dongshanji3102 2013-11-01 15:02
浏览 97
已采纳

使用POST将SQL语句传递给PHP服务器

In my Java code I have something like this:

nameValuePairs.add(new BasicNameValuePair("sql", "INSERT INTO 
`TABLE_NAME` ( `id` , ,`description`)VALUES (NULL , 'some text')"));

But when the string reaches the server, it is like:

$sql = $_POST['sql'];

$sql contains:

INSERT INTO  `TABLE_NAME` ( `id` , ,`description`)VALUES (NULL ,
\'some text\')

The thing is I want to pass SQL statements to my PHP server and execute them on the server like this:

mysql_query($sql,$con);

I want to me able to send SQL statements to server and then parse the response. But the SQL statements I want are to be built in the Java application.

How should this be done?

is this protected enough ?

 if(isset($_GET['phpusername']) && ($_GET['phpusername'] == "user" ) )
 {  
if(isset($_GET['phppassword']) && ($_GET['phppassword'] == "pass" )) {
               `//do some execution of raw sql query`
         } }
  • 写回答

1条回答 默认 最新

  • doubaoguo7469 2013-11-01 15:14
    关注

    If you need to construct queries on java side and can't avoid that, I would recommend you to send not the whole query line, but a pairs like table_name='mytable', id='12', description='blablabla'.

    For example, you can useJSON format or simple post, or anything you like. You can do that line of variables on java side, send it to php side, parse it there and make a query "of your dream" ;)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 有偿求跨组件数据流路径图
  • ¥15 写一个方法checkPerson,入参实体类Person,出参布尔值
  • ¥15 我想咨询一下路面纹理三维点云数据处理的一些问题,上传的坐标文件里是怎么对无序点进行编号的,以及xy坐标在处理的时候是进行整体模型分片处理的吗
  • ¥15 CSAPPattacklab
  • ¥15 一直显示正在等待HID—ISP
  • ¥15 Python turtle 画图
  • ¥15 关于大棚监测的pcb板设计
  • ¥15 stm32开发clion时遇到的编译问题
  • ¥15 lna设计 源简并电感型共源放大器
  • ¥15 如何用Labview在myRIO上做LCD显示?(语言-开发语言)