php Code离线工作但不在线

时间:2013-10-10 14:11:08

标签: javascript php mysql json google-visualization

我在调用使用sql查询MySQL数据库的php脚本时遇到问题。代码正在脱机工作,但是当我上传到服务器时,代码循环5次并返回一个奇怪的json字符串。我已经在phpMyAdmin中检查了sql并返回了正确的值。

我正在使用以下javascript调用脚本:

            var jsonData1 = $.ajax({
                url: "php/ResidualArisingsdata.php?PrimaryKey=<?php echo $primarykey ?>",
                dataType: "json",
                async: false
            }).responseText;

和php脚本(删除了登录详细信息)

<?php 
    $_SESSION['url'] = $_SERVER['REQUEST_URI'];
    $primarykey = $_GET['PrimaryKey'];    

// These variables define the connection information for your MySQL database 
    $username = "xxx"; 
    $password = "xxx"; 
    $host = "localhost"; 
    $dbname = "xxx"; 

    $mysqli = new mysqli($host, $username, $password, $dbname);

    if (mysqli_connect_errno()) {
        printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
    }

    $SQLString = "SELECT PrimaryKey,
        Name,
        `HouseholdRecyclingRate2005/06`,
        `HouseholdRecyclingRate2006/07`,
        `HouseholdRecyclingRate2007/08`,
        `HouseholdRecyclingRate2008/09`,
        `HouseholdRecyclingRate2009/10`,
        `HouseholdRecyclingRate2010/11`,
        `HouseholdRecyclingRate2011/12`
        FROM `districts_recyclingrates`
        WHERE `districts_recyclingrates`.PrimaryKey =" . $primarykey;       

    $result = $mysqli->query($SQLString); 

    $rows = array();
    $table = array();
    $table['cols'] = array(
        array('label' => 'Year', 'type' => 'string'),
        array('label' => 'Name', 'type' => 'number'),
        array('label' => 'UK Average', 'type' => 'number')
    );

    foreach($result as $r) {
    $temp = array();


    $temp[] = array('v' => "05/06"); 
    $temp[] = array('v' =>(int) $r['`HouseholdRecyclingRate2005/06`']);
    $temp[] = array('v' => "25.2"); 
    $rows[] = array('c' => $temp);
    unset($temp);
    $temp[] = array('v' => "06/07"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2006/07']);
    $temp[] = array('v' => "29.7");
    $rows[] = array('c' => $temp);
    unset($temp);
    $temp[] = array('v' => "07/08"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2007/08']);
    $temp[] = array('v' => "33.6");
    $rows[] = array('c' => $temp);
    unset($temp);
    $temp[] = array('v' => "08/09"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2008/09']);
    $temp[] = array('v' => "36.4");
    $rows[] = array('c' => $temp);
    unset($temp);
    $temp[] = array('v' => "09/10"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2009/10']);
    $temp[] = array('v' => "38.2");
    $rows[] = array('c' => $temp);
    unset($temp);
    $temp[] = array('v' => "10/11"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2010/11']);
    $temp[] = array('v' => "40.3");
    $rows[] = array('c' => $temp);
    unset($temp);
    $temp[] = array('v' => "11/12"); 
    $temp[] = array('v' =>(int) $r['HouseholdRecyclingRate2011/12']);
    $temp[] = array('v' => "42.1");
    $rows[] = array('c' => $temp);
    }

    $table['rows'] = $rows;
    // convert data into JSON format
    $jsonTable = json_encode($table);
    echo $jsonTable;

    mysqli_close($mysqli);
?>

返回的json(用console.log标识)如下所示,其中数据库值为0且foreach已循环5次。

{"cols":[{"label":"Year","type":"string"},{"label":"Name","type":"number"},{"label":"UK Average","type":"number"}],"rows":[{"c":[{"v":"05\/06"},{"v":0},{"v":"25.2"}]},{"c":[{"v":"06\/07"},{"v":0},{"v":"29.7"}]},{"c":[{"v":"07\/08"},{"v":0},{"v":"33.6"}]},{"c":[{"v":"08\/09"},{"v":0},{"v":"36.4"}]},{"c":[{"v":"09\/10"},{"v":0},{"v":"38.2"}]},{"c":[{"v":"10\/11"},{"v":0},{"v":"40.3"}]},{"c":[{"v":"11\/12"},{"v":0},{"v":"42.1"}]},{"c":[{"v":"05\/06"},{"v":0},{"v":"25.2"}]},{"c":[{"v":"06\/07"},{"v":0},{"v":"29.7"}]},{"c":[{"v":"07\/08"},{"v":0},{"v":"33.6"}]},{"c":[{"v":"08\/09"},{"v":0},{"v":"36.4"}]},{"c":[{"v":"09\/10"},{"v":0},{"v":"38.2"}]},{"c":[{"v":"10\/11"},{"v":0},{"v":"40.3"}]},{"c":[{"v":"11\/12"},{"v":0},{"v":"42.1"}]},{"c":[{"v":"05\/06"},{"v":0},{"v":"25.2"}]},{"c":[{"v":"06\/07"},{"v":0},{"v":"29.7"}]},{"c":[{"v":"07\/08"},{"v":0},{"v":"33.6"}]},{"c":[{"v":"08\/09"},{"v":0},{"v":"36.4"}]},{"c":[{"v":"09\/10"},{"v":0},{"v":"38.2"}]},{"c":[{"v":"10\/11"},{"v":0},{"v":"40.3"}]},{"c":[{"v":"11\/12"},{"v":0},{"v":"42.1"}]},{"c":[{"v":"05\/06"},{"v":0},{"v":"25.2"}]},{"c":[{"v":"06\/07"},{"v":0},{"v":"29.7"}]},{"c":[{"v":"07\/08"},{"v":0},{"v":"33.6"}]},{"c":[{"v":"08\/09"},{"v":0},{"v":"36.4"}]},{"c":[{"v":"09\/10"},{"v":0},{"v":"38.2"}]},{"c":[{"v":"10\/11"},{"v":0},{"v":"40.3"}]},{"c":[{"v":"11\/12"},{"v":0},{"v":"42.1"}]},{"c":[{"v":"05\/06"},{"v":0},{"v":"25.2"}]},{"c":[{"v":"06\/07"},{"v":0},{"v":"29.7"}]},{"c":[{"v":"07\/08"},{"v":0},{"v":"33.6"}]},{"c":[{"v":"08\/09"},{"v":0},{"v":"36.4"}]},{"c":[{"v":"09\/10"},{"v":0},{"v":"38.2"}]},{"c":[{"v":"10\/11"},{"v":0},{"v":"40.3"}]},{"c":[{"v":"11\/12"},{"v":0},{"v":"42.1"}]}]} 

会感激一些帮助。提前谢谢。

1 个答案:

答案 0 :(得分:3)

您可以使用json_last_error函数调试php中的JSON错误。

一个例子是:

<?php
// An invalid UTF8 sequence
$text = "\xB1\x31";

$json  = json_encode($text);
$error = json_last_error();

var_dump($json, $error === JSON_ERROR_UTF8);
?>

无论如何,您的代码中存在信息安全漏洞,第一个称为XSS(跨站点脚本)。

位于你的javascript代码中,这一行:

  

url:“php / ResidualArisingsdata.php?PrimaryKey =”,

您正在打印来自用户的未经验证的输入,请在以下位置阅读:

http://en.wikipedia.org/wiki/Cross-site_scripting

第二个缺陷是SQL注入,你在用户的SQL查询中包含一个未经验证的输入,这是非常危险的事情,请在这里阅读: http://en.wikipedia.org/wiki/SQL_injection