Post data into external Database from Xcode

Question

I'm creating an app where the user clicks two buttons and it uploads information from that into a external mysql database hosted on godaddy. This code use to work but no longer does, I can't understand why it's now stopped working. Can you see whats wrong with the code? Or if this even the best way to go about doing this In my .h file I have this along with my textfields

#define kPostURL @"http://www.mywebsite.com/dosomething.php"
#define kName @"name"
#define kMessage @"message"

In my .m file I have this code

-(void) postMessage:(NSString*) message withName:(NSString *) name{

//check isnt receiving two anit paramters
if(name !=nil && message !=nil){

    NSMutableString *postString = [NSMutableString stringWithString:kPostURL];

    [postString appendString:[NSString stringWithFormat:@"?%@=%@",kName, name]];
    //makes kname equal to name
    [postString appendString:[NSString stringWithFormat:@"&%@=%@", kMessage , message]];

    [postString setString:[postString stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding]];

    NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:[NSURL URLWithString:postString]];
    [request setHTTPMethod:@"POST"];

    postConnection = [[NSURLConnection alloc] initWithRequest:request delegate:self startImmediately:YES];

        }
}


-(IBAction)post:(id)sender{
_textField3.text = @"15";
[self postMessage: self.textField2.text withName:self.textField3.text];
_textField2.text = nil;
_textField3.text = nil;
[self dismissViewControllerAnimated:YES completion:nil];
}

Below is my php file, this was working and then I changed it to (int)$_POST["name"],to see what it done and it didn't work I then changed it back to the original $name = $_POST["name"] and it no longer works. It now creates a new test entry but has blank name and message fields, where as before it use to populate it.

<?php
include ("./inc/connect.inc.php");
//header('Content-type: application/json');

$name = $_POST["name"];
$message =$_POST["message"];    

$query = "INSERT INTO test VALUES ('','$name','$message')";

mysql_query($query) or die(mysql_error("error"));

mysql_close();

?>

Why has it done this? Is this the correct way to add an entry into a database

Answer 1

As far as your PHP goes, it is recommended to no longer use the mysql_* functions. Use PDO with prepared statements instead.

Then it depends how you want to send the data to the server. There are basically two options available:

• Send via form-data

  Your data will be sent just like any HTML sends it and you will be able to use $_POST in PHP. See How can I upload a photo to a server with the iPhone? to see how to do it in iOS

• Send as XML/JSON payload

  Your data will be sent in the request body as JSON (See How to send json data in the Http request using NSURLRequest)

A PHP script that can handle this could look like:

<?php

/**
 * Handle POST request with JSON payload like:
 *
 * {"name": "a name","message":"hi"}
 */

$body = file_get_contents('php://input');
$json = json_decode($body);

$parameters = array(
    ':name'    => $json->name,
    ':message' => $json->message,
);

/**
 * Or alternatively handle POST request with form-data payload
 */
$parameters = array(
    ':name'    => $_POST['name'],
    ':message' => $_POST['message'],
);

// Use PDO, it is recommended over mysql_* functions for database interactions
// (can be outsourced to some included file if you prefer)
$db = new PDO(
    'mysql:dbname=somedb;host=database.example.com',
    'username',
    'password'
);

// Use prepared statements to prevent SQL injection
$statement = $db->prepare(
    'INSERT INTO test (name, message) VALUES (:name, :message)'
);
$statement->execute($parameters);
$statement->closeCursor();