Skip to main content

Send data from android to mysql using php

Image
By User



I have a some text on an android client, I want to send it to the database(MySQL). How do I do this.Please help me with this. I tried using php and Mysql. Is the query in Php right??





Here is what I have tried Insert.java







public class Insert extends ListActivity {

String[] ct_name = null;



@Override

public void onCreate(Bundle savedInstanceState) {

    super.onCreate(savedInstanceState);

    // setContentView(R.layout.main);



    InputStream is = null;

    // http post

    ArrayList<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();       

    nameValuePairs.add(new BasicNameValuePair("c_name","KL"));

    try{

        HttpClient httpclient = new DefaultHttpClient();

        HttpPost httppost = new HttpPost("http://10.0.2.2/city1.php");

        httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));

        HttpResponse response = httpclient.execute(httppost);

        HttpEntity entity = response.getEntity();

        is = entity.getContent();

        }catch(Exception e){

        Log.e("log_tag", "Error in http connection"+e.toString());

        }

    }



}







I am not sure about the php file but here goes





city1.php







<?php

   $hostname_localhost ="localhost";

   $database_localhost ="mydatabase";

   $username_localhost ="root";

   $password_localhost ="";



$localhost = mysql_connect($hostname_localhost,$username_localhost,$password_localhost) 

    or trigger_error(mysql_error(),E_USER_ERROR);



   mysql_select_db($database_localhost);

   $sql=mysql_query("INSERT INTO CITY (CITY_NAME)VALUES('".$_REQUEST['c_name']."')");

   //for updation

   //$sql=update CITY set CITY_NAME='".$_REQUEST['c_name']."' where CITY_ID=22

   $r=mysql_query($sql);

   if(!$r)

   echo "Error in query: ".mysql_error();

   mysql_close();

?>







MYSQL







CREATE TABLE `mydatabase`.`city` (

`CITY_ID` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,

`CITY_NAME` VARCHAR( 50 ) NOT NULL

) ENGINE = MYISAM ;




Labels:

Comments

  1. Tips For AllMarch 5, 2012 at 7:14 AM

    I'd change this:

    $sql=mysql_query("INSERT INTO CITY (CITY_NAME)VALUES('".$_REQUEST['c_name']."')");


    to

    $c_name = mysql_real_escape_string($_REQUEST['c_name']);
    $sql = mysql_query("INSERT INTO CITY (CITY_NAME) VALUES('".$c_name."')");


    Otherwise, you're vulnerable to SQL injection attacks!

    EDIT:

    I'm assuming this line:

    $sql=mysql_query("INSERT ...


    should be

    $sql="INSERT ...


    ?

    Otherwise this line makes no sense:

    $r=mysql_query($sql);


    Also, is there any output indicating an error when accessing http://10.0.2.2/city1.php?c_name=Foobar from your browser?

    @JLevett Even though unrelated to the problem at hand, that vuln was the first thing that caught my eye, so I wanted to point that out quickly, before dealing with the problem itself.

    ReplyDelete

Post a Comment

Popular posts from this blog

Slow Android emulator

By User
I have a 2.67 GHz Celeron processor, 1.21 GB of RAM on a x86 Windows XP Professional machine. My understanding is that the Android emulator should start fairly quickly on such a machine, but for me it does not. I have followed all instructions in setting up the IDE, SDKs, JDKs and such and have had some success in staring the emulator quickly but is very particulary. How can I, if possible, fix this problem?
30 comments
Read more