Android Question SOLVED: PHP question about simple if..then

udg

udg

Expert
Licensed User
Longtime User
SOLVED: I missed second equal sign in the if test making it an assignement... :-(

Hi all,

can you please help with the following code?
B4X: 
<?php
include('app_conn.php');
$rawdata1 = file_get_contents("php://input");  // user=X&action=Y
parse_str($rawdata1,$myarray);  //user=x; action=y
$user2 = mysqli_real_escape_string($link,$myarray['user']); //secure it
$action = $myarray['action'];
$giorno= date("Y-m-d"); //today
header("HTTP/1.1 500 Internal Server Error");
  echo ' rawdata: '.$rawdata1;
  print_r($myarray);
  echo ' action:'.$action;
  echo ' user: '.$user2;
  echo ' giorno: '.$giorno;  //everything ok up until this point
if ($user2 = "1")
  {$giorno = "2013-12-10";} //use specific date for user=1
  echo ' user: '.$user2;  //wrong user!! user = 2 becomes user = 1 ????
  echo ' giorno: '.$giorno;
  exit;
...
This snippet show a "strange" unexpected behaviour since posting user=2&action=1 shows values correctly before the if statement and renders $user2 as 1 right after the if.
What's wrong with it?

To post test data I use
B4X: 
ExecuteRemoteQuery("user=2&action=1",XYZ)
..
Sub ExecuteRemoteQuery(Query As String, JobName As String)
job.PostString("http://mytestsite.com/test01.php",Query)

TIA

Umberto
 
Last edited:
Sort by date Sort by votes
DonManfred

DonManfred

Expert
Licensed User
Longtime User
B4X: 
if ($user2 = "1")

you want to SET $user2 to 1 in this IF...
To test if $user2 IS 1 you have to use
B4X: 
if ($user2 == "1")

or, if you test about an boolean it must be

B4X: 
if ($user2 === true)
 
Upvote 0
udg

udg

Expert
Licensed User
Longtime User
Hi Manfred,

that's exactly what I found looking with more attention at my code.
Forgetting the second equal sign made what was supposed to be a test an assignment instead (btw, I suppose that the assignment is evalueted always TRUE so the if condition is always satisfied).

What do you think about my code scheme? Do you find it appropriate to secure my app?
Actually I just need to send in an userID and an actionID, then a switch statement in the php is used to prepare a few different sql queries where the userID is used to return info specific for that user. No INSERTs, UPDATEs or other kind of db statement, only SELECT queries.
User here is more an app/group ID than a real user (intended as a person).

Thanks for your attention,

Umberto
 
Upvote 0
You must log in or register to reply here.

Similar Threads

Cliff McKibbin
  • Article
Android Example Syncing local databases using PHP to access a database on a hosted server
Replies
1
Views
3K
thetrueman
T
Erel
  • Locked
  • Article
B4J Library [B4X] Xml2Map - Simple way to parse XML documents
2 3
Replies
48
Views
36K
Erel
Erel
Erel
  • Locked
  • Article
B4A Library FirebaseStorage - Simple file storage backend
3 4 5
Replies
96
Views
44K
Erel
Erel
Erel
  • Locked
  • Article
B4J Library [B4X] KVS2 / KeyValueStore 2 - Simple & Powerful Local Datastore
2 3 4
Replies
74
Views
54K
Erel
Erel
Erel
  • Locked
  • Article
B4A Library [Tool] Simple Library Compiler - Build libraries without Eclipse
11 12 13
Replies
248
Views
143K
Erel
Erel
Top