php输出json
我正试图让我从php/mysql中使用jquery请求json输出变得容易。现在我正在使用下面的。有人能推荐一个更好的方法吗 /php?username=bobphp输出json,php,mysql,json,Php,Mysql,Json,我正试图让我从php/mysql中使用jquery请求json输出变得容易。现在我正在使用下面的。有人能推荐一个更好的方法吗 /php?username=bob <?php $str = $_SERVER['QUERY_STRING']; if($str != ''){ if(preg_match("/username/",$str)){ parse_str($str); $json = json_encode
<?php
$str = $_SERVER['QUERY_STRING'];
if($str != ''){
if(preg_match("/username/",$str)){
parse_str($str);
$json = json_encode(checkUserName($username));
echo $json;
}
}
function checkUserName($v){
$db = new DB();
$db->connectDB();
$findUsername = mysql_query("SELECT COUNT(*) FROM user WHERE username = '$v'");
$countUser = mysql_fetch_row($findUsername);
if($countUser[0] < 1){
return array('username' => 'false');
}else{
return array('username' => 'true');
}
$db->disconnectDB();
}
?>
通过使用$\u GET
superglobal,可以更轻松地编写:
if (isset($_GET['username'])) {
echo json_encode(checkUserName($_GET['username']));
}
内部检查用户名()
:
您应该正确地转义$v
:
$sql = sprintf("SELECT COUNT(*) FROM user WHERE username = '%s'", mysql_real_escape_string($v));
$findUsername = mysql_query($sql);
更好的是,学习PDO/mysqli并使用准备好的语句
$db->disconnectDB();
除非您使用的是持久连接,否则您不需要这些语句。如果您这样做了,您应该首先将返回值保留在变量中,并且只在断开连接后返回。我不知道您的DB类是什么,但这看起来更漂亮
<?php
function checkUserName($v){
$db = new DB();
$db->connectDB();
$findUsername = mysql_query("SELECT COUNT(*) FROM user WHERE username = '$v'");
$countUser = mysql_fetch_row($findUsername);
$db->disconnectDB(); // no code after "return" will do effect
return ($countUser[0] != 0); // returning a BOOL true is better than a string "true"
}
// use addslashes to prevent sql injection, and use isset to handle $_GET variables.
$username = isset($_GET['username']) ? addslashes($_GET['username']) : '';
// the above line is equal to:
// if(isset($_GET['username'])){
// $username = addslashes($_GET['username']);
// }else{
// $username = '';
// }
echo json_encode(checkUserName($username));
?>
如果需要修复,只需将checkUsername函数替换为以下函数:
function checkUserName($v){
$db = new DB();
$db->connectDB();
$findUsername = mysql_query("SELECT username FROM user WHERE username = '$v' LIMIT 1");
if(mysql_num_rows($findUsername))
return array('username' => mysql_result($findUsername,0));
else
return array('username' => 'false');
}
或者更简单的方法:
if(isset($_GET['username'])){
$db = new DB();
$db->connectDB();
$query = mysql_query(sprintf("SELECT username FROM user
WHERE username='%s'",
mysql_real_escape_string($_GET['username'])
);
if(mysql_num_rows($query))
$json = array('username'=>mysql_result($query,0));
else
$json = array('username'=>false);
header('content-type:application/json');
echo json_encode($json);
}
顺便说一下,如果您想在
jquery
中处理json数据,您可以这样做
$.ajax({
type:"POST",
data:'username=bob',
url: "do.php",
success: function(jsonData){
var jsonArray = eval('(' + jsonData + ')');
if(jsonArray.username == 'true'){
// some action here
}else if((jsonArray.username == 'false')){
// someother action hera
}
}
},"json");
$db->disconnectDB()代码>不可访问。DB
类在哪里?请修复SQL注入漏洞-请参阅(最好使用mysqli_*或pdo,而不是过时的mysql_*函数)。我使用$.getJSON()关闭jquery
$db->disconnectDB();
<?php
function checkUserName($v){
$db = new DB();
$db->connectDB();
$findUsername = mysql_query("SELECT COUNT(*) FROM user WHERE username = '$v'");
$countUser = mysql_fetch_row($findUsername);
$db->disconnectDB(); // no code after "return" will do effect
return ($countUser[0] != 0); // returning a BOOL true is better than a string "true"
}
// use addslashes to prevent sql injection, and use isset to handle $_GET variables.
$username = isset($_GET['username']) ? addslashes($_GET['username']) : '';
// the above line is equal to:
// if(isset($_GET['username'])){
// $username = addslashes($_GET['username']);
// }else{
// $username = '';
// }
echo json_encode(checkUserName($username));
?>
function checkUserName($v){
$db = new DB();
$db->connectDB();
$findUsername = mysql_query("SELECT username FROM user WHERE username = '$v' LIMIT 1");
if(mysql_num_rows($findUsername))
return array('username' => mysql_result($findUsername,0));
else
return array('username' => 'false');
}
if(isset($_GET['username'])){
$db = new DB();
$db->connectDB();
$query = mysql_query(sprintf("SELECT username FROM user
WHERE username='%s'",
mysql_real_escape_string($_GET['username'])
);
if(mysql_num_rows($query))
$json = array('username'=>mysql_result($query,0));
else
$json = array('username'=>false);
header('content-type:application/json');
echo json_encode($json);
}
$.ajax({
type:"POST",
data:'username=bob',
url: "do.php",
success: function(jsonData){
var jsonArray = eval('(' + jsonData + ')');
if(jsonArray.username == 'true'){
// some action here
}else if((jsonArray.username == 'false')){
// someother action hera
}
}
},"json");