTTPGet。代码中似乎存在断开连接。已更改发布的代码以反映此情况。。。但它的失败在于“意外停止”。。。我曾尝试使用断点查看变量中的数据,但eclipse不注意我设置的任何断点,无论我将它们放在何处
public JSONObject makeHttpRequest(String url, String method,
List<NameValuePair> params, String value, String value2) {
// Making HTTP request
try {
// check for request method
if(method == "POST"){
// request method is POST
// defaultHttpClient
DefaultHttpClient httpClient = new DefaultHttpClient();
params.add(new BasicNameValuePair("varQuery2", value));
params.add(new BasicNameValuePair("varQuery1", value2));
HttpPost httpPost = new HttpPost(url);
httpPost.setEntity(new UrlEncodedFormEntity(params));
HttpResponse httpResponse = httpClient.execute(httpPost);
HttpEntity httpEntity = httpResponse.getEntity();
is = httpEntity.getContent();
}else if(method == "GET"){
// request method is GET
DefaultHttpClient httpClient = new DefaultHttpClient();
params.add(new BasicNameValuePair("varQuery2", value));
params.add(new BasicNameValuePair("varQuery1", value2));
String paramString = URLEncodedUtils.format(params, "UTF-8");
url += "?" + paramString;
HttpGet httpGet = new HttpGet(url);
HttpResponse httpResponse = httpClient.execute(httpGet);
HttpEntity httpEntity = httpResponse.getEntity();
is = httpEntity.getContent();
}
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
try {
BufferedReader reader = new BufferedReader(new InputStreamReader(
is, "iso-8859-1"), 8);
StringBuilder sb = new StringBuilder();
String line = null;
while ((line = reader.readLine()) != null) {
sb.append(line + "\n");
}
is.close();
json = sb.toString();
} catch (Exception e) {
Log.e("Buffer Error", "Error converting result " + e.toString());
}
// try parse the string to a JSON object
try {
jObj = new JSONObject(json);
} catch (JSONException e) {
Log.e("JSON Parser", "Error parsing data " + e.toString());
}
// return JSON String
return jObj;
}
$result = mysql_query("SELECT * FROM businessdata WHERE '"
. mysql_real_escape_string($_REQUEST['varQuery2'])."' = '"
. mysql_real_escape_string($_REQUEST['varQuery1'])."'")
or die(mysql_error());