1

http request code

POST /parse.php HTTP/1.1
Host: mysite.com
Connection: Keep-Alive
Content-Length: 26
Content-Type: application/x-www-urlencoded

lt=12.123123&ln=123.123123

php code

//connect to database codes here
$database = "update name_tbl set lat='".$_GET['lt']."', lng='".$_GET['ln']."' where id=1";
mysqli_query($conn, $database)

So my problem I think is in the php part when I enter mysite.com/parse.php?lt=12.123123&ln=123.123123 to test if it's working and it does but when I the http request code on HttpRequest it but the send value is both 0.000000.

King Umen
  • 19
  • 6
  • 2
    if you're issuing a post request, your variables will be in `$_POST`, not `$_GET`. also, if a user sets `lt` to `'; drop table name_tbl;--`, something unintended might happen, watch for that. – castis Feb 08 '17 at 21:11
  • 1
    Read it, use it, fast! http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php – AbraCadaver Feb 08 '17 at 21:35
  • @AbraCadaver Dont worry the data above is just for testing, and thanks for the suggestion. – King Umen Feb 09 '17 at 12:56

1 Answers1

0

If you aren't sure whether the request has come to you via a GET or a POST method, you could try something like this

$lt = isset($_GET['lt']) ? $_GET['lt'] : (isset($_POST['lt']) ? $_POST['lt'] : null);
$ln = isset($_GET['ln']) ? $_GET['ln'] : (isset($_POST['ln']) ? $_POST['ln'] : null);

There might be another option called $_REQUEST which encompasses both $_GET and $_POST but has it own quirks too. Please have a read on the following link to get a better idea:

Among $_REQUEST, $_GET and $_POST which one is the fastest?

Community
  • 1
  • 1
Dhruv Saxena
  • 1,336
  • 2
  • 12
  • 29
  • Please try debugging the code by adding `print_r($_POST);` and `print_r($_GET);` to see if you're actually receiving the variables in the first place. – Dhruv Saxena Feb 09 '17 at 08:22
  • tried it print on the webpage `Array ( ) Array ( [lt] => 14.657575 [ln] => 120.984224 )` – King Umen Feb 09 '17 at 08:32
  • but on the httprequester `Array ( ) Array ( ) ` is the response – King Umen Feb 09 '17 at 08:33
  • So when the code on webpage is run, `$lt` and `$ln` should receive `14.657575` and `120.984224` respectively (via `$_POST`), if you `echo` them after the assignment statement. Not sure how `httprequester` is sending the data. It is likely that the variables have not been attached properly to the request. – Dhruv Saxena Feb 09 '17 at 08:37
  • 1
    The code is working `Content-Type: application/x-www-form-urlencoded` – King Umen Feb 09 '17 at 09:24
  • Great!! Good luck :) – Dhruv Saxena Feb 09 '17 at 11:16