Java Php连接错误从数据库中检索信息

时间:2015-03-17 17:14:12

标签: java php mysql

我是使用PHP和Java的新手。我正在制作一个Android应用程序,我得到一个SQL语法错误... 错误:

返回Java:

  

检查与MySQL服务器对应的手册        正确的语法版本,可以在@ mail.com附近使用'在第1行。任何想法我必须解决这个问题。

我认为这是一个php脚本的问题。我怎样才能解决这个问题。非常感谢任何帮助

        // Login by email and password if access success setId()
        // Saved Email as static string "staticEmail" and used to get CustomerID from customer table
        // Get & set CustomerID to "string qr_id" if  email=".$email
        /* error:
     You have an error in your SQL syntax; check the manual that corresponds to your MySQL server
     version for the right syntax to use near '@mail.com' at line 1
        */



  <?php
    //connect to MySQL database
    mysql_connect("localhost","name","pass") or  die(mysql_error());
    mysql_select_db("tls_db");

      $output = array();    

      if (isset($_GET['email'])){       
        $email = $_GET['email'];
        $sql = mysql_query("select CustomerID from customer where email=".$email) or die(mysql_error());

      while($row=mysql_fetch_assoc($sql)){
            $output[] = $row;               
           }
        mysql_close();
        print(json_encode($output));    
       }
    ?>

爪哇:

        private void setId() {
        InputStream is = null;
        ArrayList<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
        try {
            HttpClient httpclient = new DefaultHttpClient();
            HttpPost httppost = new HttpPost(
                    "http://"+URL+"/tls_db/log.php?email=" + staticEmail); //Post email 123@mail.com
            httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
            HttpResponse response = httpclient.execute(httppost);
            HttpEntity entity = response.getEntity();
            is = entity.getContent();
        } catch (Exception e) {
            Log.e("log_tag", "Error in http connection" + e.toString());
        }

        // Convert response to string
        try {
            BufferedReader reader = new BufferedReader(new InputStreamReader(
                    is, "iso-8859-1"), 8);
            sb = new StringBuilder();
            sb.append(reader.readLine() + "\n");

            String line = "";
            while ((line = reader.readLine()) != null) {
                sb.append(line + "\n");
            }
            result = sb.toString();
            is.close();
        } catch (Exception e) {
            Log.e("log_tag", "Error converting result " + e.toString());
        }

        try {
            JSONArray jArray = new JSONArray(result);
            for (int i = 0; i < jArray.length(); i++) {
                JSONObject json_data = jArray.getJSONObject(i);
                // Get CustomerId and set to (static string qr_id)
                qr_id = json_data.getString("CustomerID");
            }
        } catch (JSONException e1) {
            //iv.setVisibility(View.GONE);
            Toast.makeText(getBaseContext(), "Server Data Error",
                    Toast.LENGTH_LONG).show();
        } catch (ParseException e1) {
            e1.printStackTrace();
        }
        // Open class QRcode
        Intent iSuccess = new Intent(Login.this, QRcode.class);
        startActivity(iSuccess);
    }

1 个答案:

答案 0 :(得分:3)

您需要在SQL查询中引用您的$ email:

 $sql = mysql_query("select CustomerID from customer where email='".$email."'") or die(mysql_error());

顺便说一句,您的代码很容易受到SQL注入攻击。请务必阅读如何防止这种攻击向量。

相关问题
最新问题