我正在创建一个活动,该活动将更新数据库中的"患者"表。
当我尝试在 php 中使用 $_POST 方法删除条件并尝试将临时内容放在变量上时,结果是成功的。但是当我再次输入 $_POST 方法并运行我的 android 应用程序时,结果不成功。请帮我弄清楚。谢谢。
这是代码,我正在创建一个安全问题活动:
import android.os.AsyncTask; import
android.support.v7.app.ActionBarActivity; import android.os.Bundle;
import android.util.Log; import android.view.Menu; import
android.view.MenuItem; import android.widget.ArrayAdapter; import
android.widget.Spinner; import android.widget.EditText; import
android.widget.Button; import android.view.View; import
android.content.Intent; import android.widget.Toast;
import org.json.JSONException; import org.json.JSONObject;
import java.util.HashMap;
public class Securityquestion_Activity extends ActionBarActivity {
Spinner question;
EditText answer;
Button submit;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_securityquestion_);
question = (Spinner)findViewById(R.id.securityQuestion);
answer = (EditText)findViewById(R.id.securityAnswer);
submit = (Button)findViewById(R.id.submit);
String[] questions = {
"What's the name of your first pet?",
"Where's your place of birth?",
"What's the sum of your birth date and month?",
"What's your father's middle name?",
"What's the surname of your third grade teacher?",
"Who's your first boyfriend/girlfriend?",
"Who's your first kiss?",
};
ArrayAdapter<String> stringArrayAdapter=
new ArrayAdapter<String>(this,
android.R.layout.simple_spinner_dropdown_item,
questions);
question.setAdapter(stringArrayAdapter);
}
public void submit(View v){
String secquestion = question.getSelectedItem().toString();
String secanswer = answer.getText().toString();
Bundle extras = getIntent().getExtras();
String secID;
if(extras!=null){
secID = extras.getString("sec_id");
String[] args = {secquestion, secanswer, secID};
SaveSecurity saveSecurity = new SaveSecurity();
saveSecurity.execute(args);
}
}
@Override
public boolean onCreateOptionsMenu(Menu menu) {
// Inflate the menu; this adds items to the action bar if it is present.
getMenuInflater().inflate(R.menu.menu_securityquestion_, menu);
return true;
}
@Override
public boolean onOptionsItemSelected(MenuItem item) {
// Handle action bar item clicks here. The action bar will
// automatically handle clicks on the Home/Up button, so long
// as you specify a parent activity in AndroidManifest.xml.
int id = item.getItemId();
//noinspection SimplifiableIfStatement
if (id == R.id.action_settings) {
return true;
}
return super.onOptionsItemSelected(item);
}
class SaveSecurity extends AsyncTask<String, String, JSONObject>{
JSONParser jsonParser = new JSONParser();
private static final String LOGIN_URL = "http://192.168.56.1/dc/security.php";
private static final String TAG_SUCCESS = "success";
private static final String TAG_MESSAGE = "message";
@Override
protected void onPreExecute() {
super.onPreExecute();
}
@Override
protected JSONObject doInBackground(String... args) {
try {
HashMap<String, String> params = new HashMap<>();
params.put("secquestion", args[0]);
params.put("secanswer", args[1]);
params.put("secID", args[2]);
Log.d("request", "starting");
JSONObject json = jsonParser.makeHttpRequest(LOGIN_URL, "POST", params);
if (json != null) {
Log.d("JSON result", json.toString());
return json;
}
}catch (Exception e) {
e.printStackTrace();
}
return null;
}
@Override
protected void onPostExecute(JSONObject json) {
int success = 0;
String message = "";
if (json != null) {
Toast.makeText(Securityquestion_Activity.this, json.toString(),
Toast.LENGTH_LONG).show();
try {
success = json.getInt(TAG_SUCCESS);
message = json.getString(TAG_MESSAGE);
} catch (JSONException e) {
e.printStackTrace();
}
}
if (success == 1) {
Log.d("Success!", message);
Intent go = new Intent(Securityquestion_Activity.this, Home_Activity.class);
go.putExtra("all_ID","secID");
finish();
startActivity(go);
}
else if (success == 0) {
Log.d("Failure", message);
}
else{
Log.d("Failure", message);
}
}
}
}
这是 php 代码:
<?php
require_once 'connection.php';
header('Content-Type: application/json');
//This method here was the one I mentioned above
if(isset($_POST["secquestion"])&& isset($_POST["secanswer"])&& isset($_POST["secID"])){
//These are the variables I tried temporarily changing it's content when I tested the php
$ptnt_d = $_POST["secID"];
$scrty_qstn = $_POST["secquestion"];
$scrty_nswr = $_POST["secanswer"];
if(!empty($ptnt_d)&&!empty($scrty_qstn)&&!empty($scrty_nswr)){
$query = "Update patients Set patientsecurity='$scrty_qstn' and patientanswer='$scrty_nswr' WHERE patientid='$ptnt_d'";
$result = $db->query($query);
if($result){
$json['success']=1;
$json['message']="Security question and answer successfully saved.";
echo json_encode($json);
}
else{
$json['success']=0;
$json['message']="Oops! An error occurred.";
echo json_encode($json);
}
}
else{
$json['message']="You must complete all required fields.";
echo json_encode($json);
}
}
?>
您没有正确清理 sql 查询:
更新患者 设置患者安全='你的第一只宠物叫什么名字?'和病人答案='Bachoy' 其中 patientid='007-7992'"
尝试做类似$field = mysql_real_scape($_POST['field']);