我正试图从android设备中使用IMEI变量查询SQL数据库,该变量已收到(用log.txt验证),但每当我将"00000000000000"(android虚拟设备IMEI)替换为"$androidIMEI"时,都不会返回结果,但如果我显式使用IMEI而不是变量,我会接收数据。
<?php
include 'config.php';
$con=mysql_connect("$servername", "$username", "$password")or die("cannot connect");
mysql_select_db("$dbname")or die("cannot select DB");
$androidIMEI = isset($_POST['IMEI']) ? $_POST['IMEI'] : '';
//$f = fopen("log.txt", "w");
//fwrite($f, print_r($androidIMEI, true));
//fclose($f);
$sql = "SELECT * from users WHERE Request = '0' AND IMEI = '000000000000000' ";
//$sql = "SELECT * from users WHERE Request = '0' AND IMEI = '$androidIMEI ' "; //not working
$result = mysql_query($sql);
$json = array();
if(mysql_num_rows($result)){
while($row=mysql_fetch_assoc($result)){
$json['users'][]=$row;
}
}
mysql_close($con);
echo json_encode($json);
?>
更新:(将SQL打印到日志文件)
$sql = "SELECT * from users WHERE Request = '0' AND IMEI = '$androidIMEI'";
$result = mysql_query($sql);
$f = fopen("log.txt", "w");
fwrite($f, print_r($sql, true));
fclose($f);
正在读取日志文件:
SELECT * from users WHERE Request = '0' AND IMEI = '000000000000000'
这就是为什么我不知道为什么它不起作用
第二次更新:
这可能很有用,来自android的代码,我如何将IMEI发送到PHP:
class loadData extends AsyncTask<String, Integer, String> {
private StringBuilder sb;
private ProgressDialog pr;
private HttpResponse req;
private InputStream is;
@Override
protected void onPreExecute() {
super.onPreExecute();
}
@SuppressWarnings("deprecation")
@Override
protected String doInBackground(String... arg0) {
ArrayList<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("IMEI",IMEI));
System.out.println("IMEI: "+IMEI);
try
{
HttpClient httpclient = new DefaultHttpClient();
HttpPost httppost = new HttpPost("http://mysite/myfile.php");
httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpResponse response = httpclient.execute(httppost);
HttpEntity entity = response.getEntity();
is = entity.getContent();
InputStreamReader ireader = new InputStreamReader(is);
BufferedReader bf = new BufferedReader(ireader);
sb = new StringBuilder();
String line = null;
while ((line = bf.readLine()) != null) {
sb.append(line);
}
Log.e("pass 1", "connection success ");
}
catch(Exception e)
{
System.out.println("Error catch e");
}
return id;
}
更改CCD_ 1与CCD_。
此外,您还容易受到SQL注入的攻击。不要使用不推荐使用的mysql_*函数并过滤您的输入。有关更多信息,请访问How can I prevent SQL injection in PHP?
查询中$androidIMEI
之后有一个space
。
$sql = "SELECT * from users WHERE Request = '0' AND IMEI = '$androidIMEI ' ";
应该是
$sql = "SELECT * from users WHERE Request = '0' AND IMEI = '$androidIMEI';";
试试这行
$sql="SELECT*from users WHERE Request='0'AND IMEI='{$android}IMEI'";
我希望它能起作用。
注意那些花括号。