访问从 stringRequest 发送的数据

【问题标题】:Access data sent from stringRequest访问从 stringRequest 发送的数据
【发布时间】:2021-07-07 02:58:57
【问题描述】:

我正在尝试访问从 stringRequest 发送的数据:

public class ProductDetailActivity extends AppCompatActivity {
String cart_url = "http://192.168.1.15/AndroidAppDatabaseConnection/add_to_cart.php";
String favorites_url = "http://192.168.1.15/AndroidAppDatabaseConnection/add_to_favorites.php";
@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_product_detail);
    Intent intent = getIntent();
    String imageUrl = intent.getStringExtra(EXTRA_URL);
    String email = intent.getStringExtra("user");
    final int product_id = intent.getIntExtra(EXTRA_ID, 0);
    String name = intent.getStringExtra(EXTRA_NAME);
    Double price = intent.getDoubleExtra(EXTRA_PRICE, 0);
    String description = intent.getStringExtra(EXTRA_DESCRIPTION);
    ImageView imageView = findViewById(R.id.image_view);
    TextView textViewName = findViewById(R.id.text_view_name);
    TextView textViewPrice = findViewById(R.id.text_view_price);
    TextView textViewDescription = findViewById(R.id.text_view_description);
    Button add_cart = findViewById(R.id.add_cart);
    Button add_favorites = findViewById(R.id.add_wishlist);
    add_cart.setTag(email);
    textViewName.setText(name);
    textViewPrice.setText(price + "€");
    textViewDescription.setText(description);
    add_cart.setOnClickListener(new View.OnClickListener() {
        @Override
        public void onClick(View view) {
            String email = view.getTag().toString();
            add_to_cart(email, product_id);
        }
    });
    add_favorites.setOnClickListener(new View.OnClickListener() {
        @Override
        public void onClick(View view) {
            add_to_favorites();
        }
    });
}
private void add_to_cart(final String e, final int id) {
    JSONObject jsonBody = new JSONObject();
    try {
        jsonBody.put("user", e);
        jsonBody.put("product", id);
        final String requestBody = jsonBody.toString();
    } catch (JSONException ex) {
        ex.printStackTrace();
    }
    StringRequest stringRequest = new StringRequest(Request.Method.POST, cart_url, new Response.Listener<String>() {
        @Override
        public void onResponse(String response) {
            Log.i("VOLLEY", response);
            Toast.makeText(ProductDetailActivity.this,"successfully Add Into Cart",Toast.LENGTH_SHORT).show();
        }
    }, new Response.ErrorListener() {
        @Override
        public void onErrorResponse(VolleyError error) {
            Toast.makeText(ProductDetailActivity.this, "Could not add item into cart", Toast.LENGTH_SHORT).show();
        }
    }){
        @Override
        public Map<String, String> getParams() {
            HashMap<String, String> params = new HashMap<String, String>();
            params.put("user", e);
            params.put("product", String.valueOf(id));
            return params;
        }
    };
    RequestQueue requestQueue = Volley.newRequestQueue(this);
    requestQueue.add(stringRequest);
}
private void add_to_favorites() {
    StringRequest stringRequest = new StringRequest(Request.Method.POST, favorites_url, new Response.Listener<String>() {
        @Override
        public void onResponse(String response) {
            Toast.makeText(ProductDetailActivity.this, "Successfully added into Favorites", Toast.LENGTH_SHORT).show();
        }
    }, new Response.ErrorListener() {
        @Override
        public void onErrorResponse(VolleyError error) {
            Toast.makeText(ProductDetailActivity.this, "Could not add item into favorites", Toast.LENGTH_SHORT).show();
        }
    }){
        @Override
        public Map<String, String> getHeaders() throws AuthFailureError {
            HashMap<String, String> headers = new HashMap<String, String>();
            headers.put("Content-Type", "application/json; charset=utf-8");
            return headers;
        }
    };
   RequestQueue requestQueue = Volley.newRequestQueue(this);
    requestQueue.add(stringRequest);
}

在这里我尝试访问我的 PHP 文件中的数据:

<?php
include_once "database_connect.php";
$email = $_POST["user"];
$product_id = $_POST["product"];
$sql = "SELECT * FROM users WHERE email = '$email';";
$result= mysqli_query($conn,$sql);
$row = mysqli_fetch_assoc($result);
$user_id = $row['user_id'];
$count=mysqli_num_rows($result);
if($count>0){ /*if product is already in cart */
    echo "Product already in cart";
}
else {
    $add_to_cart="INSERT INTO cart (user_id,product_id,quantity) VALUES ('$user_id','$product_id','1')";
    if(!mysqli_query($conn,$add_to_cart))
    {
        echo "Can't add product to cart";
    }
    else
    {
        echo "Product successfully added to cart";
    }
}

发生的情况是查询成功运行,但在 user_id 和 product_id 位置都插入了 0。

我做错了什么?

提前谢谢你!

【问题讨论】:

  • 您的查询(对 SQL 注入开放)与购物车中的商品无关。所以if($count&gt;0){ /*if product is already in cart */ 不正确。
  • 您的问题最终解决了吗?
  • 我确实做到了@Ivan86,谢谢你的帮助。

标签: java php android android-studio android-volley


【解决方案1】:

小心 SQL 注入!使用prepared statements 保护您的数据库。

要检查特定用户的产品是否已经在购物车中,您可以将您的第一个 sql 查询更改为类似这样的内容(编写为准备好的语句):

$conn = new mysqli($servername, $username, $password, $dbname);

$stmt = $conn->prepare("SELECT c.quantity FROM cart c
                       JOIN users u ON u.user_id = c.user_id
                       WHERE c.product_id = ? AND u.email = ?");

$stmt->bind_param("is", $product_id, $email);
// 'i' means integer and 's' means string
$stmt->execute();
$stmt->store_result();

if($stmt->num_rows > 0) {
    // product exists in cart
}

$stmt->close();

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2020-03-18
    • 1970-01-01
    • 1970-01-01
    • 2016-08-03
    • 1970-01-01
    • 2017-11-20
    • 2011-08-27
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode