Extra output from my Php JSON

I've be开发者_如何学Pythonen learning Php/SQL/JSON for just over 24 hours now and its gone pretty well. I've made a DB, have php page now to add data to the DB.

I made a php page to return a JSON object. And it does do that, but It returns some text also it seems.

[{"id":"5","udid":"4564645","name":"LastName","score":"999999.00","date":"2011-04-14 18:10:33"},{"id":"4","udid":"9123456789012345678901234567590123456789","name":"sdfdsf","score":"111110.13","date":"2011-04-14 18:10:01"},{"id":"3","udid":"0123456789012345678901234567890123456789","name":"derktreb","score":"710.13","date":"2011-04-14 18:09:12"},{"id":"1","udid":"0123456789012345678901234567890123456789","name":"brandontreb","score":"210.13","date":"2011-04-14 11:40:05"},{"id":"2","udid":"0123456789012345678901234567890123456789","name":"brandontreb","score":"210.13","date":"2011-04-14 18:08:35"}]
Name    Score

[EDIT] 'Name' 'Score' are no longer appearing. Was an old version of this php file being called that was causing it to appear. The code below seems to be working ok. See any problems in it?

If you see any noob mistakes I've made please point them out to me.

PHP Code:

<?php
// get_scores.php
/** MySQL database name */
define('DB_NAME', 'b_Chat');
/** MySQL database username */
define('DB_USER', 'b_App');
/** MySQL database password */
define('DB_PASSWORD', 'testtesttest');
/** MySQL hostname */
define('DB_HOST', $_ENV{DATABASE_SERVER});

$table = "highscores";

// Initialization
$conn = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
mysql_select_db(DB_NAME, $conn);

// Error checking
if(!$conn) {
    die('Could not connect ' . mysql_error());
}

$type   = isset($_GET['type']) ? $_GET['type'] : "global";
$offset = isset($_GET['offset']) ? $_GET['offset'] : "0";
$count  = isset($_GET['count']) ? $_GET['count'] : "10";
$sort   = isset($_GET['sort']) ? $_GET['sort'] : "score DESC";

// Localize the GET variables
$udid  = isset($_GET['udid']) ? $_GET['udid'] : "";
$name  = isset($_GET['name']) ? $_GET['name']  : "";

// Protect against sql injections
$type   = mysql_real_escape_string($type);
$offset = mysql_real_escape_string($offset);
$count  = mysql_real_escape_string($count);
$sort   = mysql_real_escape_string($sort);
$udid   = mysql_real_escape_string($udid);
$name   = mysql_real_escape_string($name);

// Build the sql query
$sql = "SELECT * FROM $table WHERE ";

switch($type) {
    case "global":
        $sql .= "1 ";
        break;
    case "device":
        $sql .= "udid = '$udid' ";
        break;
    case "name":
        $sql .= "name = '$name' ";
        break;
}

$sql .= "ORDER BY $sort ";
$sql .= "LIMIT $offset,$count ";

$result = mysql_query($sql,$conn);

if(!$result) {
    die("Error retrieving scores " . mysql_error());
}
//echo $result;
$rows = array();
while($row = mysql_fetch_assoc($result)) {
    $rows[] = $row;
}

echo json_encode($rows);
mysql_free_result($result);
mysql_close($conn);
?>

Many Thanks, -Code

one optimization

instead of this

// Protect against sql injections
$type   = mysql_real_escape_string($type);
$offset = mysql_real_escape_string($offset);
$count  = mysql_real_escape_string($count);
$sort   = mysql_real_escape_string($sort);
$udid   = mysql_real_escape_string($udid);
$name   = mysql_real_escape_string($name);

try shorthand ( first handle mysql injection with `$_GET`)

$get_data = array_map('mysql_real_escape_string',$_GET);

Note: $_GET should not be multidimensional array

also change the order

mysql_free_result($result);
mysql_close($conn);
echo json_encode($rows);

it appears to be that something else is executing AFTER this snippet...

try adding exit(); after the mysql_close() and see what happens. If you get the result you are expecting then its a definite that your request is also executing other code too.