2

I am trying to insert some values into a MySQL-database using PHP. I am fairly certain that my android code is correct, but I have very limited understanding of PHP. Am I doing something obvious wrong?

<?

$databasehost = "MyIPAdress:port";
$databasename = "databaseIWant";
$databaseusername = "UserWithPerms";
$databasepassword = "CorrectPassword";

$con = mysql_connect($databasehost,$databaseusername,$databasepassword) or die(mysql_error());
mysql_select_db($databasename) or die(mysql_error());

$email = $_POST['email'];
$password = $_POST['password'];
$school = $_POST['school'];

$sql = "INSERT INTO users(username, password, school) VALUES ('$email', '$password', '$school');

$query_exec = mysql_query($sql) or die(mysql_error());
mysql_close();

?>

Here is the android code as well: (Java)

When a user registers this method gets called:

private void RegisterNewUser(String username, String password) {
        RegisterUserOnNetwork regUser = new RegisterUserOnNetwork();
        regUser.execute(username, password);
    }

class RegisterUserOnNetwork extends AsyncTask<String, String, String> {
    private Exception exception;

protected String doInBackground(String... strings) {
    List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
    nameValuePairs.add(new BasicNameValuePair("email", strings[0]));
    nameValuePairs.add(new BasicNameValuePair("password", strings[1]));

    try {
        DefaultHttpClient httpClient = new DefaultHttpClient();
        HttpPost httpPost = new     HttpPost("http://IpAdress/RegisterUser.php");
            httpPost.setEntity(new UrlEncodedFormEntity(nameValuePairs));

            HttpResponse httpResponse = httpClient.execute(httpPost);
            HttpEntity httpEntity = httpResponse.getEntity();

            Log.e("RESULT", EntityUtils.toString(httpEntity) + "l");

            return "Gebruiker suksesvol geskep!";
        } catch (Exception e) {
            e.printStackTrace();
            return "Bediener kon nie bereik word nie.";
        }
    }
}
Improve this question
8
  • Have you tested your connection to the database ? Is it working ? Commented Jan 3, 2016 at 10:14
  • I have another C# application connecting to the same database and it works (although it doesn't use PHP). So the database is working :) Commented Jan 3, 2016 at 10:18
  • Because it's usually a pain to setup a connection between the Android client & the database using MySQL (for the first time), so you really should worry about the configuration first. Commented Jan 3, 2016 at 10:20
  • 1
    I guess the missing " to end the $sql string is just a typo and correct in your PHP code? Commented Jan 3, 2016 at 10:49
  • 1
    Sorry but is it not that you have username instead of email? So it looks like your trying to POST to email but your using username. "INSERT INTO users(username, password, school) should be "INSERT INTO users(email, password, school) Commented Jan 3, 2016 at 11:51

3 Answers 3

Reset to default
1

No school is send to PHP. Also PHP error will be helpful in debuging.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You are not posting data for "School" you should add another line of code in ur android app

 nameValuePairs.add(new BasicNameValuePair("school", YOUR_DATA));
Improve this answer

1 Comment

The school line was accidentally left out of my code snippet but is indeed in the application's code...
0

Add these lines before DeafultHttpClient

StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder().permitAll().build();
            StrictMode.setThreadPolicy(policy);

Add internet permission to your Manifest file.

<uses-permission android:name="android.permission.INTERNET" />

PHP code.

<?php
$databasehost = "MyIPAdress:port";
$databasename = "databaseIWant";
$databaseusername = "UserWithPerms";
$databasepassword = "CorrectPassword";

$con = mysqli_connect($databasehost, $databaseusername, $databasepassword, $databasename) or die(mysqli_error());

$email = $_POST['email'];
$password = $_POST['password'];
$school = $_POST['school'];

$sql = "INSERT INTO users(username, password, school) VALUES ('$email', '$password', '$school')";

$query_exec = mysqli_query($con, $sql) or die(mysql_error());
mysqli_close();
?>
Improve this answer

1 Comment

The closing double quotes are missing yet. Notice, that interpolation of $_POST values is highly vulnerable to SQL injection.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.