Ask here your questions to get help using GDevelop.
By Angelica De Leon
#64692 Hello everyone,

I am trying to send parameters to my php file but when I try it it generates the error: Undefined index: peticion

This is what I wrote in the GDevelop:

host: "https://example.com"
path: "/duelos/enviar_duelo.php"
body: "peticion= inicio"
methods: "POST"
content type: "text / javascript"
variable: arr_inicio

The php file have permissions: 755
The code that my php has:
Code: Select all<?php
header('Content-Type: text/javascript');
header('Access-Control-Allow-Origin: https://example.com');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT');

$peticion = $_REQUEST['peticion'];

if ($peticion == 'inicio') {
    $id_usuario = $_COOKIE['loggedin'];
    $id_player = $id_usuario;
   
    include('../libreria/obtener_conexion_members.php');
    include('../libreria/obtener_ip_usuario.php');
    include('../libreria/obtener_ip_x_id.php');
   
    $ip_actual = get_client_ip();
    $ip_guardado = $arr_session['ip'];
   
    if ($ip_actual == $ip_guardado) {
       // Se obtiene valores del temp
        $valida_rival_temp = mysql_query("SELECT * FROM hm_rol_temp
            WHERE ind_duelo = 'S' and id_player=".$id_usuario, $db_connection);
           
          if (mysql_num_rows($valida_rival_temp) > 0)
                                        {
                                        $arr_temp =  mysql_fetch_assoc($valida_rival_temp);
                                        $id_rival = $arr_temp['id_rival'];
                                        $id_lugar = $arr_temp['id_lugar'];
                                        // datos del player
                                       
                                        $valida_player=mysql_query("SELECT * FROM hm_rol_players WHERE id_usuario = ".$id_player, $db_connection);

                                        if (mysql_num_rows($valida_player)<=0)
                                        {
                                            echo "Error al obtener datos del jugador al iniciar el duelo.";
                                        }
                                         $arr_player =  mysql_fetch_assoc($valida_player);
                                        $ataque_player =  $arr_player['ataque'];
                                        $defensa_player =  $arr_player['defensa'];
                                        $hambre_player =  $arr_player['hambre'];
                                        $cansancio_player =  $arr_player['cansancio'];
                                        $id_mano1_player =  $arr_player['mano_1'];
                                        $id_mano2_player =  $arr_player['mano_2'];
                                        $id_pecho_player =  $arr_player['pecho'];
                                        $id_cabeza_player =  $arr_player['cabeza'];
                                        $id_avatar_player =  $arr_player['id_avatar'];
                                        $hp_player = $defensa_player-($defensa_player*((20-$cansancio_player)/20));
                                        $fp_player = $ataque_player-($ataque_player*((10-$hambre_player)/10));
                                       
                                         
                                        // obtener nombres objetos
                                        if ($id_mano1_player > 0) {
                                            $id_objeto = $id_mano1_player;
                                             include('../libreria/obtener_objeto.php');
                                            $mano1_player = $arr_objeto['nombre'];
                                            $fp_player = $fp_player + ($ataque_player*($arr_objeto['ataque']/100));
                                        }
                                        if ($id_mano2_player > 0) {
                                            $id_objeto = $id_mano2_player;
                                             include('../libreria/obtener_objeto.php');
                                            $mano2_player = $arr_objeto['nombre'];
                                             $fp_player = $fp_player + ($ataque_player*($arr_objeto['ataque']/100));
                                        }
                                        if ($id_pecho_player > 0) {
                                            $id_objeto = $id_pecho_player;
                                             include('../libreria/obtener_objeto.php');
                                            $pecho_player = $arr_objeto['nombre'];
                                            $hp_player = $hp_player + ($defensa_player*($arr_objeto['defensa']/100));
                                        }
                                        if ($id_cabeza_player > 0) {
                                            $id_objeto = $id_cabeza_player;
                                             include('../libreria/obtener_objeto.php');
                                            $cabeza_player = $arr_objeto['nombre'];
                                            $hp_player = $hp_player + ($defensa_player*($arr_objeto['defensa']/100));
                                         }
       
