Android:使用SSL/HTTPS与PHP连接到数据库并使用POST/GET [英] Android: Using SSL/HTTPS to connect with PHP to database and use POST/GET

问题描述

我以前使用HTTP建立与mysql的php的连接，现在被要求使用HTTPS，因为它更安全.但是我尝试了太多方法，但无法使平板电脑发布或获取任何信息，我制作了一个自签名证书，然后将其添加到本地计算机"受信任的区域，这样我就不会被问到它是否未经验证，我是否要继续，我尝试通过浏览器连接，它工作正常，并打印了我需要的所有信息，但没有通过应用程序打印.我附加了以前的HTTP代码，需要将其更改为HTTPS.希望获得一些帮助以将此连接更改为HTTPS.

I used to make my connection to php for mysql with HTTP, Now I am asked to use HTTPS as it is more secure. but i tried too many ways but can't get the tablet to POST or GET any information, I made a self signed certificate and added to Local Computer trusted zone so i wont be asked that its is not verified do i want to continue, i tried connecting by browser and it worked fine and printed all the info that i needed, but not through the application. i attached my previous HTTP code that i need to change to HTTPS. would like some help to change this connection to HTTPS.

    httpclient = new DefaultHttpClient();
    httppost = new HttpPost ("http://xx.xx.xx.xx/E-MENU/login.php");        
    username = etUser.getText().toString();
    password = etPass.getText().toString();
    password = md5(SHA1(password));

try{
    nameValuePairs = new ArrayList<NameValuePair>();
    nameValuePairs.add(new BasicNameValuePair("username", username));
    nameValuePairs.add(new BasicNameValuePair("password", password));
    httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
    response = httpclient.execute(httppost);


if(response.getStatusLine().getStatusCode() == 200){
    entity = response.getEntity();
        if (entity!= null){

InputStream instream = entity.getContent();
JSONObject jsonResponse = new JSONObject (convertStreamToString(instream));

推荐答案

Log.e("body", body);
            HttpClient httpclient = getNewHttpClient();

            HttpPost httppost = new HttpPost("https://www.demo.com/login.php");

             nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("username", username));
nameValuePairs.add(new BasicNameValuePair("password", password));
httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));


            httppost.setEntity(entity);
            response = httpclient.execute(httppost);;


            Log.e("response", response.getStatusLine().toString());
            String aaa = response.getStatusLine().toString();
            Toast.makeText(getApplicationContext(), "Content :"+ aaa, Toast.LENGTH_LONG).show();
            HttpEntity entity1 = response.getEntity();
            is = entity1.getContent();

                //Toast.makeText(getApplicationContext(), "Content :"+ (CharSequence) is, Toast.LENGTH_LONG).show();

        }catch(Exception e){
            Log.e("log_tag", "Error in http connection "+e.toString());
        }


public HttpClient getNewHttpClient() {
        try {
            KeyStore trustStore = KeyStore.getInstance(KeyStore
                    .getDefaultType());
            trustStore.load(null, null);

            SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
            sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

            HttpParams params = new BasicHttpParams();
            HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
            HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

            SchemeRegistry registry = new SchemeRegistry();
            registry.register(new Scheme("http", PlainSocketFactory
                    .getSocketFactory(), 80));
            registry.register(new Scheme("https", sf, 443));

            ClientConnectionManager ccm = new ThreadSafeClientConnManager(
                    params, registry);

            return new DefaultHttpClient(ccm, params);
        } catch (Exception e) {
            return new DefaultHttpClient();
        }
    }

MySSLSocketFactory.java

public class MySSLSocketFactory extends SSLSocketFactory {
    SSLContext sslContext = SSLContext.getInstance("TLS");

    public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(truststore);

        TrustManager tm = new X509TrustManager() {
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };

        sslContext.init(null, new TrustManager[] { tm }, null);
    }

    @Override
    public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException {
        return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
    }

    @Override
    public Socket createSocket() throws IOException {
        return sslContext.getSocketFactory().createSocket();
    }
}

如果您的代码高于4.0，则在代码中添加

 StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder().permitAll().build();
         StrictMode.setThreadPolicy(policy);

这篇关于Android:使用SSL/HTTPS与PHP连接到数据库并使用POST/GET的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！