1. 首頁
  2. 問答
  3. php代碼離線工作但不在線

php代碼離線工作但不在線

2013-10-10 36 views
0

我在調用一個使用sql查詢MySQL數據庫的php腳本時遇到了一個問題。該代碼離線工作,但當我上傳到服務器時,代碼循環5次並返回一個奇怪的json字符串。我檢查了phpMyAdmin中的sql,它返回正確的值。php代碼離線工作但不在線

我用下面的JavaScript調用腳本:

  var jsonData1 = $.ajax({ 
       url: "php/ResidualArisingsdata.php?PrimaryKey=<?php echo $primarykey ?>", 
       dataType: "json", 
       async: false 
      }).responseText;

和PHP腳本是(與登錄信息刪除)

<?php 
    $_SESSION['url'] = $_SERVER['REQUEST_URI']; 
    $primarykey = $_GET['PrimaryKey'];  

// These variables define the connection information for your MySQL database 
    $username = "xxx"; 
    $password = "xxx"; 
    $host = "localhost"; 
    $dbname = "xxx"; 

    $mysqli = new mysqli($host, $username, $password, $dbname); 

    if (mysqli_connect_errno()) { 
     printf("Connect failed: %s\n", mysqli_connect_error()); 
    exit(); 
    } 

    $SQLString = "SELECT PrimaryKey, 
     Name, 
     `HouseholdRecyclingRate2005/06`, 
     `HouseholdRecyclingRate2006/07`, 
     `HouseholdRecyclingRate2007/08`, 
     `HouseholdRecyclingRate2008/09`, 
     `HouseholdRecyclingRate2009/10`, 
     `HouseholdRecyclingRate2010/11`, 
     `HouseholdRecyclingRate2011/12` 
     FROM `districts_recyclingrates` 
     WHERE `districts_recyclingrates`.PrimaryKey =" . $primarykey;  

    $result = $mysqli->query($SQLString); 

    $rows = array(); 
    $table = array(); 
    $table['cols'] = array(
     array('label' => 'Year', 'type' => 'string'), 
     array('label' => 'Name', 'type' => 'number'), 
     array('label' => 'UK Average', 'type' => 'number') 
    ); 

    foreach($result as $r) { 
    $temp = array(); 


    $temp[] = array('v' => "05/06"); 
    $temp[] = array('v' =>(int) $r['`HouseholdRecyclingRate2005/06`']); 
    $temp[] = array('v' => "25.2"); 
    $rows[] = array('c' => $temp); 
    unset($temp); 
    $temp[] = array('v' => "06/07"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2006/07']); 
    $temp[] = array('v' => "29.7"); 
    $rows[] = array('c' => $temp); 
    unset($temp); 
    $temp[] = array('v' => "07/08"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2007/08']); 
    $temp[] = array('v' => "33.6"); 
    $rows[] = array('c' => $temp); 
    unset($temp); 
    $temp[] = array('v' => "08/09"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2008/09']); 
    $temp[] = array('v' => "36.4"); 
    $rows[] = array('c' => $temp); 
    unset($temp); 
    $temp[] = array('v' => "09/10"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2009/10']); 
    $temp[] = array('v' => "38.2"); 
    $rows[] = array('c' => $temp); 
    unset($temp); 
    $temp[] = array('v' => "10/11"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2010/11']); 
    $temp[] = array('v' => "40.3"); 
    $rows[] = array('c' => $temp); 
    unset($temp); 
    $temp[] = array('v' => "11/12"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2011/12']); 
    $temp[] = array('v' => "42.1"); 
    $rows[] = array('c' => $temp); 
    } 

    $table['rows'] = $rows; 
    // convert data into JSON format 
    $jsonTable = json_encode($table); 
    echo $jsonTable; 

