Hi,
Can someone explain where my PHP is going wrong? I am able to POST and update my MySQL table with the username and password, but when I try and check the information and have GET send back the unique id its not working.
I have been following a few tutorials, but my knowledge of PHP is not great.
\<?php $port = '3306'; $link = mysql\_connect('localhost', 'username', 'password'); // database connection strings. change these to your DB and Table names. $dbName = "project"; $tableName = "User"; if (!$link) { exit('Error: Could not connect to MySQL server!'); } // connect to the table mysql\_select\_db($dbName)or die("cannot select DB"); // lets prepare some files to capture what is going on. $incomingJson = 'json.txt'; $fullArray = 'fullArray.txt'; // needed if you enable the debugging secton below $sqlErrorLog = "sqlErrors.txt"; // initialize the string with a blank value $string = ""; // start SEND data if ($\_SERVER['REQUEST\_METHOD'] === 'POST') { //capture incoming data error\_reporting(E\_ALL | E\_STRICT); $sig = $\_POST["sig"]; $jsondata = $\_POST["params"]; // this line captures the sent data so you can figure out what you need to send back. file\_put\_contents($incomingJson,$jsondata); // this line tells the application that the data send was successful. echo '{"Status":"Success"}'; // convert JSON to an array $array = json\_decode($jsondata, TRUE); /\* // formats the array to view it easier $results = print\_r($array,true); file\_put\_contents($fullArray,$results); \*/ //get the total number of objects in the array $arrlength = count($array['Children']['1']['Properties']); // set while loop index $i = 0; //loop through array node and get row values while ($i \< $arrlength ) { // get row value $value = $array['Children']['1']['Properties'][$i]['Value']."\n"; // convert delimited string to an array $arrayPieces = explode("|", $value); // get array values. This section would have to be modified to capture each value you are interested in. $rowName = $arrayPieces[0]; // this variable will be blank if you don't name your rows. $Username = $arrayPieces[2]; $Password =$arrayPieces[3]; // construct SQL statement $sql="INSERT INTO ".$tableName."(username, password)VALUES('$Username', '$Password')"; // insert SQL statement $result=mysql\_query($sql); // catch any errors if($result){ // if successful do nothing for now. } else { // if failure, write to custom log $sqlError = "Error writing to database\n"; file\_put\_contents($sqlErrorLog, $sqlError, FILE\_APPEND); } $i++; } } // end of POST if ($\_SERVER['REQUEST\_METHOD'] === 'GET') { $username = $\_GET["username"]; $pass = $\_GET["password"]; $query = 'SELECT \* FROM User WHERE username="' . mysql\_real\_escape\_string($username) . '" or email="' . mysql\_real\_escape\_string($email) . '"'; $dbresult = mysql\_query($query, $link); if (!$dbresult) { //echo "query failed"; $result = array(); $result["result"] = 403; $result["message"] = mysql\_error(); echo json\_encode($result); mysql\_free\_result($dbresult); exit; } $player = mysql\_fetch\_array($dbresult, MYSQL\_ASSOC); if (strcmp($player["password"],md5($password)) == 0) { $result = array(); $result["result"] = 200; $result["message"] = "Success"; $result["id"] = $player["id"]; $query = sprintf("UPDATE players SET lastlogin=NOW() WHERE id=%s;", $player["id"]); $uresult = mysql\_query($query, $link); if ($uresult) { //code if your update failed. Doesn't really impact what we are doing. so do nothing. } echo json\_encode($result); } else { //echo "password mismatch"; $result = array(); $result["result"] = 403; $result["message"] = "Forbidden"; echo json\_encode($result); } } else { $result = array(); $result["result"] = 400; $result["message"] = "Bad Request"; echo json\_encode($result); } error\_reporting(E\_ALL | E\_STRICT); exit; ?\>