我现在已经学习了Php / SQL / JSON超过24小时,而且它已经很好了。我已经制作了一个数据库,现在有了php页面来向数据库添加数据。
我创建了一个php页面来返回一个JSON对象。它确实这样做了,但它似乎也返回了一些文字。
[{"id":"5","udid":"4564645","name":"LastName","score":"999999.00","date":"2011-04-14 18:10:33"},{"id":"4","udid":"9123456789012345678901234567590123456789","name":"sdfdsf","score":"111110.13","date":"2011-04-14 18:10:01"},{"id":"3","udid":"0123456789012345678901234567890123456789","name":"derktreb","score":"710.13","date":"2011-04-14 18:09:12"},{"id":"1","udid":"0123456789012345678901234567890123456789","name":"brandontreb","score":"210.13","date":"2011-04-14 11:40:05"},{"id":"2","udid":"0123456789012345678901234567890123456789","name":"brandontreb","score":"210.13","date":"2011-04-14 18:08:35"}]
Name Score
[编辑]'姓名''得分'不再出现。这个php文件的旧版本被调用导致它出现。 下面的代码似乎正常工作。看到它的任何问题?
如果你看到我做过的任何noob错误,请指出我。
PHP代码:
<?php
// get_scores.php
/** MySQL database name */
define('DB_NAME', 'b_Chat');
/** MySQL database username */
define('DB_USER', 'b_App');
/** MySQL database password */
define('DB_PASSWORD', 'testtesttest');
/** MySQL hostname */
define('DB_HOST', $_ENV{DATABASE_SERVER});
$table = "highscores";
// Initialization
$conn = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
mysql_select_db(DB_NAME, $conn);
// Error checking
if(!$conn) {
die('Could not connect ' . mysql_error());
}
$type = isset($_GET['type']) ? $_GET['type'] : "global";
$offset = isset($_GET['offset']) ? $_GET['offset'] : "0";
$count = isset($_GET['count']) ? $_GET['count'] : "10";
$sort = isset($_GET['sort']) ? $_GET['sort'] : "score DESC";
// Localize the GET variables
$udid = isset($_GET['udid']) ? $_GET['udid'] : "";
$name = isset($_GET['name']) ? $_GET['name'] : "";
// Protect against sql injections
$type = mysql_real_escape_string($type);
$offset = mysql_real_escape_string($offset);
$count = mysql_real_escape_string($count);
$sort = mysql_real_escape_string($sort);
$udid = mysql_real_escape_string($udid);
$name = mysql_real_escape_string($name);
// Build the sql query
$sql = "SELECT * FROM $table WHERE ";
switch($type) {
case "global":
$sql .= "1 ";
break;
case "device":
$sql .= "udid = '$udid' ";
break;
case "name":
$sql .= "name = '$name' ";
break;
}
$sql .= "ORDER BY $sort ";
$sql .= "LIMIT $offset,$count ";
$result = mysql_query($sql,$conn);
if(!$result) {
die("Error retrieving scores " . mysql_error());
}
//echo $result;
$rows = array();
while($row = mysql_fetch_assoc($result)) {
$rows[] = $row;
}
echo json_encode($rows);
mysql_free_result($result);
mysql_close($conn);
?>
非常感谢, -code
答案 0 :(得分:0)
似乎是在此片段之后还有其他内容正在执行...
尝试添加exit();在mysql_close()之后看看会发生什么。如果你得到你期望的结果,那么你的请求也是在执行其他代码。
答案 1 :(得分:0)
一次优化
而不是
// Protect against sql injections
$type = mysql_real_escape_string($type);
$offset = mysql_real_escape_string($offset);
$count = mysql_real_escape_string($count);
$sort = mysql_real_escape_string($sort);
$udid = mysql_real_escape_string($udid);
$name = mysql_real_escape_string($name);
try shorthand ( first handle mysql injection with `$_GET`)
$get_data = array_map('mysql_real_escape_string',$_GET);
注意: $_GET不应该是多维数组
也改变顺序
mysql_free_result($result);
mysql_close($conn);
echo json_encode($rows);