0

I have to make a web service. Therefore I referred some tutorials in the internet and came up with the following codes

index.php

<html>
<head>
    <title>Form page</title>
</head>

<body>

    <form action="http://localhost:81/my%20web%20service/webservice" method="get">
        Table name:<br>
        <input type="text" name="s" value=""><br>
        <input type="submit" value="Submit">
    </form>
</body>
</html>

webservice.php

<?php

    include('connectdb.php');

    $something = $_GET['s'];
    $sqlcode = mysql_query("Select * from $something");

    $jsonObj= array();
    while($result=mysql_fetch_object($sqlcode))
    {
        $jsonObj[] = $result;
    }

    $final_res =json_encode($jsonObj) ;
    echo $final_res;
?>

connectdb.php

<?php
    $hostname="localhost";
    $username="root"; //write your username
    $password=""; //write your password
    $db_name="webservice_trial"; //write your db name
    $con=mysql_connect($hostname,$username,$password);
    mysql_select_db($db_name,$con) or die ("Cannot connect the Database");
    mysql_query("SET NAMES 'utf8'",$con); 

?>

The above codes works fine. When I enter a name of a table from form.php, it will retrieve all tuples in that particular table.

Now what I want to do is to make data display on another page. i.e. I want to transfer data from webservice.php to another page from json format. so I edited my webservice.php as following

webservice.php

<?php

    include('connectdb.php');

    $something = $_GET['s'];
    $sqlcode = mysql_query("Select * from $something");

    $jsonObj= array();
    while($result=mysql_fetch_object($sqlcode))
    {
        $jsonObj[] = $result;
    }

    $final_res =json_encode($jsonObj) ;
    echo $final_res;

    $jsonArray = (array) json_decode($final_res);
    echo $jsonArray[0];

?>

it gives the following error

[{"name":"hilton","town":"colombo","telephone":"774933705","description":"excellent"},{"name":"galadari","town":"colombo","telephone":"112894143","description":"best"},{"name":"mt. lavinia","town":"mt. lavinia","telephone":"773580324","description":"good"}]

Catchable fatal error: Object of class stdClass could not be converted to string in C:\xampp\htdocs\json_folder\my web service\webservice.php on line 18

Nimmi Rashinika
  • 149
  • 1
  • 4
  • 14
  • 2
    Typo `jsonArray`, needs a `$`. – chris85 Feb 21 '16 at 18:52
  • The very last line of the posted code. Needs a $ in front of jsonArray. – Source Matters Feb 21 '16 at 18:53
  • You'll also want to address the gaping SQL injection issue present in the code posted. :) – Source Matters Feb 21 '16 at 18:54
  • I edited the typo still it is giving errors. help me – Nimmi Rashinika Feb 21 '16 at 19:01
  • Hello [SQL Injection](http://php.net/manual/en/security.database.sql-injection.php) – BugHunterUK Feb 21 '16 at 19:04
  • **Danger**: You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Feb 21 '16 at 19:13

2 Answers2

3

You can either change

$jsonArray = json_decode($final_res);

to 

$jsonArray = json_decode($final_res, True);

or, to access the name of the first item use

print $jsonArray[0]->name;
IeuanG
  • 504
  • 5
  • 13
0

Instead of trying to typecast the decoded string to an array, use this, which is the right way to do it.

$jsonArray = json_decode($final_res, TRUE);

Now, you will have an array, which you can echo or var_dump.

var_dump($jsonArray);

As in your question, what your error says is that, you are trying to echo it as a variable, where what you are trying to echo is actually an object class. Probably because it isnt being typecasted.

Advices:

  • Please stop using mysql functions. Its deprecated. Use mysqli or PDO.

  • Read about SQL Injections. Never trust userinputs. Always sanitize them or use prepared statements.

Kishor
  • 1,513
  • 2
  • 15
  • 25