Community

Question

Hi,

i managed to retrieve my data from mysql via php but i can't figure out how to send data to mysql via php. I have the php file and thats working when i test it in the browser. When i do this in unity i see that my values don't get posted to the php url. My output is showing :

UPDATE unity SET color = '' WHERE firstname = '' AND lastname = ''

the values are missing.

My script :

function setColor (fname : String, lname : String, newColor : String)
{
    var form = new WWWForm();
    form.AddField("firstname", fname);
    form.AddField("lastname", lname);
    form.AddField("color", newColor);
    var setData = new WWW(writeColorURL, form);
    yield setData;
    if(setData.error)
    {
        Debug.Log(setData.error);
    }
    else
    {
        Debug.Log(setData.text);
        Debug.Log("Data has been sent to mysql");
    }
}

What am i doing wrong ? Thanks.

Answer 1

0

ok, i found my problem. it was the url that needed to be constructed in the right format. this was my solution : var createURL = writeColorURL + "?firstname=" + fname + "&lastname=" + lname + "&color=" + newColor; according the php syntax

answered Aug 01 '10 at 12:48 AM

appels
256 ● 18 ● 19 ● 27

To sum up: Your php script doesn't read post data but uses get parameters instead.

You should accept your answer to close this question.

Aug 16 '11 at 12:56 PM Bunny83

(comments are locked)

Answer 2

0

As a little optimization advice.

unity+php+mysql is unsafe architecture for storing data - header (get or post) can be easily intersepted by cheaters.

Instead of using php scripts I suggest you download .net mysql connector (http://www.mysql.com/downloads/connector/net/) and use C# scripts to communicate with you database.

answered Feb 04 '11 at 11:16 AM

Plato
1 ● 1

I'm sorry, but I completely disagree.

If your sending MySQL data directly, your MySQL connection details will need to be stored in the source code where it may be fairly trivial to extract (I'm not sure how Unity3D built projects work - but this is the case for iPhone apps).

This traffic can also be intercepted far more easily than SSL secured HTTP requests, and once it is intercepted the attacker has direct access to your database, allowing them complete access to your underlying database infrastructure and completely wreck havoc.

Yes, the MySQL traffic will be using the MySQL protocol, but it's completely unencrypted - your sending raw SQL statements directly to the database, in terms of security this is ludicrous.

Indeed it is possible to use SSL over a MySQL connection but this puts you back in the same bracket as HTTP to PHP, except that if the connection is broken your completely exposed to a vicious attack.

Much better to implement a secure tamper-proof PHP backend, with server-side validation and verification.

Aug 16 '11 at 12:44 PM mikeytrw

@mikeytrw: absolutely! All scripts in your build can be easily decompiled with ILSpy or other reflector programs. Storing sensitive connection data in your scripts will end in a disaster.

Aug 16 '11 at 12:55 PM Bunny83

(comments are locked)

Community

www php send data to mysql

Follow this question

Welcome to Unity Answers

Unity Answers tutorial video!

Related Questions