会议在android系统处理,同时登录到在PHP服务器端 [英] session handling in android while logging into the server side in php
问题描述
我试图做会话处理过程中的机器人。
在这里,我已经成功地通过机器人登陆到现在我waant处理登录用户的会话。
这是我的login_suer.java(Android部分)
I am trying to do the session handling process in android. Here I have successfully logged into through android and now i waant to handle the session of the logged in user. this is my login_suer.java(android part)
package com.iwantnew.www;
import java.util.ArrayList;
import java.util.List;
import org.apache.http.NameValuePair;
import org.apache.http.message.BasicNameValuePair;
import org.json.JSONException;
import org.json.JSONObject;
import android.app.Activity;
import android.app.ProgressDialog;
import android.content.Intent;
import android.os.AsyncTask;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.TextView;
public class login_user extends Activity{
private ProgressDialog pDialog;
JSONParser jsonParser = new JSONParser();
EditText login_email;
EditText login_password;
Button signin;
TextView error_msg;
private static String url_create_signin= "http://10.0.2.2/android_iwant/login_user.php";
// JSON Node names
private static final String TAG_SUCCESS = "success";
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.user_form);
// Edit Text
login_email = (EditText) findViewById(R.id.login_email);
login_password = (EditText) findViewById(R.id.login_password);
signin = (Button) findViewById(R.id.signin);
error_msg = (TextView) findViewById(R.id.error_msg);
signin.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
// creating new product in background thread
new CheckLogin().execute();
}
});
}
class CheckLogin extends AsyncTask<String, String, String> {
/**
* Before starting background thread Show Progress Dialog
* */
@Override
protected void onPreExecute() {
super.onPreExecute();
pDialog = new ProgressDialog(login_user.this);
pDialog.setMessage("Signing in..");
pDialog.setIndeterminate(false);
pDialog.setCancelable(true);
pDialog.show();
}
/**
* Creating product
* */
protected String doInBackground(String... args) {
//Building Parameters
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new BasicNameValuePair("email",login_email.getText().toString()));
params.add(new BasicNameValuePair("password", login_password.getText().toString()));
// getting JSON Object
// Note that create product url accepts POST method
JSONObject json = jsonParser.makeHttpRequest(url_create_signin,
"POST", params);
// check log cat fro response
Log.d("Create Response", json.toString());
// check for success tag
try {
int success = json.getInt(TAG_SUCCESS);
if (success == 1) {
// successfully created users
Intent i = new Intent(getApplicationContext(), post_item.class);
startActivity(i);
// closing this screen
finish();
} else {
// failed to sign in
error_msg.setText("Incorrect username/password");
}
} catch (JSONException e) {
e.printStackTrace();
}
return null;
}
/**
* After completing background task Dismiss the progress dialog
* **/
protected void onPostExecute(String file_url) {
// dismiss the dialog once done
pDialog.dismiss();
}
}
}
现在我需要的想法在这个Java文件来启动会话处理。
和服务器端的code是如下:即login_user.php
now i need the idea to start session handling in this java file. and the code of the server side is below: ie login_user.php
<?php
session_start();
// array for JSON response
$response = array();
if(isset($_POST['email']) && isset($_POST['password'])){
$email = $_POST['email'];
$password = $_POST['password'];
// include db handler
require_once 'DB_Functions.php';
$db = new DB_Functions();
$user = $db->getUesrByEmailAndPassword($email, $password);
if ($user != false) {
// user found
// echo json with success = 1
$response["success"] = 1;
$response["uid"] = $user["unique_id"];
$response["user"]["name"] = $user["name"];
$response["user"]["email"] = $user["email"];
$response["user"]["created_at"] = $user["created_at"];
$response["user"]["updated_at"] = $user["updated_at"];
echo json_encode($response);
} else {
// user not found
// echo json with error = 1
$response["error"] = 1;
$response["error_msg"] = "Incorrect email or password!";
echo json_encode($response);
}
}
?>
在此之上的PHP文件中使用该功能即getUesrByEmailAndPassword($电子邮件,$密码)
是如下:
the function used in this above php file is i.e getUesrByEmailAndPassword($email, $password) is below :
public function getUserByEmailAndPassword($email, $password) {
$result = mysql_query("SELECT * FROM users WHERE email = '$email'") or die(mysql_error());
// check for result
$no_of_rows = mysql_num_rows($result);
if ($no_of_rows > 0) {
$result = mysql_fetch_array($result);
$salt = $result['salt'];
$encrypted_password = $result['encrypted_password'];
$hash = $this->checkhashSSHA($salt, $password);
// check for password equality
if ($encrypted_password == $hash) {
// user authentication details are correct
//return $result;
session_start();
$_SESSION['clientId'] = $result[0];
$_SESSION['logged_in'] = TRUE;
}
} else {
// user not found
return false;
}
}
请帮助我,使我的code工作。
任何帮助将AP preciated。
任何含有链接这样的问题的解决方案可能是对我有帮助。谢谢!
Please help me to make my code working. Any help will be appreciated. Any link containing such problem solution can be helpful for me. thank you!
推荐答案
据我所看到的,你的 getUserByEmailAndPassword()永远不会返回全成密码校验后,实际的用户数据。 //返回$结果; 被注释掉。因此, $用户是空,和客户端收到不正确的电子邮件或密码!消息。
As far as I can see, your getUserByEmailAndPassword() never returns actual user data after successfull password check. //return $result; is commented out. $user is therefore null, and client receives "Incorrect email or password!" message.
另一件事。对于PHP会议的工作,客户端必须接收并记住它的SESSION_ID并用GET或COOKIE参数的每一个请求发送。看着你code,我没有看到Android的接受其SESSION_ID。请参阅: http://www.php.net/manual/en/session.idpassing .PHP
Another thing. For PHP sessions to work, client has to receive and remember its session_id and send it with every request as GET or COOKIE parameter. Looking at your code, I don't see android receiving its session_id. See: http://www.php.net/manual/en/session.idpassing.php
顺便说一句,使用您的SQL直接从POST查询转义 $电子邮件是一个坏主意。请参阅:我如何prevent SQL注入在PHP ?
By the way, using unescaped $email in your SQL query directly from POST is a bad idea. See: How can I prevent SQL injection in PHP?
这篇关于会议在android系统处理,同时登录到在PHP服务器端的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
