在url中获取mysql json参数

时间:2017-09-19 00:14:02

标签: php mysql json database

我试图从mysql数据库中检索数据并通过json传递它,该url将具有某些参数来显示特定数据。链接工作它会带回数据,但它不会带回我需要的东西。

PHP代码“api.php?cat_id = 1”

if(isset($_GET['cat_id']))
{
    $post_order_by=API_CAT_POST_ORDER_BY;

    $cat_id=$_GET['cat_id'];    

    $jsonObj= array();  

    $query="SELECT * FROM tbl_wallpaper
    LEFT JOIN tbl_category ON tbl_wallpaper.cat_id= tbl_category.cid 
    where tbl_wallpaper.cat_id='".$cat_id."' ORDER BY tbl_wallpaper.id ".$post_order_by."";

    $sql = mysqli_query($mysqli,$query)or die(mysqli_error());

    while($data = mysqli_fetch_assoc($sql))
    {
        $row['id'] = $data['id'];
        $row['cat_id'] = $data['cat_id'];
        $row['scat_name'] = $data['scat_name'];
        $row['wallpaper_image'] = $file_path.'categories/'.$data['cat_id'].'/'.$data['image'];
        $row['wallpaper_image_thumb'] = $file_path.'categories/'.$data['cat_id'].'/thumbs/'.$data['image']; 
        $row['total_views'] = $data['total_views'];

        $row['cid'] = $data['cid'];
        $row['category_name'] = $data['category_name'];
        $row['category_image'] = $file_path.'images/'.$data['category_image'];
        $row['category_image_thumb'] = $file_path.'images/thumbs/'.$data['category_image'];


        array_push($jsonObj,$row);

    }

    $set['HD_WALLPAPER'] = $jsonObj;

    header( 'Content-Type: application/json; charset=utf-8' );
    echo $val= str_replace('\\/', '/', json_encode($set,JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT));
    die();


}

PHP代码“api.php?scat_name = 9& cat_id = 1”我希望这个过滤结果,只显示数据共享scat_name和cat_id

  if(isset($_GET['scat_name'], $_GET['cat_id']))
 {
    $post_order_by=API_CAT_POST_ORDER_BY;

    $scat_id=$_GET['scat_name'];
    $cat_id=$_GET['cat_id'];


    $jsonObj= array();  

    $query="SELECT * FROM tbl_wallpaper
    LEFT JOIN tbl_scategory ON tbl_wallpaper.scat_name = tbl_scategory.scid
    where tbl_wallpaper.scat_name='".$scat_id."' ORDER BY tbl_wallpaper.id ".$post_order_by."";



    $sql = mysqli_query($mysqli,$query)or die(mysqli_error());

    while($data = mysqli_fetch_assoc($sql))
    {
        $row['id'] = $data['id'];
        $row['cat_id'] = $data['cat_id'];
        $row['scat_name'] = $data['scat_name'];
        $row['wallpaper_image'] = $file_path.'categories/'.$data['cat_id'].'/'.$data['image'];
        $row['wallpaper_image_thumb'] = $file_path.'categories/'.$data['cat_id'].'/thumbs/'.$data['image']; 
        $row['total_views'] = $data['total_views'];

        $row['cid'] = $data['cid'];
        $row['category_name'] = $data['category_name'];
        $row['category_image'] = $file_path.'images/'.$data['category_image'];
        $row['category_image_thumb'] = $file_path.'images/thumbs/'.$data['category_image'];


        array_push($jsonObj,$row);

    }

    $set['HD_WALLPAPER'] = $jsonObj;

    header( 'Content-Type: application/json; charset=utf-8' );
    echo $val= str_replace('\\/', '/', json_encode($set,JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT));
    die();


}

当我调用url时我把它称为例如“api.php?scat_name = 9& cat_id = 1”它给我的结果仅基于cat_id,即使我把任何不存在于scat_name中的东西=它仍然有效,并根据cat_id返回结果。我在浏览器上得到的结果是这样的:请注意,scat_name 9和0表示不依赖于带来数据库但只有cat_id为1。

{
        "id": "241",
        "cat_id": "1",
        "scat_name": "9",
        "wallpaper_image": "ut.jpg",
        "wallpaper_image_thumb": "ut.jpg",
        "total_views": "0",
        "cid": "1",
        "category_name": "test",
        "category_image": "yg9.png",
        "category_image_thumb": "qyg9.png"
    },
{
        "id": "231",
        "cat_id": "1",
        "scat_name": "0",
        "wallpaper_image": "s.jpg",
        "wallpaper_image_thumb": "s.jpg",
        "total_views": "2",
        "cid": "1",
        "category_name": "test",
        "category_image": "9.png",
        "category_image_thumb": "9.png"
    },

2 个答案:

答案 0 :(得分:0)

第一个代码块应该使用此测试:

if (isset($_GET['cat_id']) && !isset($_GET['scat_name']))

否则它将在仅运行第二个块时运行。

在第二个查询中,您只是在scat_name上过滤,而不是在cat_id上过滤。

您还应该使用预准备语句来阻止SQL注入。

$query="SELECT w.id, w.cat_id, w.scat_name, w.image, w.total_views,
                s.cid, s.category_name, s.category_image
    FROM tbl_wallpaper AS w
    LEFT JOIN tbl_scategory AS s ON w.scat_name = s.scid
    where w.scat_name=? AND w.cat_id = ?
    ORDER BY w.id ".$post_order_by;
$stmt = mysqli_prepare($mysqli, $query);
mysqli_stmt_bind_param($stmt, "ii", $scat_id, $cat_id);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $id, $cat_id, $scat_name, $image, $total_views, $cid, $category_name, $category_image);
while (mysqli_stmt_fetch(stmt)) {
    $jsonObj[] = array(
        'id' => $id,
        'cat_id' => $cat_id,
        'scat_name' => $scat_name,
        'wallpaper_image' => $file_path.'categories/'.$cat_id.'/'.$image,
        'wallpaper_image_thumb' => $file_path.'categories/'.$cat_id.'/thumbs/'.$image,
        'total_views' => $total_views,
        'cid' => $cid,
        'category_name' => $category_name,
        'category_image' => $file_path.'images/'.$category_image,
        'category_image_thumb' => $file_path.'images/thumbs/'.$category_image
    );
}

如果您希望能够处理任意组合的过滤条件,则应动态构建查询。有关如何在PDO中执行此操作,请参阅https://stackoverflow.com/a/28909923/1491895

答案 1 :(得分:0)

如果你向我们展示一个单独的php的两个部分(因为两者都是api.php,我猜你是),那么是的,程序正如你设计的那样工作:

如果在网址中设置了cat_id,那么它会执行您测试cat_id的部分,并且它不会到达您测试两者的区域。

如果您希望仅在scat_name未设置 时执行该部分,请测试该部分:

变化:

if(isset($_GET['cat_id']))

for:

if(isset($_GET['cat_id']) && !isset($_GET['scat_name']))