Handle Post Data of JSON in PHP

Question

I receive JSON post data ....

{"split_info":"17076370","customerName":"Lahoti","status":"failed","error_Message":"fail.","paymentId":"17076370","productInfo":"productInfo","customerEmail":"cxxxx.xx@gmail.com","customerPhone":"999999999","merchantTransactionId":"BR121","amount":"19.0","notificationId":"443"}

I have written PHP code to Update my Database using merchantTransactionId received as JSON post data. My database is not going to update... My php code is as below Please help..

<?php
include("dbconnection.php");
if(isset($_POST))
{
$json_a = json_decode($_POST, true);
 $Id=$json_a['merchantTransactionId'];
 $status="payUMoney";
 mysql_query("UPDATE std SET status= '".$payStatus."' WHERE Id='".$Id."'", $db);
?>

It's wrong syntax, but also you may consider using pdo or mysqli API — Gerardo Charles Rojas Vega, Jun 28 '15 at 14:23
`$status` and `$payStatus`? Plus you're vulnerable to [sql injection attacks](http://bobby-tables.com) — Marc B, Jun 29 '15 at 16:15
If you're posting your json data as the post body and not as a form value then you need to access it through $json_string = file_get_contents('php://input') e.g. http://stackoverflow.com/questions/8893574/php-php-input-vs-post — Peter Fox, Jun 29 '15 at 16:24
You have a low rate. Important on SO, you have to mark accepted answers by using the tick on the left of the posted answer, below the voting. This will increase your rate. See how this works by visinting this link: http://meta.stackoverflow.com/questions/5234/how-does-accepting-an-answer-work#5235 — Pentium10, Apr 20 '18 at 08:53

score 2 · Answer 1 · answered Jun 29 '15 at 16:30

You need to be reading the HTTP request body directory as $_POST only provides form data where as from the sound of it you're trying to receive a json/application request?

<?php
include("dbconnection.php");

$json_string = file_get_contents('php://input');

if($json_string !== null)
{
 $json_a = json_decode($json_string, true);
 $Id=$json_a['merchantTransactionId'];
 $status="payUMoney";
 mysql_query("UPDATE std SET status= '".$payStatus."' WHERE Id='".$Id."'", $db);
}
?>

Please don't ever generate SQL statements this way though, they're massively insecure and will leave you open to SQL injection attacks and all kinds of nasties.

Handle Post Data of JSON in PHP

1 Answers1