我有以下的PHP代码:
include 'db.php'; $user = $_POST['username']; $q = $connection->query('SELECT id FROM myTable WHERE username=".$user."'); foreach($q AS $row) { echo $row['id']; }我试图让一个C#应用程序发布一个变量到一个PHP页面,然后查询数据库并回显一个将在C#应用程序中使用的字符串。 我的C#代码如下所示:
public string getId(string url) { string test = "testing123"; NameValueCollection formData = new NameValueCollection(); formData["username"] = test; using (WebClient wc = new WebClient()) { byte[] resp = wc.UploadValues(url, "POST", formData); string responsefromserver = Encoding.UTF8.GetString(resp); wc.Dispose(); Console.WriteLine(responsefromserver); return responsefromserver; } }正如您所看到的,我只想编写应用程序从PHP页面返回到控制台然后返回它的内容,但是当我运行应用程序时,它什么都不返回。 至少它似乎。 有谁知道为什么? 对不起,如果这是明显的,我仍然是整个C#的东西很新。
I have the following PHPcode:
include 'db.php'; $user = $_POST['username']; $q = $connection->query('SELECT id FROM myTable WHERE username=".$user."'); foreach($q AS $row) { echo $row['id']; }I'm trying to make a C# application post a variable to a PHP page that then queries the db and echos a string that will be used in the C# app. My C# code looks like this:
public string getId(string url) { string test = "testing123"; NameValueCollection formData = new NameValueCollection(); formData["username"] = test; using (WebClient wc = new WebClient()) { byte[] resp = wc.UploadValues(url, "POST", formData); string responsefromserver = Encoding.UTF8.GetString(resp); wc.Dispose(); Console.WriteLine(responsefromserver); return responsefromserver; } }As you can see, I just want to write what the app gets back from the PHP page to the console and then return it, but when I run the app, it returns nothing. At least it appears to. Does anyone have any idea why? Sorry if this is blatantly obvious, I'm still pretty new to the whole C# thing.
最满意答案
更换
$q = $connection->query('SELECT id FROM myTable WHERE username=".$user."');同
$q = $connection->query('SELECT id FROM myTable WHERE username='.$user.';');然后再试一次。
作为最佳实践,请使用预准备语句以避免SQL注入。
replace
$q = $connection->query('SELECT id FROM myTable WHERE username=".$user."');with
$q = $connection->query('SELECT id FROM myTable WHERE username='.$user.';');and try again.
As a best practise, use prepared statement to avoid SQL injection.
更多推荐
发布评论