使用PHP文件和MySQLI,数据从Android应用程序传递到MySQL数据库。但是,似乎输入的某些字符如“”和“&”会导致错误的输入。我已经能够使用Java替换功能来修复“”,但我确信有许多特殊字符可用会导致类似的错误。例如:www.example.com?Input1 = Test&amp ;Input。
我想知道是否有一个修复方法可以阻止MySQLI以这种方式解释输入。
此外,如果它有助于这是我的PHP代码:
<?php
//Open a new connection to the MySQL server
$mysqli = new mysqli('localhost','createyo_james','password','createyo_TestDatabase');
//Output any connection error
if ($mysqli->connect_error) {
die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error);
}
//values to be inserted in database table
$NewsStory = $_GET["NewsStory"];
$Summary1 = $_GET["Summary1"];
$Summary2 = $_GET["Summary2"];
$Summary3 = $_GET["Summary3"];
$Picture1URL = $_GET["Picture1URL"];
$Picture2URL = $_GET["Picture2URL"];
$Picture3URL = $_GET["Picture3URL"];
$Picture4URL = $_GET["Picture4URL"];
$Picture5URL = $_GET["Picture5URL"];
$Tags = $_GET["Tags"];
$Body = $_GET["Body"];
$Sources = $_GET["Sources"];
var_dump($_GET["NewsStory"]);
$query = "INSERT INTO Articles (NewsStory, Summary1, Summary2, Summary3, Picture1URL, Picture2URL, Picture3URL, Picture4URL, Picture5URL, Tags, Body, Sources) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$statement = $mysqli->prepare($query);
var_dump($query);
//bind parameters for markers, where (s = string, i = integer, d = double, b = blob)
$statement->bind_param('ssssssssssss', $NewsStory, $Summary1, $Summary2, $Summary3, $Picture1URL, $Picture2URL, $Picture3URL, $Picture4URL, $Picture5URL, $Tags, $Body, $Sources);
if($statement->execute()){
print 'Success! ID of last inserted record is : ' .$statement->insert_id .'<br />';
}else{
die('Error : ('. $mysqli->errno .') '. $mysqli->error);
}
$statement->close();
?>
答案 0 :(得分:0)
你必须正确编码java中的字符串,例如&amp;是&#34;保留&#34;下一个参数的网址中的字符
对于使用java进行urlencoding,她是一个很好的答案 Java URL encoding of query string parameters