    mysqli_close($mysqli); 
?>

返回的JSON(帶的console.log識別)如下所示,數據庫值爲0,並且foreach已經循環了5次。

{"cols":[{"label":"Year","type":"string"},{"label":"Name","type":"number"},{"label":"UK Average","type":"number"}],"rows":[{"c":[{"v":"05\/06"},{"v":0},{"v":"25.2"}]},{"c":[{"v":"06\/07"},{"v":0},{"v":"29.7"}]},{"c":[{"v":"07\/08"},{"v":0},{"v":"33.6"}]},{"c":[{"v":"08\/09"},{"v":0},{"v":"36.4"}]},{"c":[{"v":"09\/10"},{"v":0},{"v":"38.2"}]},{"c":[{"v":"10\/11"},{"v":0},{"v":"40.3"}]},{"c":[{"v":"11\/12"},{"v":0},{"v":"42.1"}]},{"c":[{"v":"05\/06"},{"v":0},{"v":"25.2"}]},{"c":[{"v":"06\/07"},{"v":0},{"v":"29.7"}]},{"c":[{"v":"07\/08"},{"v":0},{"v":"33.6"}]},{"c":[{"v":"08\/09"},{"v":0},{"v":"36.4"}]},{"c":[{"v":"09\/10"},{"v":0},{"v":"38.2"}]},{"c":[{"v":"10\/11"},{"v":0},{"v":"40.3"}]},{"c":[{"v":"11\/12"},{"v":0},{"v":"42.1"}]},{"c":[{"v":"05\/06"},{"v":0},{"v":"25.2"}]},{"c":[{"v":"06\/07"},{"v":0},{"v":"29.7"}]},{"c":[{"v":"07\/08"},{"v":0},{"v":"33.6"}]},{"c":[{"v":"08\/09"},{"v":0},{"v":"36.4"}]},{"c":[{"v":"09\/10"},{"v":0},{"v":"38.2"}]},{"c":[{"v":"10\/11"},{"v":0},{"v":"40.3"}]},{"c":[{"v":"11\/12"},{"v":0},{"v":"42.1"}]},{"c":[{"v":"05\/06"},{"v":0},{"v":"25.2"}]},{"c":[{"v":"06\/07"},{"v":0},{"v":"29.7"}]},{"c":[{"v":"07\/08"},{"v":0},{"v":"33.6"}]},{"c":[{"v":"08\/09"},{"v":0},{"v":"36.4"}]},{"c":[{"v":"09\/10"},{"v":0},{"v":"38.2"}]},{"c":[{"v":"10\/11"},{"v":0},{"v":"40.3"}]},{"c":[{"v":"11\/12"},{"v":0},{"v":"42.1"}]},{"c":[{"v":"05\/06"},{"v":0},{"v":"25.2"}]},{"c":[{"v":"06\/07"},{"v":0},{"v":"29.7"}]},{"c":[{"v":"07\/08"},{"v":0},{"v":"33.6"}]},{"c":[{"v":"08\/09"},{"v":0},{"v":"36.4"}]},{"c":[{"v":"09\/10"},{"v":0},{"v":"38.2"}]},{"c":[{"v":"10\/11"},{"v":0},{"v":"40.3"}]},{"c":[{"v":"11\/12"},{"v":0},{"v":"42.1"}]}]}

希望得到一些幫助。提前致謝。

來源

2013-10-10 user2459402

+0

'$ temp = array();'應該在你的'foreach()循環。 –

+1

@Ben - 不是當它也在循環內部取消設置(但不是重新創建!)。這個問題有很多錯誤,代碼和數據庫我不知道從哪裏開始! – symcbean

+0

@ user24 ....:您可能想先在http://codereview.stackexchange.com/上發佈您的代碼並閱讀http://www.catb.org/esr/faqs/smart-questions.html – symcbean

回答

3

你可以在php中用json_last_error函數調試JSON錯誤。

一個例子是:

<?php 
// An invalid UTF8 sequence 
$text = "\xB1\x31"; 

$json = json_encode($text); 
$error = json_last_error(); 

var_dump($json, $error === JSON_ERROR_UTF8); 
?>

反正你有一個信息安全漏洞,在你的代碼稱爲XSS(跨站腳本)的第一個。

它位於找你JavaScript代碼,這條線:

URL: 「的PHP/ResidualArisingsdata.php的PrimaryKey =」,

要打印從未經驗證的輸入用戶在讀到它:

http://en.wikipedia.org/wiki/Cross-site_scripting

而第二個缺陷是SQL注入,您在將用戶的未經驗證的輸入包含到你的SQL查詢中,這是非常危險的事情,在這裏閱讀: http://en.wikipedia.org/wiki/SQL_injection

來源

2013-10-10 14:28:04

+0

感謝您的建議。你能告訴我爲什麼代碼循環五次嗎?在排序時我會整理出安全錯誤。 – user2459402

相關問題

 相關問題