                                        // datos del rival
                                         $id_usuario = $id_rival;
                                         include('../libreria/obtener_usuario_x_id.php');
                                         $nombre_rival = $arr_usuario_x_id['usuario'];
                                         $nivel_rival = $arr_usuario_x_id['nivel'];
                                         $monedas_rival = $arr_usuario_x_id['monedas_total'];
                                         
                                         
                                         
                                         $valida_rival=mysql_query("SELECT * FROM hm_rol_players WHERE id_usuario = ".$id_rival, $db_connection);

                                        if (mysql_num_rows($valida_rival)<=0)
                                        {
                                            echo "Error al obtener datos del rival al iniciar el duelo.";
                                        }
                                         $arr_rival =  mysql_fetch_assoc($valida_rival);
                                         
                                         $defensa_rival =$arr_rival['defensa'];
                                         $ataque_rival = $arr_rival['ataque'];
                                         $hambre_rival = $arr_rival['hambre'];
                                         $cansancio_rival = $arr_rival['cansancio'];
                                         $id_casco_rival = $arr_rival['cabeza'];
                                         $id_pecho_rival = $arr_rival['pecho'];
                                         $id_mano1_rival = $arr_rival['mano_1'];
                                         $id_mano2_rival = $arr_rival['mano_2'];
                                         $id_avatar_rival =  $arr_rival['id_avatar'];
                                         $hp_rival = $defensa_rival-($defensa_rival*((20-$cansancio_rival)/20));
                                         $fp_rival = $ataque_rival-($ataque_rival*((10-$hambre_rival)/10));
                                         
                                         if ($id_casco_rival >  0) {
                                             $id_objeto = $id_casco_rival;
                                             include('../libreria/obtener_objeto.php');
                                             $desc_casco_rival = $arr_objeto['nombre'];
                                              $hp_rival = $hp_rival + ($defensa_rival*($arr_objeto['defensa']/100));
                                         }
                                         if ($id_pecho_rival >  0) {
                                              $id_objeto = $id_pecho_rival;
                                              include('../libreria/obtener_objeto.php');
                                             $desc_pecho_rival = $arr_objeto['nombre'];
                                              $hp_rival = $hp_rival + ($defensa_rival*($arr_objeto['defensa']/100));
                                         }
                                          if ($id_mano2_rival >  0) {
                                             $id_objeto = $id_mano2_rival;
                                             include('../libreria/obtener_objeto.php');
                                             $desc_mano2rival = $arr_objeto['nombre'];
                                             $fp_rival = $fp_rival + ($ataque_rival*($arr_objeto['ataque']/100));
                                         }
                                         if ($id_mano1_rival >  0) {
                                              $id_objeto = $id_mano1_rival;
                                             include('../libreria/obtener_objeto.php');
                                             $desc_mano1rival = $arr_objeto['nombre'];
                                             $fp_rival = $fp_rival + ($ataque_rival*($arr_objeto['ataque']/100));
                                         }
            } else {                             
                echo "Error al iniciar el duelo, vuelve a intentarlo.";
             }
       echo '{
           "id_player":"'. $id_player.'",
           "id_lugar":"'. $id_lugar.'",
           "id_categoria":"1",
           "id_avatar_player":"'. $id_avatar_player.'",
           "id_mano1_player":"'. $id_mano1_player.'",
           "id_mano2_player":"'. $id_mano2_player.'",
           "id_cabeza_player":"'. $id_cabeza_player.'",
           "id_pecho_player":"'. $id_pecho_player.'",
           "hp_player":"'. $hp_player.'",
           "fp_player":"'. $fp_player.'",
           "id_rival":"'. $id_rival.'",
           "nombre_rival":"'. $nombre_rival.'",
           "id_avatar_rival":"'. $id_avatar_rival.'",
           "id_mano1_rivalr":"'. $id_mano1_rival.'",
           "id_mano2_rival":"'. $id_mano2_rival.'",
           "id_cabeza_rival":"'. $id_casco_rival.'",
           "id_pecho_rival":"'. $id_pecho_rival.'",
           "hp_rival":"'. $hp_rival.'",
           "fp_rival":"'. $fp_rival.'"
       }';
       mysql_close();
    } else {
         echo "Error, conflicto al iniciar sesion del duelo";
    }
} /*elseif () {
   
}*/

?>


With this attempt, when starting the game, get all the player's values
Please, help me with this?

