0

Hello i am doing my uni work and we are working with curl and php, i have made a script as told. the script retrieves an id from a html form then using curl pass it to a php script to update a database, this all works fine, But in my curl script i read the response from the php page which echos

OK

after updating the database, and my if statement fails to read the OK, What have i done wrong ? as i said the code works fine it just does not display the right message in the if statement after reading the response, Here's what the curl script displays if i try it, again the database is updated fine ect, just not reading the response properly however as you see in the code i echo the response to test it and it displays OK, with a space before the OK so i tried " OK" and 'OK' and again with a space but all fail to match it to the response.

error

test responce = OK

the code.

Curl code

<?php
$id = $_POST["id"];

$connection = curl_init();
curl_setopt($connection, CURLOPT_URL, "http://southamptonstudentrooms.com/Wad/downloadwebservice3.php");
$dataToPost = array ("id" => $id);
curl_setopt($connection,CURLOPT_RETURNTRANSFER,1);
curl_setopt($connection,CURLOPT_POSTFIELDS,$dataToPost);
$response = curl_exec($connection);
// display any errors
if(curl_errno($connection)){
    echo 'Curl error: ' . curl_error($ch);
}
curl_close($connection);
if ($response == " OK") {
    echo "updated";
    }
else if ($response == " ERROR") {
    echo "updated failed";
    }
else {
    echo "error";
    }
echo "<br><br>test response =" . $response; // displays " OK" 
var_dump($response); // displays: string(4) " OK"
?>

PhP script that it access -user info to connect changed for security 

<?php
$servername = "localhost";
$username = "south609_edwin";
$password = "Zx10r2006";
$dbname = "south609_test_database";
$ID = $_POST["id"];
$status;

    // 11: Chris Palmer, username ChrisPalmer, Password tree987, Balance 2.00
    // Create connection
    $conn = mysqli_connect($servername, $username, $password, $dbname);
    // Check connection
    if (!$conn) {
        die("Connection failed: " . mysqli_connect_error());
    }

    $sql = "SELECT * FROM ht_users WHERE username='ChrisPalmer'";
    $result = mysqli_query($conn, $sql);

    if (mysqli_num_rows($result) > 0) {
        // output data of each row
        while($row = mysqli_fetch_assoc($result)) {
            if($row["balance"] >= 0.79)
            {
                mysqli_close($conn);
                try {
                    //WAI
                    $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
                    // set the PDO error mode to exception
                    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

                    $sql = "UPDATE wadsongs SET downloads=downloads + 1 WHERE songid='$ID'";

                    // Prepare statement
                    $stmt = $conn->prepare($sql);

                    // execute the query
                    $stmt->execute();

                    $status = "OK";
                    // echo a message to say the UPDATE succeeded
                    // echo $stmt->rowCount() . " records UPDATED successfully";
                    }
                    catch(PDOException $e)
                    {
                        echo $sql . "<br>" . $e->getMessage();
                    }
                $conn = null;
            }
            else{
                $status = "ERROR";
            }
        }
    }
    else {
        echo "0 results";
        mysqli_close($conn);
    }
echo $status;
?>
Edwin Martin
  • 319
  • 3
  • 15
  • Since the echo "OK" is inside the while condition at some specific time its not looping in. Make sure to take a variable as $status = '' and assign the different values once the conditions are met and at the last line before the function closes write : echo $status; – Channaveer Hakari Oct 04 '17 at 17:41
  • tried it still the same, again the curl script could echo the response from the php update script so that was not the issue, but i did it anyway, – Edwin Martin Oct 04 '17 at 17:51
  • Are you sure your getting response as "OK". Can you please post the var_dump or print_r of your response. So that we can help in better way – Channaveer Hakari Oct 04 '17 at 17:54
  • Using var dump on the curl script var_dump($response); i get: string(4) " OK" and i am trying to read it with either if ($response == "OK") or if ($response == " OK") – Edwin Martin Oct 04 '17 at 17:58
  • 1
    you can use if(trim($response) == "OK"). trim() function will trim the white spaces. – Channaveer Hakari Oct 04 '17 at 18:05
  • Don't mix mysqli and PDO, use one or the other. Also, your code is vulnerable to [**SQL injection**](https://en.wikipedia.org/wiki/SQL_injection) attacks. You should use prepared statements with bound parameters, via either the [**mysqli**](https://secure.php.net/manual/en/mysqli.prepare.php) or [**PDO**](https://secure.php.net/manual/en/pdo.prepared-statements.php) drivers. [**This post**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) has some good examples. – Alex Howansky Oct 04 '17 at 18:19

2 Answers2

1

The problem your having is the response that your getting is have a white spaces which is not matching with "OK" hence you can trim the white spaces with the help of trim() function in PHP

So now your code will become

if(trim($response) == "OK"){
//Your success code
}
Channaveer Hakari
  • 2,769
  • 3
  • 34
  • 45
1

And it was as simple as that, thank you Channaveer Hakari. Even though i was trying to read the space and string it still failed oddly, but your trim idea worked perfectly it is now working as intended. If any one knows why did the php add the space is it like C where it adds a null pointer /0 when passing it over in cases such as char streams.

Edwin Martin
  • 319
  • 3
  • 15