jQuery Grid Plugin - jqGridForum

Topic RSS

Json Data not show in table

03/05/2012
21:00

destrutorx

New Member

Members

Forum Posts: 1

Member Since:
03/05/2012

Offline

Hello people.

I'm using PHP to load a JSON to JQGRID but the table is coming empty. I have printed the PHP result and I can't find the error.

My data (created via PHP):

{ "page": "", "total": "0", "records": "3", "rows": [{ "id": "1", "cell": ["teste", "teste", "teste", "teste", "teste"] },{ "id": "3", "cell": ["teste", "teste", "teste", "teste", "teste", "teste", "teste", "teste"] },{ "id": "2", "cell": ["teste", "teste", "teste", "teste", "teste", "teste", "teste", "teste"] }]}

My PHP code:

$conexao = new Conexao;

$code = mysql_escape_string($_GET['code']);

$page = mysql_escape_string($_GET['page']);

$limit = mysql_escape_string($_GET['rows']);

$sidx = mysql_escape_string($_GET['sidx']);

$sord = mysql_escape_string($_GET['sord']);

if( !$sidx ) { $sidx = 1; }

$contador = Reuniao::total_listar($code, true, 'Ativo'); // select data count in mysql table

if( $contador > 0 ) {

$total_pages = ceil($contador/$limit);

} else $total_pages = 0;

if($page > $total_pages) { $page = $total_pages; }

$start = $limit * $page – $limit;

$linha = Reuniao::listar($code, false, NULL, $sidx, $sord, $start, $limit); // select data in mysql table

$saida = '{ "page": "' . $page . '", "total": "' . $total_pages . '", "records": "' . $contador . '", "rows": [';

$count = 1;

foreach ($linha as $l):

if( $count == count($linha) ) {

$saida .= '{ "id": "' . $l['cod_reuniao'] . '", "cell": ["teste", "teste", "teste", "teste", "teste", "teste", "teste", "teste"] }';

} else {

$saida .= '{ "id": "' . $l['cod_reuniao'] . '", "cell": ["teste", "teste", "teste", "teste", "teste", "teste", "teste", "teste"] },';

}

$count++;

endforeach;

$saida .= ']}';

echo $saida;

Can anyone help me to see what is wrong here?

11/05/2012
21:30

brandonkirsch

Ohio

Member

Members

Forum Posts: 9

Member Since:
27/04/2012

Offline

I can't see the definition of Reuniao::listar, but there is a very high chance that your code contains SQL injection vulnerabilities, especially around the page, limit and sord parameters. You cannot simply mysql_escape some of these parameters and remain protected.

Second, you are building the JSON object by hand, and improperly escaping data (quotes within your values) that would lead to invalid JSON syntax. Instead of:

foreach ($linha as $l):

if( $count == count($linha) ) {

$saida .= '{ "id": "' . $l['cod_reuniao'] . '", "cell": ["teste", "teste", "teste", "teste", "teste", "teste", "teste", "teste"] }';

} else {

$saida .= '{ "id": "' . $l['cod_reuniao'] . '", "cell": ["teste", "teste", "teste", "teste", "teste", "teste", "teste", "teste"] },';

}

You should try using json_encode to do all of the PHP array to JSON object conversion:

$saida = array();

foreach ($linha as $l):

if( $count == count($linha) ) {

$saida[] = array('id' => $l['code_reuniao'], 'cell' => array('teste', 'teste', 'teste, 'teste', etc....));

} else {

$saida[] = array('id' => $l['cod_reunaio'], 'cell' => array('teste', 'teste', 'testes', etc...));

}

endforeach;

echo json_encode($saida);

All RSS

Forum Timezone: Europe/Sofia

Most Users Ever Online: 715

Currently Online:
26 Guest(s)

Currently Browsing this Page:
1 Guest(s)