PHP from iPhone app

Niall_ · January 15, 2011

Hi,

I am new trying to make a simple test iPhone app that reads data from a MySql server via php get method. As a test I used a 'film' database but soon realised that if the get method contains two words '%20' is added to the middle.

As a workaround, I tried:

if (strpos($_GET['film'], '%20') !==false)

$film = str_replace("%20", " ", $_GET['film'];

else

$_GET[film]=$film;

and then appending $film to the end of my sql query.

I have tried many variations of this but cannot get it to work! Any advice would be much appreciated.

Niall

Bradley99 · January 15, 2011

To my knowledge to must use this command:

getCommands()

Like so:

function getCommands()
  {
    $films = array();
    foreach( $this->_commands as $films )
    {
      $selected_film []= $selected_film['title'];
    }
    return $films;

? I am not fully knowledgeable on Iphone Apps so i may be wrong.

dragon_sa · January 15, 2011

$film=$_GET['film'];
$replace=array("%20");
$film=str_replace($replace, ' ', $film);
echo $film;

kenrbnsn · January 15, 2011

You're over thinking the problem. Just use urldecode on the incoming string:

<?php
$film = urldecode($_GET['film']);
?>

Ken

Niall_ · January 15, 2011

Many thanks for the replies, having looked up urldecode, that option is exactly what I was trying to do.

However, it does not seem to work alongside the sql that I am using. The first line works as desired but the second with the urldecode does not:

$rs = mysql_query("SELECT id,title,cert,violence,drugs,sex,language,comments FROM films WHERE title='$_GET[film]'");

$rs = mysql_query("SELECT id,title,cert,violence,drugs,sex,language,comments FROM films WHERE title='urldecode($_GET[film])'");

Any suggestions? Thanks again for the help!

Pikachu2000 · January 15, 2011

You can't just toss a php function into a string like that; you'd need to run the data through the function first, or concatenate the function into the string.

So this:

$film = urldecode($_GET['film']);
$rs = mysql_query("SELECT id,title,cert,violence,drugs,sex,language,comments FROM films WHERE title='$film'");

Or this:

$rs = mysql_query("SELECT id,title,cert,violence,drugs,sex,language,comments FROM films WHERE title='" . urldecode($_GET[film]) . "'");

P.S. You also really, really, really need to be sanitizing any user-supplied data before allowing it into a query string.

Niall_ · January 15, 2011

Thanks for quick reply Pikachu,

I had also tried your first method previously but no luck. Thought it may have been a syntax error before so tried every other possible variation of (), [], ", '.

The second method does not return any results either. For some reason it will only return results when submitted from:

$rs = mysql_query("SELECT id,title,cert,violence,drugs,sex,language,comments FROM films WHERE title='$_GET[film]'");

Thanks also for advice malicious code being passed from user. Have not taken this into account yet as only prototype for a project I'm doing on localhost.

Pikachu2000 · January 15, 2011

If the results are being returned by using $_GET['film'] in the query string, may I ask what makes you think you need to do anything like use urldecode()?

Niall_ · January 15, 2011

Should have put this in the original post -

The user queries from the iphone application. The query is returned perfectly to the php script if it only contains one word. Any more than that I'm getting a nil array so came to the conclusion it was returning for example:

http://localhost:8888/title.php?film=Black%20Swan

Pikachu2000 · January 15, 2011

What is the form written in?

Niall_ · January 15, 2011

There is no html form. The app is calling the php script from the below objective-c method:

- (void)updateString {


self.string = searchtext.text;
label.text = self.string;

NSURL *url = [NSURL URLWithString:[NSString stringWithFormat:@"http://localhost:8888/title.php?film=%@",searchtext.text]]; 
NSString *jsonreturn = [[NSString alloc] initWithContentsOfURL:url]; // Pulls the URL
NSData *jsonData = [jsonreturn dataUsingEncoding:NSUTF32BigEndianStringEncoding];
NSError *error = nil;
NSDictionary * dict = [[CJSONDeserializer deserializer] deserializeAsDictionary:jsonData error:&error];
if (dict)
{
	rows = [dict objectForKey:@"films"];
	[rows retain];
}
NSLog(@"Array: %@",rows);
[jsonreturn release];
NSLog(@"result after rel: %@", searchtext.text);

}

Pikachu2000 · January 15, 2011

If the value is actually being sent with the space encoded as '%20', then you'd need to use rawurldecode, but I'm not sure what you mean when you say it's a nil array.

Niall_ · January 15, 2011

Thanks again for the help, still no joy with rawurldecode().

That should have been null array not nil array - from app console:

2011-01-15 22:22:18.349 json_test[73525:207] Array: (null)
2011-01-15 22:22:18.351 json_test[73525:207] result after rel: avatar

Result from rawurldecode and amended php.

Whereas this is what it looks like for a single word title without any rawurldecode()

Sign In

PHP from iPhone app

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived

Important Information