我有一个应用程序,从phpmyadmin通过php脚本读取Json数据并显示在列表活动中。点击商店名称后,+1会被添加到该商店的投票计数中,并且应该被发送回php服务器以将新的投票计数存储在phpmyadmin中。选择后,我检查数据库投票计数值,它不会更新。尽管我在logcat中获得了HTTP/1.1 200,但我认为这些数据并没有被正确地传递或接受。有人可以帮忙,我卡住了,没有方向。数据没有正确传递到php服务器
的Android代码:
public void writeJSON() {
String convertedID;
String convertedVote;
//convert int to string value to passed
convertedID = new Integer(selectedID).toString();
convertedVote = new Integer(selectedVote).toString();
HttpClient httpclient = new DefaultHttpClient();
HttpPost httppost = new HttpPost("http://10.0.2.2/kcstores.php");
try {
//writes the output to be stored in creolefashions.com/test2.php
ArrayList <NameValuePair> nvps = new ArrayList <NameValuePair>(2);
nvps.add(new BasicNameValuePair("storeUpdate", "update"));
nvps.add(new BasicNameValuePair("storeID", convertedID));
nvps.add(new BasicNameValuePair("storeVote", convertedVote));
httppost.setEntity(new UrlEncodedFormEntity(nvps));
HttpResponse response = httpclient.execute(httppost);
HttpEntity entity = response.getEntity();
Log.i("writeJSON", response.getStatusLine().toString());
} catch(Exception e) {
Log.e("log_tag", "Error in http connection"+e.toString());
}
}
PHP代码:
<?php
$link = mysql_connect("localhost", "root", "") or die (mysql_error());
mysql_select_db("king_cake_stores")or die (mysql_error());
$query = "SELECT * FROM storeInfo";
$result = mysql_query($query);
$getUpdate = "noupdate";
if (isset($_POST['storeUpdate'])) {
echo "receiving data from app";
$getUpdate = $_POST['storeUpdate'];
$getStoreID = $_POST['storeID'];
$getStoreVote = $_POST['storeVote'];
}
// If command == getStoreID, it updates the table storeVote value
// with the android storeVote value based upon correct storeID
if ($getUpdate == "update") {
mysql_select_db("UPDATE storeInfo SET storeVote = $getStoreVote
WHERE storeID == $getStoreID");
} else {
// stores the data in an array to be sent to android application
while ($line = mysql_fetch_assoc($result)) $output[]=$line;
print(json_encode($output));
}
mysql_close($link);
?>
您在更新查询中代替'='而不是'=',也是sql注入 –
我有它,因为当storeId == getStoreId时,它表示它是相同的记录,因此继续进行更新。 – Skip
[返回学校](http://www.w3schools.com/sql/sql_where.asp)'='等于 –