0

I am working on an android app and building my php scripts for accessing the db. I want to test them via my browser - get the correct response, error handling etc etc.

how do i add my parameters tot he url. This is my attempt but seems to neither error nor work.

http://X.X.X.X/myphpScript.php?param1=test&param2=test

<?php

// array for JSON response
$response = array();

 // check for required fields
if (isset($_POST['param1']) && isset($_POST['param2'])) 
{
    //do stuff
}
?>
Fearghal
  • 10,569
  • 17
  • 55
  • 97
  • That should be correct for GET parameters. Do you have error reporting on? Can you post your code? – chris85 Apr 17 '15 at 17:37
  • oh wait, i am using 'POST' whats the diff (beyond the obv) – Fearghal Apr 17 '15 at 17:39
  • Here's a thread on them. http://stackoverflow.com/questions/504947/when-should-i-use-get-or-post-method-whats-the-difference-between-them – chris85 Apr 17 '15 at 17:40
  • and what should i be using to check if a table should be updated (select statment) and updating it if it should (inster statment) – Fearghal Apr 17 '15 at 17:41
  • Ok thx for the post, get stuff its clear. How do i add the params for a post which is a superset of get – Fearghal Apr 17 '15 at 17:43
  • You can use GET or POST. You just need to call it right in the PHP AND you'll need to separate out the user values from the SQL so you don't get injected. http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?lq=1 You also might want to use `!empty` over `isset` that way you ensure the input had a value as well. – chris85 Apr 17 '15 at 17:43
  • can you put an answer - what should my url look like for above code – Fearghal Apr 17 '15 at 17:45

2 Answers2

1

A simple var_dump should help:

var_dump($_GET); //Test parameters received in the address bar (gets)
var_dump($_POST); //Test parameters sent by, in most cases, forms
var_dump($_REQUEST); //Prints out both get and post received

Useful functions i use for testing:

var_dump, print_r

You can also try x-debug. Heres a guide I've found: https://mutelight.org/minimal-guide-to-debugging-php-with-xdebug-and-vim

Hope it help

Carlos
  • 53
  • 5
  • yes but what should a url for testing my script in browser look like – Fearghal Apr 17 '15 at 17:52
  • @Fearghal if you're using your local server: http://localhost/myphpScript.php?param1=test&param2=test or http://127.0.0.1/myphpScript.php?param1=test&param2=test – Carlos Apr 17 '15 at 18:02
  • So best to use post for security: username password from an app? – Fearghal Apr 17 '15 at 18:29
  • I suppose so... But only sending through post will not guarantee security for your app. take a look here: https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet – Carlos Apr 17 '15 at 18:55
1

You can't send POST via the URL. You could change your code to

if (isset($_GET['param1']) && isset($_GET['param2'])) {

I'm not sure how android sends requests though, can it make GET requests? You could make a simple form as well to test.

<form method="post">
<input name="param1" value="test" type="text" />
<input name="param2" value="test" type="text" />
<input type="submit" />
</form>
<?php if (isset($_POST['param1']) && isset($_POST['param2'])) {
//do stuff
}?>

Solution three you could send a POST request via the command line (linux)...

curl --verbose --data "param1=test&param2=test" http://website.com/script.php
chris85
  • 23,846
  • 7
  • 34
  • 51
  • ok il try that out. Android can make get or post calls, i planned to do a post so maybe that means no params in url needed. I was just testing my url. first. thx i wont forget to close with you. – Fearghal Apr 17 '15 at 17:52