-1

I am getting this error:

Undefined property: stdClass::$newsId

How can I fix this error?

I am getting error in this line:

$newsId = $request -> {'newsId'};

The whole code:

<?php

include 'config/db_config.php';

$data = file_get_contents("php://input");
$request = json_decode($data);
$response = array();
$isValidRequest = false;

//{"action":"REGISTER_USER","userName":"Mr. Amir"}
//REGISTER_USER
//ADD_NEWS
//GET_NEWS
//UPDATE_NEWS
//DELETE_NEWS

if(isset($request->{'action'})){
    if($request->{'action'} == 'REGISTER_USER'){
        $isValidRequest = true;
        $userName = $request -> {'userName'};

        $query = $connection->prepare("INSERT INTO user(name) VALUES (?)");
        $query->bind_param("s", $userName);
        $result = $query->execute(); 
        if($result){
            $response['userId'] = mysqli_insert_id($connection);
            $response['status'] = true; 
            $response['responseCode'] = 0; //User Registered Successfully
            $response['message'] = "User Registered Successfully";              
        }else{
            $response['status'] = false; 
            $response['responseCode'] = 102; //User Registered Failed
            $response['message'] = "User Registered Failed";                
        }
    }

    if($request->{'action'} == 'ADD_NEWS'){
        $isValidRequest = true;

        $headline = $request -> {'headline'};
        $description = $request -> {'description'};
        $userId = $request -> {'userId'};

        $query = $connection->prepare("INSERT INTO news(headline,description,user_id) VALUES (?,?,?)");
        $query->bind_param("sss", $headline, $description, $userId);
        $result = $query->execute();

        if($result){
            $response['newsId'] = mysqli_insert_id($connection);
            $response['status'] = true; 
            $response['responseCode'] = 0; //News Added Successfully
            $response['message'] = "News Added Successfully";               
        }else{
            $response['status'] = false; 
            $response['responseCode'] = 103; //News not added
            $response['message'] = "News Not Added";
        }
    }

    if($request->{'action'} == 'GET_NEWS'){
        $isValidRequest = true;

        $userId = $request -> {'userId'};
        $query = "SELECT n.id as newsId, u.id as userId, n.date_time as newsDateTime, u.date_time as userDateTime, n.*, u.* FROM news n INNER JOIN user u on n.user_id = u.id";
        $result = mysqli_query($connection, $query);

        //$query = $connection->prepare("SELECT n.id as newsId, u.id as userId, n.date_time as newsDateTime, u.date_time as userDateTime, n.*, u.* FROM news n INNER JOIN user u on n.user_id = u.id");
        //$result = $query->execute();

        if($result && mysqli_num_rows($result)>0){
            $myNews = array();
            $allNews = array();
            while(($row = mysqli_fetch_assoc($result))!=null){
                $news = array();
                $news["newsId"] = $row['newsId'];
                $news["newsBy"] = $row['name'];
                $news["headline"] = $row['headline'];
                $news["description"] = $row['description'];
                $news["dateTime"] = $row['newsDateTime'];

                $allNews[] = $news;

                if($row['userId'] == $userId){
                    $myNews[] = $news;
                }
            }

            $response['status'] = true; 
            $response['responseCode'] = 0; //News are available
            $response['message'] = "News is Available";
            $response['allNews'] = $allNews;
            $response['myNews'] = $myNews;

        }else{
            $response['status'] = false; 
            $response['responseCode'] = 104; //News not available
            $response['message'] = "News Not Available";
        }
    }

    if($request->{'action'} == 'UPDATE_NEWS'){
        $isValidRequest = true;

        $userId = $request -> {'userId'};
        $headline = $request -> {'headline'};
        $description = $request -> {'description'};
        $newsId = $request -> {'newsId'};

        $query = "UPDATE news SET headline = '".$headline."',description = '".$description."' WHERE id = '".$newsId."'";

        $result = mysqli_query($connection, $query);
        if($result){
            $response['newsId'] = $newsId;
            $response['status'] = true; 
            $response['responseCode'] = 0; //News Updated Successfully
            $response['message'] = "News Updated Successfully";             
        }else{
            $response['status'] = false; 
            $response['responseCode'] = 105; //News not updated
            $response['message'] = "News Not Updated";
        }

    }

    if($request->{'action'} == 'DELETE_NEWS'){
        $isValidRequest = true;
    }

    if(!$isValidRequest){
        $response['status'] = false; 
        $response['responseCode'] = 100; //Invalid request action
        $response['message'] = "Invalid request action";
    }
}else{
    $response['status'] = false; 
    $response['responseCode'] = 100; //Request action not defined
    $response['message'] = "Request action not defined";
}

echo json_encode($response);
Dharman
  • 26,923
  • 21
  • 73
  • 125
Safin Mahesania
  • 1
  • 4
  • What properties does `$request` have? – Dharman Jun 01 '22 at 20:48
  • **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/32391315) – Dharman Jun 01 '22 at 20:49

0 Answers0