使用MySQL和PHP注册活动
我正在尝试为我的应用创建注册活动。我正在使用以下代码:使用MySQL和PHP注册活动,php,android,mysql,database,Php,Android,Mysql,Database,我正在尝试为我的应用创建注册活动。我正在使用以下代码: @Override protected String doInBackground(String... params) { String nome = params[0]; String email = params[1]; String pwd = params[2]; String data=""; int tmp; try {
@Override
protected String doInBackground(String... params) {
String nome = params[0];
String email = params[1];
String pwd = params[2];
String data="";
int tmp;
try {
URL url = new URL("http://6senseofficial.it/api/login/register.php?");
String urlParams = "nome=" + nome + "&email=" + email + "&pwd=" + pwd;
HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
httpURLConnection.setDoOutput(true);
OutputStream os = httpURLConnection.getOutputStream();
os.write(urlParams.getBytes());
os.flush();
os.close();
InputStream is = httpURLConnection.getInputStream();
while ((tmp = is.read()) != -1) {
data += (char) tmp;
}
is.close();
httpURLConnection.disconnect();
return data;
} catch (MalformedURLException e) {
e.printStackTrace();
return "Exception 1: "+e.getMessage();
} catch (IOException e) {
e.printStackTrace();
return "Exception 2: "+e.getMessage();
}
}
<?php include('../../mysql.php'); ?>
<?php
error_reporting(0);
$nome = $_GET['nome'];
$email = $_GET['email'];
$pwd = $_GET['pwd'];
$data = date('Y-m-d H:i:s');
$sql = "INSERT INTO utenti (nome, email, pwd, datacreazione) VALUES ('$nome','$email','$pwd','$data')";
if(!mysqli_query($link, $sql)){
echo '{"message":"Unable to save the data to the database."}';
}
?>
若您正在发送GET请求,那个么应该将查询字符串附加到URL,而不是正文
适当的代码应为:
String urlParams = "nome=" + nome + "&email=" + email + "&pwd=" + pwd;
URL url = new URL("http://6senseofficial.it/api/login/register.php?" + urlParams);
并删除带有OutputStream的行。不,我们没有,因为您没有向我们展示。检查调用<代码> DONBACKEATE()/<代码>的代码,您确实应该使用URL编码。没有,我发现错误。正如@ Xorifelse所说的,您应该考虑使用URLNECODE。此外,如果密码是GET请求的一部分,则还存在安全漏洞。获取缓存在代理中,记录在道路上的许多设备中等。