1

I have database where I have to insert a row but first I have to perform a check on pid. I am unable to found the solution kindly help. Here is my php code:

<?php

/*
 * Following code will create a new product row
 * All product details are read from HTTP Post Request
 */

// array for JSON response
$response = array();

// check for required fields
if (isset($_POST['name']) && isset($_POST['price']) && isset($_POST['description'])) {

    //$name = $_POST['name'];
    //$price = $_POST['price'];
    //$description = $_POST['description'];

$name = "zone";
$price = 123;
$description = "what";
    // include db connect class
    require_once __DIR__ . '/db_connect.php';

    // connecting to db
    $db = new DB_CONNECT();

    // mysql inserting a new row
    $result = mysql_query("IF ((select count(*) from products where pid = 7)= 0)
BEGIN
INSERT INTO products(name, price, description) VALUES('$name',
'$price', '$description');
END
ELSE
BEGIN
END");


    // check if row inserted or not
    if ($result) {
        // successfully inserted into database
        $response["success"] = 1;
        $response["message"] = "Product successfully created.";

        // echoing JSON response
        echo json_encode($response);
    } else {
        // failed to insert row
        $response["success"] = 0;
        $response["message"] = "Oops! An error occurred.";

        // echoing JSON response
        echo json_encode($response);
    }
} else {
    // required field is missing
    $response["success"] = 0;
    $response["message"] = "Required field(s) is missing";

    // echoing JSON response
    echo json_encode($response);
}
?>

Here is my android code

List<NameValuePair> params = new ArrayList<NameValuePair>();
            params.add(new BasicNameValuePair("name", name));
            params.add(new BasicNameValuePair("price", price));
            params.add(new BasicNameValuePair("description", description));

            JSONObject jsonObject= new org.test.JSONParser().makeHttpRequest(URL, "POST", params);

            try {
                int success = jsonObject.getInt(TAG_SUCCESS);

                if (success == 1) {
                    // successfully created product

                   Log.d("create","created");
                    // closing this screen
                    finish();
                } else {
                    // failed to create product
                }
            } catch (JSONException e) {
                e.printStackTrace();
                Log.d("exc","exc "+e);
            }
            return null;
        }

        public void onPostExecute(String file_url){
            pDialog.dismiss();

Product is not inserted and I get the message success 0 oops and error occurred that is $result is not 1. Please help!

4

1 回答 1

0

尽管我无法完全验证它,但我非常有信心向 MySQL 发送这样的完整语句将会惨遭失败。然而,如果你把它分解成更真实的块,它就会成功。也许是这样的:

$result = mysql_query("SELECT `pid` FROM `products` WHERE `pid` = 7");
$rows = mysql_num_rows($result);
if ($rows == 0) {
    // this means there is NOT a record WHERE pid = 7...
    $result = mysql_query("INSERT INTO products(name, price, description)
        VALUES('$name', '$price', '$description')");
    if ($result) {
        // an ERROR occurred INSERT'ing the data
    }
}
else {
    // this means there is a record WHERE pid = 7...
}

编辑

您的评论验证了我对失败的假设,因为您说它产生了这个错误:

您的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册,以获取在 'IF ((select count(*) from products where pid = 7)= 0) 附近使用的正确语法

安全提示

请远离mysql_query并至少利用mysqli_query和参数化查询,以确保您免受 SQL 注入。

于 2013-05-10T13:31:46.880 回答