CODEWITHSUNDEEP
phpandroidmysql
user1570952
user1570952

Reputation: 13

How to pass MySQL database connection data in namevaluepairs from Android to PHP

I am trying to connect to MySQL using PHP, passing the database connection parameters from Android. I don't want to hardcode the connection parameters, and don't want to store them in a separate file. My code worked fine when I had the database parameters in the PHP, but doesn't work now that I try to pass them from Java to PHP with namevalue pairs as below.

Nothing has changed except for the PHP connection using passed variables instead of being hardcoded, so I suspect some formatting or REGEX issue, but can't find any solution. Any help greatly appreciated!

Problem(s) solved per assistance from VolkerK. See original PHP code and updated underneath.

ORIGINAL SQLQuery.php:

<?php
mysql_connect($_REQUEST['url'],$_REQUEST['username'],$_REQUEST['password']);
mysql_select_db($_REQUEST['database']);
$q=mysql_query($_REQUEST['SQL']);
while($e=mysql_fetch_assoc($q))
        $output[]=$e;
print(json_encode($output));
mysql_close();
?>

WORKING SQLQuery.php:

<?php
if (get_magic_quotes_gpc()) {
    $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
    while (list($key, $val) = each($process)) {
        foreach ($val as $k => $v) {
            unset($process[$key][$k]);
            if (is_array($v)) {
                $process[$key][stripslashes($k)] = $v;
                $process[] = &$process[$key][stripslashes($k)];
            } else {
                $process[$key][stripslashes($k)] = stripslashes($v);
            }
        }
    }
        unset($process);
}

define('DEBUGLOG', true); 
$output = array(); 

$mysql = mysql_connect($_REQUEST['url'],$_REQUEST['username'],$_REQUEST['password']); 
if ( !$mysql ) { 
    $output['status']='Error'; 
    $output['errormsg']='MySQL connect error'; 
    if ( defined('DEBUGLOG') && DEBUGLOG ) { 
        $output['errordetails'] = array( 
            'msg'=>mysql_error(), 
            'url'=>$_REQUEST['url'], 
            'username'=>$_REQUEST['username'], 
            'password'=>$_REQUEST['password'] 
        ); 
    } 
} 
else if ( !mysql_select_db($_REQUEST['database']) ) { 
    $output['status']='Error'; 
    $output['errormsg']='Database select error'; 
    if ( defined('DEBUGLOG') && DEBUGLOG ) { 
        $output['errordetails'] = array( 
            'msg'=>mysql_error(), 
            'url'=>$_REQUEST['url'], 
            'database'=>$_REQUEST['database'] 
        ); 
    } 
} 
else if ( false===($q=mysql_query($_REQUEST['SQL'])) ) { 
    $output['status']='Error'; 
    $output['errormsg']='Query error'; 
    if ( defined('DEBUGLOG') && DEBUGLOG ) { 
        $output['errordetails'] = array( 
            'msg'=>mysql_error(), 
            'url'=>$_REQUEST['url'], 
            'SQL'=>$_REQUEST['SQL'] 
        ); 
    } 
} 
else { 
    while( $e=mysql_fetch_assoc($q) ) { 
        $output[]=$e; 
    } 
} 

print(json_encode($output));

Extract from my Android Code (details changed to protect the innocent!):

String phpDBURL = "mysqlserver.blah.com:3306";
String phpURL = "http://www.blah.com/php/";
String dbname ="dbref_Evaluate";
String username = "dbref_admin";
String password = "password";
String SQL = "SELECT ID, ShortDesc FROM User WHERE Account = '[email protected]'";
//the query to send
ArrayList<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("url",phpDBURL));
nameValuePairs.add(new BasicNameValuePair("username",username));
nameValuePairs.add(new BasicNameValuePair("password",password));
nameValuePairs.add(new BasicNameValuePair("database",dbname));
nameValuePairs.add(new BasicNameValuePair("SQL",SQL));
Log.v("Common.SQLQuery", "Passing parameters: " + nameValuePairs.toString());
//http post
try{
        HttpClient httpclient = new DefaultHttpClient();
        HttpPost httppost = new HttpPost(phpURL + "SQLQuery.php");
        httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
        HttpResponse response = httpclient.execute(httppost); 
        HttpEntity entity = response.getEntity();
        InputStream is = entity.getContent();
//convert response to string

etc.

Upvotes: 0

Views: 1371

Answers (2)

user1567667
user1567667

Reputation:

use POST instead of REQUEST in the php file

Upvotes: 1

VolkerK
VolkerK

Reputation: 96189

You need more error handling. Any of the mysql_* function can fail and your code has to react on that.

Crude example:

<?php
define('DEBUGLOG', true);
$output = array();

$mysql = mysql_connect($_REQUEST['url'],$_REQUEST['username'],$_REQUEST['password']);
if ( !$mysql ) {
    $output['status']='error';
    $output['errormsg']='database error';
    if ( defined('DEBUGLOG') && DEBUGLOG ) {
        $output['errordetails'] = array(
            'msg'=>mysql_error(),
            'url'=>$_REQUEST['url'],
            'username'=>$_REQUEST['username'],
            'password'=>$_REQUEST['password']
        );
    }
}
else if ( !mysql_select_db($_REQUEST['database']) ) {
    $output['status']='error';
    $output['errormsg']='database error';
    if ( defined('DEBUGLOG') && DEBUGLOG ) {
        $output['errordetails'] = array(
            'msg'=>mysql_error(),
            'url'=>$_REQUEST['url'],
            'database'=>$_REQUEST['database']
        );
    }
}
else if ( false===($q=mysql_query($_REQUEST['SQL'])) ) {
    $output['status']='error';
    $output['errormsg']='database error';
    if ( defined('DEBUGLOG') && DEBUGLOG ) {
        $output['errordetails'] = array(
            'msg'=>mysql_error(),
            'url'=>$_REQUEST['url'],
            'SQL'=>$_REQUEST['SQL']
        );
    }
}
else {
    while( $e=mysql_fetch_assoc($q) ) {
        $output[]=$e;
    }
}

print(json_encode($output));

Upvotes: 0

Related Questions