0

我需要通过 POST 方法将一些数据从 windows phone 7 发送到 php 页面,我在 wp7 端有以下代码

    public void SendPost()
    {
        var url = "http://localhost/HelpFello/profile.php";

        // Create the web request object
        HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url);
        webRequest.Method = "POST";
        webRequest.ContentType = "application/x-www-form-urlencoded";

        // Start the request
        webRequest.BeginGetRequestStream(new AsyncCallback(GetRequestStreamCallback), webRequest);
        MessageBox.Show("data sent");
    }

    void GetRequestStreamCallback(IAsyncResult asynchronousResult)
    {
        HttpWebRequest webRequest = (HttpWebRequest)asynchronousResult.AsyncState;
        // End the stream request operation
        Stream postStream = webRequest.EndGetRequestStream(asynchronousResult);

        // Create the post data
        // Demo POST data 
        string postData = "user_id=3&name=danish&email_id=mdsiddiquiufo&password=12345&phone_Number=0213&about_me=IRuel2&rating=5";

        byte[] byteArray = Encoding.UTF8.GetBytes(postData);

        // Add the post data to the web request
        postStream.Write(byteArray, 0, byteArray.Length);
        postStream.Close();

        // Start the web request
        webRequest.BeginGetResponse(new AsyncCallback(GetResponseCallback), webRequest);
    }

    void GetResponseCallback(IAsyncResult asynchronousResult)
    {
        try
        {
            HttpWebRequest webRequest = (HttpWebRequest)asynchronousResult.AsyncState;
            HttpWebResponse response;

            // End the get response operation
            response = (HttpWebResponse)webRequest.EndGetResponse(asynchronousResult);
            Stream streamResponse = response.GetResponseStream();
            StreamReader streamReader = new StreamReader(streamResponse);
            var Response = streamReader.ReadToEnd();
            streamResponse.Close();
            streamReader.Close();
            response.Close();

        }
        catch (WebException e)
        {
            MessageBox.Show(e.ToString());
        }
    }

并跟随我的本地主机,将数据发送到数据库

<?php
require_once("constants.php");
$user_id = $_POST['user_id'];
$name = $_POST['name'];
$email_id = $_POST['email_id'];
$password = $_POST['password'];
$phone_number = $_POST['phone_number'];
$about_me = $_POST['about_me'];
$rating = $_POST['rating'];


$query="INSERT INTO profile(User_ID,Name,Email_ID,password,Phone_Number,About_Me,Rating) VALUES ({$user_id},'{$name}','{$email_id}','{$password}',{$phone_number}, '{$about_me}' , {$rating})";
mysql_query($query,$connection);
mysql_close($connection);
?>

当我运行代码时,我没有错误,这意味着代码工作正常,但没有数据插入到数据库中。

4

2 回答 2

2

我认为有比 HttpWebRequest 更好的方法。那就是WebClient。您可以在那里更改方法并像在获取字符串中那样附加数据。key=value&key2=value 然后当您调用该请求并获得响应时,请尝试调试并从 VS 获取输出,或者如果这很困难,只需将他的字符串分配给代码中的文本块。您将了解该页面是否曾经执行过。

示例代码:

WebClient wc = new WebClient();
wc.UploadStringCompleted += new UploadStringCompletedEventHandler(wc_UploadStringCompleted);
wc.Headers["Content-Type"] = "application/x-www-form-urlencoded";
wc.Encoding = Encoding.UTF8;

Parameters prms = new Parameters();
prms.AddPair("email", email);
prms.AddPair("password", password);

wc.UploadStringAsync(new Uri(loginUrl), "POST", prms.FormPostData(), null);


private void wc_UploadStringCompleted(object sender, UploadStringCompletedEventArgs e)
{
        // e.Result will contain the page's output
}


// This is my Parameters and Parameter Object classes

public class Parameters
{
public List<ParameterObject> prms;

        public Parameters()
        {
            prms = new List<ParameterObject>();
        }

        public void AddPair(string id, string val)
        {
            prms.Add(new ParameterObject(id, val));
        }

        public String FormPostData()
        {
            StringBuilder buffer = new StringBuilder();

            for (int i = 0; i < prms.Count; i++)
            {
                if (i == 0)
                {
                    buffer.Append(System.Net.HttpUtility.UrlEncode(prms[i].id) + "=" + System.Net.HttpUtility.UrlEncode(prms[i].value));
                }
                else
                {
                    buffer.Append("&" + System.Net.HttpUtility.UrlEncode(prms[i].id) + "=" + System.Net.HttpUtility.UrlEncode(prms[i].value));
                }
            }

            return buffer.ToString();
        }
    }

public class ParameterObject
{
    public string id;
    public string value;

    public ParameterObject(string id, string val)
    {
        this.id = id;
        this.value = val;
    }
}
于 2013-02-08T10:24:44.943 回答
0

第一个错误:假设没有错误信息意味着成功

第二个错误:打开SQL 注入孔

第一个修复:始终假设查询将失败,并检查该条件:

$result = mysql_query($query) or die(mysql_error());

第二个修复:放弃 mysql_ () 函数并使用带有占位符的准备好的语句切换到 PDO。繁荣。没有更多的注入问题,并且在未来的 PHP 版本中删除mysql_ () 时,您的代码不会停止对您的工作。

ps..

第三个错误:您的电话号码值没有引号。所以有人提交了 867-5309,你最终插入了 -4442,因为 mysql 认为它是两个数字相减,而不是一个字符串。

于 2013-02-07T20:00:46.317 回答