Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trial
Jackie Jen
2,723 PointsHow android connect with mysql using php in xammp
I have found some example on how android part connecting/ communicate with mysql in xampp
http://www.tutorialspoint.com/android/android_php_mysql.htm
above link teaching in two ways method using GET & POST. I should use POST method to connect right because i'm scaring of sql injection.
Is there other standard way for android to connect to mysql using php?
1 Answer
Logan R
22,989 PointsI would not follow that guide personally because it uses mysql_* commands. If you do not want to face SQL injections and use a secure method when connecting to MySQL through PHP, I would suggest using the PDO object.
We have a course here on TeamTree House you can do in the PHP section that covers PHP with MySQL in depth.
http://teamtreehouse.com/library/using-php-with-mysql
As far as is it good to use with Android I am not very sure. I have not done much work with SQL and Android, sorry :/
Jackie Jen
2,723 PointsJackie Jen
2,723 PointsHi Logan,
Thanks, I also found if using mysqli_* commands and using mysql_real_escape_string function to avoid sql injection. below link show how to use it.
http://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php
if i'm wrong please correct me.
Regards
Logan R
22,989 PointsLogan R
22,989 PointsUsing
MySQL_real_escape_stringwill work, most of the time. The only problem with usingmysql_*commands is that as of PHP 5.5.0, it is deprecated.(I am not sure what the difference between mysql and mysqli commands are, sorry.)
http://php.net/manual/en/function.mysql-connect.php