0

I'm writing an android application that retrieves data belonging to a particular user. I'm using SharedPreference of Activity1 in Activity2.

here's the SharedPreference that I'm storing in Activity1

SharedPreferences sp = getSharedPreferences("login details", 0);
SharedPreferences.Editor spedit = sp.edit();
spedit.putString("sPhone",sPhone);              
spedit.putString("sPassword", sPassword);
spedit.commit();

I'm using the above SharedPreference in Activity2 and sending it as a String to a PHP file: The Activity2 code:

SharedPreferences prefs = getSharedPreferences("login details", 0);
String str = prefs.getString("sPhone", "");

nameValuePairs.add(new BasicNameValuePair("userid", str));
httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
httppost.setHeader("Content-type", "application/json");
response = httpclient.execute(httppost);
entity = response.getEntity();
is = entity.getContent();

Here's the PHP code:

<?php
mysql_connect("localhost","root","");
mysql_select_db("assigndroid");
header('content-type=application/json; charset=utf-8');

//$userID = isset($_POST['userid']) ? $_POST['userid'] : '';
$userID = mysql_real_escape_string($_POST['userid']);   

$sql=mysql_query("select * from newassignment where issuedBy='$userID';");
while($row=mysql_fetch_assoc($sql))
    $output[]=$row;
print(json_encode($output));
mysql_close();
?>

But the SQL query is returning 'null'. I get an error saying "Undefined variable output". And due to this null value, the application is crashing on the emulator by saying a "FATAL EXCEPTION AsyncTask #1".

Improve this question
4
  • Does the query return values when you run it directly in the database? Commented Apr 10, 2013 at 15:00
  • @andrewsi, yes it is returning values when I run it in the database. Commented Apr 10, 2013 at 15:01
  • Then all I can suggest is that you add some logging and see what it's actually getting passed. What should it return if there are no valid entries in the database, for example? Commented Apr 10, 2013 at 15:03
  • "FATAL EXCEPTION AsyncTask #1" is normally a sign that you mix up UI-Thread and non-Ui-thread stuff Commented Apr 10, 2013 at 15:15

2 Answers 2

Reset to default
1

You need to declare your array in PHP before you try and append a value to it:

// ...

$output = array(); // Add this line
while($row=mysql_fetch_assoc($sql))
    $output[]=$row;

// ...

If you do this, the error will disappear and the output will no longer be invalid JSON.

However, note that you should disable display_errors in production anyway, as errors can expose information about you application that may in turn expose an attack vector to a malicious user.

You also set the request content type to application/json, but the actual type of the data you passed is application/x-www-form-urlencoded. PHP will not decode the data you sent and $_POST will not be populated. Change the request content type:

httppost.setHeader("Content-type", "application/x-www-form-urlencoded");
Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

@DaveRandom I did that. It doesn't give any output at all.
@SankarV Yes, appending a value to an undeclared array does implicitly declare it. But it also raises an E_NOTICE, which on the OP's system is being output, causing the response body to be invalid JSON. Also, if the array is not declared, then you will end up passing null to json_enocde() and an E_NOTICE will be generated. Even if this is not the only problem, it is a problem.
@user2201650 your implementation returns null if the query returns 0 rows. If you want to get an empty array you must follow DaveRandom's answer
@SankarV the thing is nothing is getting passed from the android code where i pass the "userid" to the PHP code.
@user2201650 That's because you passed URL-encoded data but set the content-type of the request to application/json. Set the content-type of the request to application/x-www-form-urlencoded. I will update my answer.
|
0

What DaveRandom said about declaring your array first, but you should also be checking that the query is actually successful. Yes, it works when you run it manually, but that does not guarantee that something else has gone wrong, like getting weird data from your Android client.

eg:

if( $sql = mysql_query("select * from newassignment where issuedBy='$userID';") ) {
  while($row = mysql_fetch_assoc($sql)) {
    $output[] = $row;
  }
  print(json_encode($output));
} else {
  print(json_encode('query failed: ' . mysql_error()));
}
mysql_close();

Also, stop using mysql_* functions. Blah blah deprecated blah SQL injection, you know the whole song and dance...

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.