Ok I did it and It worked perfectly... thanks so much... But what about
adding security such as DBO or MDB2??
On Tue, Feb 26, 2008 at 8:31 PM, Abyss Knight <[EMAIL PROTECTED]>
wrote:
> Of course, Ben is right, this would work too. :) Of course, remember
> to prepare the SQL statement using DBO or MDB2 to prevent injection,
> or use addslashes/mysql_escape_string.
>
> -- William
>
>
> --- In flexcoders@yahoogroups.com <flexcoders%40yahoogroups.com>, Ben
> Marchbanks <[EMAIL PROTECTED]> wrote:
> >
> > Why not submit as a regular POST ?
> >
> > -------------------snippet---------------------
> >
> > var params:Object = new Object()
> >
> > params.UserName = PostUserNameTF.text
> >
> > PostUser.send(params).............
> >
> >
> > ----------Then handle the POST in PHP.-----------------------
> >
> > foreach($_POST AS $key => $values) { ${$key} = $values; }
> >
> > $query = "INSERT INTO Users (`UserName`) VALUES ('".$UserName."');
> >
> >
> >
> > Omar Fouad wrote:
> > >
> > >
> > > In my flex application i have a form with some text fields. When I
> > > submit the form an HTTPService.send() methid is called.
> > >
> > > <mx:HTTPService id="PostUser" method="GET"
> > > url="http://localhost/Flex/Pastarino/PostUsers.php
> > > <http://localhost/Flex/Pastarino/PostUsers.php>" useProxy="false"
> > > showBusyCursor="true"
> > > resultFormat="text" result="PostNewUserResponse(event);">
> > > </mx:HTTPService>
> > >
> > > the function is:
> > >
> > > public function PostNewUserResponse(event:ResultEvent):void {
> > > PostStatusL.text = String(event.result); // response
> > > from the php to the label in FLEX
> > > }
> > >
> > > when the Submit Button Is pressed it calls the following function
> > >
> > > public function PostNewUser():void {
> > > var PostArray:Array= new Array();
> > > PostArray = [{
> > > UserName: PostUserNameTF.text,
> > > Password: PostPasswordTF.text,
> > > name: PostNameTF.text,
> > > Position: PostPositionTF.text,
> > > ManageUsers: PostManageUsersCB.selected,
> > > CreateOrders: PostCreateOrdersCB.selected,
> > > CreateDishes: PostCreateDishesCB.selected
> > > }];
> > >
> > > var DataToSend:Object = new Object();
> > > var DataString:String = JSON.encode(PostArray);
> > > DataString = escape(DataString);
> > > DataToSend.PostUsers = "true";
> > > DataToSend.DataSent = DataString;
> > > PostUser.send(DataToSend);
> > > }
> > >
> > > At this point the php code would be:
> > >
> > > if(isset($_GET['PostUsers'])) {
> > > $jsonString = urldecode($_GET['DataSent']);
> > > $jsonString = str_replace("\\", "", $jsonString);
> > > $data = json_decode($jsonString, true);
> > >
> > > $connection = mysql_connect($URL, $USERNAME, $PASSWORD);
> > > mysql_select_db($DATABASE) or die('Cannot connect to database.
> Please
> > > Try Again...');
> > >
> > > $query = "INSERT INTO Users (name) VALUES ($data['name'])"; //
> only
> > > the name field for now...
> > >
> > > $result = mysql_query($query, $connection);
> > >
> > >
> > > But it is not working. I realized that $data['name'] is not
> getting the
> > > name field from flex.
> > >
> > > I also tried adding the values manually in php as in
> > >
> > > $query = "INSERT INTO Users (name) VALUES ('The Name is here')";
> > >
> > > and it WORKED!!. So i think the problem is that $data['name'] is not
> > > really retrieving the data from the array decoded by json_decode()
> (this
> > > is really frustrating me!!)
> > >
> > > How should It be?
> > >
> > > thanks for the help
> > >
> > > --
> > > Omar M. Fouad - Digital Emotions
> > > http://www.omarfouad.net <http://www.omarfouad.net>
> > >
> > > This e-mail and any attachment is for authorised use by the intended
> > > recipient(s) only. It may contain proprietary material, confidential
> > > information and/or be subject to legal privilege. It should not be
> > > copied, disclosed to, retained or used by, any other party. If you
> are
> > > not an intended recipient then please promptly delete this e-mail and
> > > any attachment and all copies and inform the sender. Thank you.
> > >
> > >
> >
> > --
> > Ben Marchbanks
> >
> > ::: magazooms :::
> > digital publishers, taking print beyond paper......
> >
> > http://www.magazooms.com
> >
> > Greenville, SC
> > 864.284.9918
> >
>
>
>
--
Omar M. Fouad - Digital Emotions
http://www.omarfouad.net
This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank you.
