www php send data to mysql

Question

Hi,

i managed to retrieve my data from mysql via php but i can't figure out how to send data to mysql via php. I have the php file and thats working when i test it in the browser. When i do this in unity i see that my values don't get posted to the php url. My output is showing :

UPDATE unity SET color = '' WHERE firstname = '' AND lastname = ''

the values are missing.

My script :

function setColor (fname : String, lname : String, newColor : String)
{
    var form = new WWWForm();
    form.AddField("firstname", fname);
    form.AddField("lastname", lname);
    form.AddField("color", newColor);
    var setData = new WWW(writeColorURL, form);
    yield setData;
    if(setData.error)
    {
        Debug.Log(setData.error);
    }
    else
    {
        Debug.Log(setData.text);
        Debug.Log("Data has been sent to mysql");
    }
}

What am i doing wrong ? Thanks.

Answer 1

Answer by appels · Aug 01, 2010 at 12:48 AM

ok, i found my problem. it was the url that needed to be constructed in the right format. this was my solution : var createURL = writeColorURL + "?firstname=" + fname + "&lastname=" + lname + "&color=" + newColor; according the php syntax

Add comment · Show 1 · Share

Bunny83 · Aug 16, 2011 at 12:56 PM 0

Share

To sum up: Your php script doesn't read post data but uses get parameters ins$$anonymous$$d.

You should accept your answer to close this question.

Answer 2

Answer by Plato · Feb 04, 2011 at 11:16 AM

As a little optimization advice.

unity+php+mysql is unsafe architecture for storing data - header (get or post) can be easily intersepted by cheaters.

Instead of using php scripts I suggest you download .net mysql connector (http://www.mysql.com/downloads/connector/net/) and use C# scripts to communicate with you database.

Add comment · Show 2 · Share

mikeytrw · Aug 16, 2011 at 12:44 PM 3

Share

I'm sorry, but I completely disagree.

If your sending $$anonymous$$ySQL data directly, your $$anonymous$$ySQL connection details will need to be stored in the source code where it may be fairly trivial to extract (I'm not sure how Unity3D built projects work - but this is the case for iPhone apps).

This traffic can also be intercepted far more easily than SSL secured HTTP requests, and once it is intercepted the attacker has direct access to your database, allowing them complete access to your underlying database infrastructure and completely wreck havoc.

Yes, the $$anonymous$$ySQL traffic will be using the $$anonymous$$ySQL protocol, but it's completely unencrypted - your sending raw SQL statements directly to the database, in terms of security this is ludicrous.

Indeed it is possible to use SSL over a $$anonymous$$ySQL connection but this puts you back in the same bracket as HTTP to PHP, except that if the connection is broken your completely exposed to a vicious attack.

$$anonymous$$uch better to implement a secure tamper-proof PHP backend, with server-side validation and verification.

Bunny83 · Aug 16, 2011 at 12:55 PM 0

Share

@mikeytrw: absolutely! All scripts in your build can be easily decompiled with ILSpy or other reflector programs. Storing sensitive connection data in your scripts will end in a disaster.

www php send data to mysql

2 Replies

Your answer

Follow this Question

Related Questions