0

I want to get the name of the current logged in user and send it to php ..

I tried to type a name and it worked perfectly.

But if I want to send a variable like in here It doesn't work: 

//let defaultValues = UserDefaults.standard
//let username1 = defaultValues.string(forKey: "username");
//let username2 = NSFullUserName()

let username2 = NSUserName()
let urlPath: String = 
"http://127.0.0.1/PhpstormProjects/myiosapp/v1/MyWishes.php?username=username2" // here is the problem 

func downloadItems() {

    let url: URL = URL(string: urlPath)!
    let defaultSession = Foundation.URLSession(configuration: URLSessionConfiguration.default)

    let task = defaultSession.dataTask(with: url) { (data, response, error) in

        if error != nil {
            print("Failed to download data")
        }else {
            print("Data downloaded")
            self.parseJSON(data!)
        }
    }  
    task.resume()
}
...

I think it's because it sends the variable as a string.

This is the line of code in php (works good when sending a string):

$username = $_GET['username'];

$sql = "SELECT * FROM ITEM WHERE username = $username";

Any suggestions?

tadman
  • 208,517
  • 23
  • 234
  • 262
Reema
  • 11
  • 3
  • 1
    1) Don't post code as a screenshot. 2) If you post an image, don't link to it. Include it in the question. 3) **Your code is vulnerable to SQL injection and will be hacked** even if [you are escaping inputs!](https://stackoverflow.com/a/5741264/2595450) Use [Prepared Statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) instead. Check: [How can I prevent SQL injection in PHP](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Spoody Apr 25 '18 at 17:07
  • Okay thanks and sorry for that. Actually the app is for a university course project so it won't be published it just has to accomplish some functionalities. Is there any way I can edit the code to send a variable? @Mehdi – Reema Apr 25 '18 at 17:11
  • Not really, I checked the answer because it is PHP tagged, also xcode is an IDE so no need for the tag here. – Spoody Apr 25 '18 at 17:27
  • That code is compiled. The user is dynamic. Do you want to record the user the code was compiled *with*, or the user that eventually runs the code? – tadman Apr 25 '18 at 17:34
  • The user who is logged in to the application. @tadman – Reema Apr 25 '18 at 18:09
  • Pull that from the environment. On macOS that's the `USER` variable. – tadman Apr 25 '18 at 18:13

0 Answers0