SL-PHP-MYSQL problem

[Tabris Daxter]

Hi all,

i'm having a bit of a SL-PHP-MYSQL problem.

the problem i'm having is the data IS getting from SL > PHP and i'm getting a successful status code (200) but it's not putting any data into the table.

i'm not getting any error messages. just a new line in the table with no data.

relevant code snippets below.

LSL code snippet:

playerupdate(string type,key target)
    {
        if (type == "loc")
        {
            gRegionName = llGetRegionName();
            gPlayer = llGetOwnerKey(llGetKey());
            gPlayerName = llKey2Name(gPlayer);
            string URLDATA = URLokey + (string)gPlayer +"&"+ URLoname + gPlayerName +"&"+ URLreg + gRegionName;
            gHttpPutloc = llHTTPRequest(URLroot + locdbupdate + URLDATA,[HTTP_METHOD,"POST",HTTP_MIMETYPE,"application/x-www-form-urlencoded"],"");
        }
        else if (type == "kill")
        {
            gRegionName = llGetRegionName();
            gPlayer = llGetOwnerKey(llGetKey());
            gPlayerName = llKey2Name(gPlayer);
            gTargetName = llKey2Name(target);
            string URLDATA = URLokey + (string)gPlayer +"&"+ URLoname + gPlayerName +"&"+ URLkills + gTargetName;
            gHttpPutloc = llHTTPRequest(URLroot + killdbupdate + llEscapeURL(URLDATA),[HTTP_METHOD,"POST",HTTP_MIMETYPE,"application/x-www-form-urlencoded"],"");
            llSay(0,URLDATA);
        }
        else if (type == "death")
        {
            gRegionName = llGetRegionName();
            gPlayer = llGetOwnerKey(llGetKey());
            gPlayerName = llKey2Name(gPlayer);
            string URLDATA = URLokey + (string)gPlayer +"&"+ URLoname + gPlayerName +"&"+ URLreg + gRegionName;
            gHttpPutloc = llHTTPRequest(URLroot + deathdbupdate + URLDATA,[HTTP_METHOD,"POST",HTTP_MIMETYPE,"application/x-www-form-urlencoded"],"");
        }
    }

 PHP code:

<?php
include("dbinc.php");

$con = mysql_connect($host, $user, $pass);
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db($db, $con);

$sql="REPLACE INTO round_data (name, pkey, loc)
VALUES
('$_POST[name]','$_POST[key]','$_POST[loc]')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo $_POST[name];

mysql_close($con)
?> 

 MYSQL DB structure:

-- --------------------------------------------------------

--
-- Table structure for table `round_data`
--

CREATE TABLE `round_data` (
  `id` tinyint(6) NOT NULL AUTO_INCREMENT,
  `name` varchar(50) COLLATE latin1_general_ci NOT NULL,
  `pkey` varchar(40) COLLATE latin1_general_ci NOT NULL,
  `loc` varchar(50) COLLATE latin1_general_ci NOT NULL,
  `kills` varchar(4) COLLATE latin1_general_ci NOT NULL,
  `deaths` varchar(4) COLLATE latin1_general_ci NOT NULL,
  `score` varchar(4) COLLATE latin1_general_ci NOT NULL,
  PRIMARY KEY (`pkey`,`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci AUTO_INCREMENT=1 ;

--
-- Dumping data for table `round_data`
--

REPLACE INTO `round_data` VALUES(1, '', '', '', '', '', '');

 

[Freya Mokusei]

You'll have to forgive me if I'm off the mark on this (my PHP is rusty), but here:

('$_POST[name]','$_POST[key]','$_POST[loc]')";

These 3 variables don't seem to be defined anywhere; is this the correct method for pulling them from a querystring?

It might be best to verify the variables are being 'caught' by the PHP page (perhaps by printing them on the screen by way of a response).

[Tabris Daxter]

the PHP script i'm using is copied and pasted from an online tutorial, but you might be on the right track

 

EDIT:

found the tutorial @ w3schools

[Freya Mokusei]

Refreshing my memory right now.

Will let you know if I come up with anything, but the immediate issue I come up with is that you're using METHOD_POST (in the LSL: llHTTPRequest) with Querystrings. Querystrings... I think... work best with METHOD_GET. Or at least METHOD_POST will make very little difference.

 

ETA: Querystrings being www.url.tld/page.typ?Key=value&Key2=value2 (intentionally not valid URL)

[Freya Mokusei]

Bingo, see here:

http://php.net/manual/en/reserved.variables.get.php

 

I would use METHOD_GET in your llHTTPRequest

And follow instructions on that page for retrieving the querystring items

htmlspecialchars($_GET["key"])   --> would return "value" using my example URL in the post above.

ETA: Yours would look similar to:

(htmlspecialchars($_GET["name"]),htmlspecialchars($_GET["key"]),htmlspecialchars($_GET["loc"]))

But please read the link, as I said my PHP is rusty at best. I would assume the 'htmlspecialchars' is done to prevent SQL-injection, but I would check this too (right now, you have no SQL-injection prevention).

[Darkie Minotaur]

Freya is quiute right with what shes says - just let's structure it a little more:

1. Use the proper HTTP Method - i.e.: If you want to use POST, put the variable names and their keys in the body - else put them at the end pf the URL. In PHP, use the corresponding array (i.e. $_POST ot $_GET)
2. Use the variables properly - the name of an item in an array goes in '' or "" as well: $_POST['key']
3. The region and the ownername, you don't have to send to php throug POST or GET at all - the values are in the HTTP header anyway
4. We can't really see all you have in your variables - but I have the strange feeling, that some problems may be slumbering in there, too

[Freya Mokusei]

Thank you, Darkie. My PHP skills fall short very quickly in unfamiliar territory. =]

[Tabris Daxter]

i got it sorted out now. ty for getting me on track.

decided to use the script from here to fill in the variables to compact the data being sent somewhat.

[Freya Mokusei]

Yayyy~!

Good luck, Tabris. I'll be keeping an eye on this thread a while longer, in case you have any more problems I (or others) can help with. =]