仅允许来自Android App的PHP请求 [英] Allow only PHP request from Android App

问题描述

我有一些PHP页面可以接收POST请求并在我的MySQL数据库中进行CRUD操作...

I have some PHP pages that receive POST requests and make CRUD operations in my MySQL database...

我想知道是否有一种方法可以仅允许我的Android应用程序在我的页面中执行这些请求...

I would like to know if there is a way to allow only my Android application to do those requests in my pages...

由于我的应用程序需要Google登录名(该Google ID已经在我的数据库中注册了)，我在想检查客户端的Google ID是否通过PHP脚本存在于数据库中，但是它可以被伪造，对吧?

As my application requires Google Login (which Google IDs are already registered in my database), I was thinking in check if client's Google ID exists on database via PHP script, but it could be faked, right?

还有其他方法可以只允许我的Android应用程序在数据库中进行CRUD吗?也许使用PHP之外的另一种语言

Is there any other way to allow only my Android App to make CRUD in my database? Maybe using another language beside PHP

预先感谢

推荐答案

我想知道是否有一种方法可以仅允许我的Android应用程序在我的页面中执行这些请求...

I would like to know if there is a way to allow only my Android application to do those requests in my pages...

这是不可能的请求.

您不能保证最终用户正在使用您的应用程序通过公用网络(即Internet)将数据发送到服务器.句号，不会发生.

You cannot guarantee that end users are using your application to send data to your server over a public network (i.e. the Internet). Full stop, not gonna happen.

您应该做的是 ，以确保将服务器端代码写入到什么地方，无论向其添加了什么数据，服务器都不会遭到黑客入侵.

What you should do instead is ensure your server-side code is written to where, regardless of what data is hurled at it, your server doesn't get hacked.

这篇关于仅允许来自Android App的PHP请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！