dongshanji3102 2013-11-01 15:02
浏览 97
已采纳

使用POST将SQL语句传递给PHP服务器

In my Java code I have something like this:

nameValuePairs.add(new BasicNameValuePair("sql", "INSERT INTO 
`TABLE_NAME` ( `id` , ,`description`)VALUES (NULL , 'some text')"));

But when the string reaches the server, it is like:

$sql = $_POST['sql'];

$sql contains:

INSERT INTO  `TABLE_NAME` ( `id` , ,`description`)VALUES (NULL ,
\'some text\')

The thing is I want to pass SQL statements to my PHP server and execute them on the server like this:

mysql_query($sql,$con);

I want to me able to send SQL statements to server and then parse the response. But the SQL statements I want are to be built in the Java application.

How should this be done?

is this protected enough ?

 if(isset($_GET['phpusername']) && ($_GET['phpusername'] == "user" ) )
 {  
if(isset($_GET['phppassword']) && ($_GET['phppassword'] == "pass" )) {
               `//do some execution of raw sql query`
         } }
  • 写回答

1条回答 默认 最新

  • doubaoguo7469 2013-11-01 15:14
    关注

    If you need to construct queries on java side and can't avoid that, I would recommend you to send not the whole query line, but a pairs like table_name='mytable', id='12', description='blablabla'.

    For example, you can useJSON format or simple post, or anything you like. You can do that line of variables on java side, send it to php side, parse it there and make a query "of your dream" ;)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 使用ESP8266连接阿里云出现问题
  • ¥15 BP神经网络控制倒立摆
  • ¥20 要这个数学建模编程的代码 并且能完整允许出来结果 完整的过程和数据的结果
  • ¥15 html5+css和javascript有人可以帮吗?图片要怎么插入代码里面啊
  • ¥30 Unity接入微信SDK 无法开启摄像头
  • ¥20 有偿 写代码 要用特定的软件anaconda 里的jvpyter 用python3写
  • ¥20 cad图纸,chx-3六轴码垛机器人
  • ¥15 移动摄像头专网需要解vlan
  • ¥20 access多表提取相同字段数据并合并
  • ¥20 基于MSP430f5529的MPU6050驱动,求出欧拉角