我正在啓動一個Android應用程序。對於登錄我需要發送數據庫的數據,但是當我嘗試使用$ _POST數組後,它似乎是空的(我試圖打印響應,我認爲這是我的問題)。
這裏是我的應用程序裏面的javacode:
private String register (String username, String password, String number) {
String reg_url = "myDomain/register.php";
try {
URL url = new URL(reg_url);
HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
httpURLConnection.setRequestMethod("POST");
httpURLConnection.setDoOutput(true);
httpURLConnection.setRequestProperty("Accept-Charset", "UTF-8");
httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
OutputStream OS = httpURLConnection.getOutputStream();
BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(OS, "UTF-8"));
String data = URLEncoder.encode("username", "UTF-8") + " = " + URLEncoder.encode(username, "UTF-8") + "&" +
URLEncoder.encode("password", "UTF-8") + " = " + URLEncoder.encode(password, "UTF-8") + "&" +
URLEncoder.encode("number", "UTF-8") + " = " + URLEncoder.encode(number, "UTF-8");
bufferedWriter.write(data);
bufferedWriter.flush();
bufferedWriter.close();
OS.close();
InputStream IS = httpURLConnection.getInputStream();
BufferedReader bufferedReader= new BufferedReader(new InputStreamReader(IS,"iso-8859-1"));
String response = "";
String line;
while ((line = bufferedReader.readLine())!=null) response += line ;
Log.i("Response", response);
IS.close();
bufferedReader.close();
if (!response.toLowerCase().contains("fail"))
return Language.registered;
else
return Language.aProblemOccurred;
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
return Language.aProblemOccurred;
} catch (IOException e) {
e.printStackTrace();
return Language.aProblemOccurred;
}
}
這是註冊的簡單的PHP代碼:
<?php
require "init.php";
$username = $_POST["username"];
$password = $_POST["password"];
$number = $_POST["number"];
$mpt = "1";
$sql_query = "insert into Users values('$mpt' , '$number' , '$username' , '$password' , '$number', '$mpt' , '$mpt' , '$mpt' , '$mpt' , '$mpt' , '$mpt' , '$mpt');";
if (mysqli_query ($res , $sql_query))
{
echo "<h3> Data Insert Success...".$number.$password.$username.$_POST["password"]."<h3>";
}
else
{
echo "Data Insert fail: Error:".mysqli_error($res).$number.$password.$username;
}
?>
有人可以幫我????
你的腳本是[SQL注入攻擊]的風險(http://stackoverflow.com/問題/ 60174 /如何防止SQL注入在PHP) 看看發生了什麼[小Bobby表](http://bobby-tables.com/)甚至 [如果你是逃避投入,它不安全!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)你應該使用參數化查詢 – RiggsFolly
你最好顯示使用'init.php'的內容以及 – RiggsFolly
1)我如何使用參數化查詢? 2)無論如何,我該如何解決我的$ _POST的問題? –