PHP read JSON file and output

Question

I am trying to import a JSON file, read it and then output the results. I am a bit stuck with getting the JSON keys etc right.

This is an excerpt from the JSON file:

{
  "CVE_data_type" : "CVE",
  "CVE_data_format" : "MITRE",
  "CVE_data_version" : "4.0",
  "CVE_data_numberOfCVEs" : "566",
  "CVE_data_timestamp" : "2017-07-26T10:00Z",
  "CVE_Items" : [ {
    "cve" : {
      "CVE_data_meta" : {
        "ID" : "CVE-2010-1154"
      },
      "affects" : {
        "vendor" : {
          "vendor_data" : [ ]
        }
      },
      "problemtype" : {
        "problemtype_data" : [ {
          "description" : [ ]
        } ]
      },
      "references" : {
        "reference_data" : [ ]
      },
      "description" : {
        "description_data" : [ {
          "lang" : "en",
          "value" : "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: This candidate was in a CNA pool that was not assigned to any issues during 2010.  Notes: none."
        } ]
      }
    },
    "configurations" : {
      "CVE_data_version" : "4.0",
      "nodes" : [ ]
    },
    "impact" : { },
    "publishedDate" : "2017-07-24T16:29Z",
    "lastModifiedDate" : "2017-07-24T16:29Z"
  }, {
    "cve" : {
      "CVE_data_meta" : {
        "ID" : "CVE-2010-1430"
      },
      "affects" : {
        "vendor" : {
          "vendor_data" : [ ]
        }
      },
      "problemtype" : {
        "problemtype_data" : [ {
          "description" : [ ]
        } ]
      },
      "references" : {
        "reference_data" : [ ]
      },
      "description" : {
        "description_data" : [ {
          "lang" : "en",
          "value" : "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: This candidate was in a CNA pool that was not assigned to any issues during 2010.  Notes: none."
        } ]
      }
    },
    "configurations" : {
      "CVE_data_version" : "4.0",
      "nodes" : [ ]
    },
    "impact" : { },
    "publishedDate" : "2017-07-24T16:29Z",
    "lastModifiedDate" : "2017-07-24T16:29Z"
  }, {
    "cve" : {
      "CVE_data_meta" : {
        "ID" : "CVE-2010-1631"
      },
      "affects" : {
        "vendor" : {
          "vendor_data" : [ ]
        }
      },
      "problemtype" : {
        "problemtype_data" : [ {
          "description" : [ ]
        } ]
      },
      "references" : {
        "reference_data" : [ ]
      },
      "description" : {
        "description_data" : [ {
          "lang" : "en",
          "value" : "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: none.  Reason: This candidate was in a CNA pool that was not assigned to any issues during 2010.  Notes: none."
        } ]
      }
    },
    "configurations" : {
      "CVE_data_version" : "4.0",
      "nodes" : [ ]
    },
    "impact" : { },
    "publishedDate" : "2017-07-24T16:29Z",
    "lastModifiedDate" : "2017-07-24T16:29Z"
  },

My PHP file is as follows:

<?php
    //Load the JSON feed
    $file = 'nvdcve-1.0-recent.json';
    $json = file_get_contents($file);
    $json_data = json_decode($json, true);
    $vulns = $json_data->CVE_Items[0];

    //Check if JSON file is actually found.
    if (file_exists($file)) {
    echo "The file $file exists";
    } else {
    echo "The file $file does not exist";
    }

    //echo '<pre>' . var_dump($json_datas) . '</pre>';

    //Loop through items and display
    foreach ($vulns as $vuln) {
        $cveid = $vuln->cve->CVE_data_meta->ID;
        echo $cveid . '<br>';
     }

    //Print the array - Debugging only.
    //print_r($json_datas);

 ?>

This PHP is just for testing, eventually, I will need to loop and echo out all the different sections to make a complete entry such as ID, affects, problemtype, references etc...

I've never used JSON with PHP before and I've read so many articles today, each telling me a different way of doing it, it's making my head hurt!

It would make more sense to check the json files exists before trying to do a `file_get_contents()` on a file that does not exist — RiggsFolly, Jul 26 '17 at 14:18
There is nothing special about JSON. its just a transport format. Once you have successfully done a `json_decode()` the result is a Native PHP data structure and should be processed as such. — RiggsFolly, Jul 26 '17 at 14:22
Also `json_decode(data, true)` will give you associative array and not object — codtex, Jul 26 '17 at 14:22
@codtex Ah good point. So remove the `true` from the `json_decode()` and your code will probably work — RiggsFolly, Jul 26 '17 at 14:23
But the fact that you didnt realise this, probably means you are running PHP without error displays turned on, so Add [error reporting](http://stackoverflow.com/questions/845021/how-to-get-useful-error-messages-in-php/845025#845025) to the top of your file(s) _while testing_ right after your opening PHP tag for example ` — RiggsFolly, Jul 26 '17 at 14:24

Dmitry Korets · Answer 1 · 2017-07-26T14:36:33.737

-1

Your json is invalid. That's why json_decode($json) returns NULL. Check you json https://jsonformatter.curiousconcept.com/ here

UPDATE

<?php
$file = 'nvdcve-1.0-recent.json';
$json = file_get_contents($file);
$json_data = json_decode($json);
$vulns = $json_data->CVE_Items;

if (file_exists($file)) {
    echo "The file $file exists";
} else {
    echo "The file $file does not exist";
}
foreach ($vulns as $vuln) {
    $cveid = $vuln->cve->CVE_data_meta->ID;
    echo $cveid; echo '<br>';
}


?>

edited Jul 26 '17 at 14:36

answered Jul 26 '17 at 14:24

Dmitry Korets

87
5

Remember, this was just a small extract of the full JSON String – RiggsFolly Jul 26 '17 at 14:25
The full JSON is from [link](https://static.nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-recent.json.zip) which has about 600 entries, each with the different values I posted above so I kept it short for brevity :) – Luke Jul 26 '17 at 14:29
solved. try $vulns = $json_data->CVE_Items; insted of $vulns = $json_data->CVE_Items[0]; It outputs a large list of IDs for me instead of NULLs – Dmitry Korets Jul 26 '17 at 14:34
It works for the IDs but not the other attributes:- "affects" : { "vendor" : { "vendor_data" : [ ] } }, "problemtype" : { "problemtype_data" : [ { "description" : [ ] } ] }, "references" : { "reference_data" : [ ] }, "description" : { "description_data" : [ { "lang" : "en", "value" : , "configurations" : { "CVE_data_version" : "4.0", "nodes" : [ ] }, "impact", "publishedDate" "lastModifiedDate" – Luke Jul 26 '17 at 14:54

PHP read JSON file and output

1 Answers1