Thank!
User avatar
By ddabrahim
#64693 It seems to me the problem is that your php being executed before it is actually receive the key 'peticion'

One thing you can try is instead if($peticion == inicio) try if($peticion) first this way you are checking if $peticion has received any key or not and compare the value after:

Code: Select allif($peticion){
      if($peticion == 'inicio'){
      }
}


Second thing you can try is use $_POST instead of $_REQUEST as $_REQUEST is a super global in PHP containing ALL data, you don't want them all in this case but only the one coming from $_POST. In case you are using $_REQUEST it might not get updated by the time you need the data and you also need to validate the source of the data. So in general $_REQUEST is recommended only if you want data from any source but always best to be specific by using $_COOKIE, $_POST and $_GET.

To be 100% sure you can also try isset() to check if a variable is set before trying to execute any script.

Code: Select allif(isset($peticion)){
   
}
By Angelica De Leon
#64694
ddabrahim wrote:It seems to me the problem is that your php being executed before it is actually receive the key 'peticion'

One thing you can try is instead if($peticion == inicio) try if($peticion) first this way you are checking if $peticion has received any key or not and compare the value after:

Code: Select allif($peticion){
      if($peticion == 'inicio'){
      }
}


Second thing you can try is use $_POST instead of $_REQUEST as $_REQUEST is a super global in PHP containing ALL data, you don't want them all in this case but only the one coming from $_POST. In case you are using $_REQUEST it might not get updated by the time you need the data and you also need to validate the source of the data. So in general $_REQUEST is recommended only if you want data from any source but always best to be specific by using $_COOKIE, $_POST and $_GET.

To be 100% sure you can also try isset() to check if a variable is set before trying to execute any script.

Code: Select allif(isset($peticion)){
   
}


Hello, thanks for answering me

I added the validation of the isset and changed the method a POST, before I worked with POST and GET and not work

Code: Select allif (isset($_POST['peticion'])) {
   $peticion = $_POST['peticion'];
} else {
    echo "Error! Peticion empty";
    exit;
}


The result is: "Error! Peticion empty" :?
User avatar
By ddabrahim
#64696 The key is not getting through for some reason. It can be caused by many things not sure if I can help you.

Maybe the content-type is not recognised, try application/x-www-form-urlencoded which is the default instead of text/javascript.

You can also add the following code to set the content type if it not recognised:
Code: Select allif(empty($_SERVER['CONTENT_TYPE']))
{
 $_SERVER['CONTENT_TYPE'] = "application/x-www-form-urlencoded";
}


Also make sure in your php.ini you allow POST and max size is set to be > 0 otherwise it wont accept it.

Also make sure https:// and http:// is not misused and not missing any character.
In case of https you may want to turn off CURLOPT_SSL_VERIFYPEER on your server because the verification may fail, just to try obviously if you want to send sensitive information you don't want to do this but see if that's the problem, if it solve the problem you need to configure your SSL certificate or buy one if you don't have one.
User avatar
By ddabrahim
#64703 The only problem with GET is that it is put the query string in to the URL that remain in browser history and can be easily exploited by hackers and also even if you are using HTTPS it log the information as plain text so anyone access the log on the server can read it. So it is something that worth considering.

The first things hackers normally try to do is injecting SQL queries through the input fields that is being executed by php and easily get access to any information or even alter your database this way especially if you are using GET method. It very easy to hack.

In case you are pushing sensitive information like passwords, usernames especially payment information you should be using POST along with encryption and you can and should also take security steps against SQL injection.