Fatal编程技术网
  • java/
  • Java PHP API中的语法错误

Java PHP API中的语法错误

java php android mysql json

Java PHP API中的语法错误,java,php,android,mysql,json,Java,Php,Android,Mysql,Json,我正在开发一个android应用程序,我需要一个PHP API,以便我的应用程序能够与SQL数据库通信 我在getJarrayFromString()上解析JSON时出错 然后我尝试记录实际错误,结果如下: 03-24 15:41:12.175: E/JustDealsUtils(480): Error parsing to json on getJarrayFromString(); org.json.JSONException: Value Database of type java.lan

我正在开发一个android应用程序,我需要一个PHP API,以便我的应用程序能够与SQL数据库通信

我在
getJarrayFromString()上解析JSON时出错

然后我尝试记录实际错误,结果如下:


03-24 15:41:12.175: E/JustDealsUtils(480): Error parsing to json on getJarrayFromString(); org.json.JSONException: Value Database of type java.lang.String cannot be converted to JSONArray
03-24 15:41:12.175: E/log_tag(480): Failed data was:
03-24 15:41:12.175: E/log_tag(480): Database query failed You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'bCode` LIKE '%%' AND `bTitle` LIKE '%%' AND `bModule` LIKE '%%'' at line 1



<?php
    include("MysqlConnection.php");
    header('Content-Type: application/json');
    $from = $_POST["from"];
    $nr = $_POST["nr"];
    // those variables are for search
    $title = $_POST["title"];
    $code = $_POST["code"];
    $price = $_POST["price"];
    $module = $_POST["module"];
    $order = $_POST["order"];
    $by = $_POST["by"];


    $sql = "SET CHARACTER SET utf8";
    $db->query($sql);

    if(isset($from) && isset($nr)){
        // we need to know how many rows are in total for this query
<PROBLEM IS HERE---> $sql = "SELECT * FROM `books` WHERE `bSpecialOffer`='false' AND `bCode` LIKE '%$code%' AND `bTitle` LIKE '%$title%' AND `bModule` LIKE '%$module%'";
        $query = $db->query($sql);

        $rows = array();
        $rows[] = array("numRows"=>$db->numRows($query));

        // if those 2 var are set then we order the query after them
        if(isset($order) && isset($by)){
            $sql .= " ORDER BY `$order` $by LIMIT $from, $nr";
        }else{
            $sql .= "LIMIT $from, $nr";
        }

        $query = $db->query($sql);

        if($db->numRows($query)!=0){
            while($row = mysql_fetch_assoc($query)) {
                $rows[] =  $row;
            }
            echo json_encode($rows);
        }
    }

    $db->closeConnection();
?>


现在,上面的日志很好地澄清了错误存在于我的
books.php
API中,如下所示:


03-24 15:41:12.175: E/JustDealsUtils(480): Error parsing to json on getJarrayFromString(); org.json.JSONException: Value Database of type java.lang.String cannot be converted to JSONArray
03-24 15:41:12.175: E/log_tag(480): Failed data was:
03-24 15:41:12.175: E/log_tag(480): Database query failed You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'bCode` LIKE '%%' AND `bTitle` LIKE '%%' AND `bModule` LIKE '%%'' at line 1



<?php
    include("MysqlConnection.php");
    header('Content-Type: application/json');
    $from = $_POST["from"];
    $nr = $_POST["nr"];
    // those variables are for search
    $title = $_POST["title"];
    $code = $_POST["code"];
    $price = $_POST["price"];
    $module = $_POST["module"];
    $order = $_POST["order"];
    $by = $_POST["by"];


    $sql = "SET CHARACTER SET utf8";
    $db->query($sql);

    if(isset($from) && isset($nr)){
        // we need to know how many rows are in total for this query
<PROBLEM IS HERE---> $sql = "SELECT * FROM `books` WHERE `bSpecialOffer`='false' AND `bCode` LIKE '%$code%' AND `bTitle` LIKE '%$title%' AND `bModule` LIKE '%$module%'";
        $query = $db->query($sql);

        $rows = array();
        $rows[] = array("numRows"=>$db->numRows($query));

        // if those 2 var are set then we order the query after them
        if(isset($order) && isset($by)){
            $sql .= " ORDER BY `$order` $by LIMIT $from, $nr";
        }else{
            $sql .= "LIMIT $from, $nr";
        }

        $query = $db->query($sql);

        if($db->numRows($query)!=0){
            while($row = mysql_fetch_assoc($query)) {
                $rows[] =  $row;
            }
            echo json_encode($rows);
        }
    }

    $db->closeConnection();
?>



非常感谢您的建议
 到目前为止,sql查询是正确的,但是您传递的值是空的

价值


    $code = $_POST["code"];
    $price = $_POST["price"];
    $module = $_POST["module"];


这些都是空的。尝试确保设置了该值

有时,双引号对此负责。然后试着用一句话来代替它们


    $code = $_POST['code'];
    $price = $_POST['price'];
    $module = $_POST['module'];



一定要了解准备好的语句,因为您的代码是SQL注入攻击的完美候选。另外,规范链接:。请考虑使用PDO或MySQL函数(并使用准备好的语句)。感谢您的回复。你想更具协作性吗?我的意思是价值如何结算?我只使用
$code
$price
$module
在我的应用程序中执行搜索功能,它们在我的应用程序中运行良好。@OliverSmith Jones 1。确保通过请求提供正确的参数。2.尝试将$_POST[“…]”替换为$_POST[“…”];传递空变量不会导致问题。@DreamEater在“LIMIT”之前没有空格,tho。只有当那些$u POST变量不为空时,才会出现这种情况。