2
我想在排除的幫助下爲Android應用程序設置註冊和登錄活動。我已經能夠設置註冊頁面我有登錄活動
的問題,因爲電子郵件和密碼與數據庫不匹配。我使用的是網絡服務器 有我的登錄活動無法使用PHP,MySQL和Volley進行Android登錄
package com.gjs.tablepay;
import android.app.ProgressDialog;
import android.content.Intent;
import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.TextView;
import android.widget.Toast;
import com.android.volley.Request;
import com.android.volley.RequestQueue;
import com.android.volley.Response;
import com.android.volley.VolleyError;
import com.android.volley.toolbox.StringRequest;
import com.android.volley.toolbox.Volley;
import org.json.JSONArray;
import org.json.JSONObject;
import java.lang.reflect.Type;
import java.util.ArrayList;
import java.util.List;
public class LoginActivity extends AppCompatActivity {
EditText etxtloginemail,etxtloginpassword;
TextView txtRegister,txtforgotpass;
Button btnlogin;
PersonBean personbean;
// Is the Request to the Server
StringRequest stringRequest;
// Executes the Request
RequestQueue requestQueue;
ArrayList<PersonBean> personList;
ProgressDialog pd;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_login);
etxtloginemail=(EditText)findViewById(R.id.editTextloginemail);
etxtloginpassword=(EditText)findViewById(R.id.editTextloginpassword);
btnlogin=(Button)findViewById(R.id.buttonLogin);
txtRegister=(TextView)findViewById(R.id.textViewregister);
txtforgotpass=(TextView)findViewById(R.id.textViewforgotpass);
personbean = new PersonBean();
// Initialize Volley's Request Queue
requestQueue = Volley.newRequestQueue(this);
pd = new ProgressDialog(this);
txtRegister.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
startActivity(new Intent(LoginActivity.this,RegistrationActivity.class));
}
});
txtforgotpass.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
startActivity(new Intent(LoginActivity.this,ForgotpassActivity.class));
}
});
btnlogin.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
init();
}
});}
void retrievePerson(){
pd.show();
stringRequest = new StringRequest(Request.Method.POST, Util.RETRIEVE_URL,
// success
new Response.Listener<String>() {
@Override
public void onResponse(String s) {
pd.dismiss();
Toast.makeText(LoginActivity.this,"yo",Toast.LENGTH_LONG).show();
if(s.equalsIgnoreCase("success")){
Toast.makeText(LoginActivity.this,"yo",Toast.LENGTH_LONG).show();
startActivity(new Intent(LoginActivity.this,HomeActivity.class));
}else{
pd.dismiss();
Toast.makeText(LoginActivity.this,"No Person Found",Toast.LENGTH_LONG).show();
}
}
},
// failure
new Response.ErrorListener() {
@Override
public void onErrorResponse(VolleyError volleyError) {
// Toast.makeText(AllPersonsActivity.this,"Some Volley Error", Toast.LENGTH_LONG).show();
Log.i("AllPersonsActivity", volleyError.toString());
Log.i("AllPersonsActivity",volleyError.getMessage());
}
}
);
// Execute the StringRequest
requestQueue.add(stringRequest);
}
void init(){
personbean.setEmail(etxtloginemail.getText().toString().trim());
personbean.setPassword(etxtloginpassword.getText().toString().trim());
if(personbean.validateLoginPerson()){
if(Util.isNetworkConnected(this)){
retrievePerson();
}else{
Toast.makeText(this,"Please check your connectivity",Toast.LENGTH_LONG).show();
}
}else{
Toast.makeText(this,"Please Enter Details First",Toast.LENGTH_LONG).show();
}
}
}
這裏是我的login.php
<?php
$email=$_POST['email'];
$password=$_POST['password'];
include("dbconfig.php");
$user = @mysql_query("select uid from users where email='$email' and password='$password'");
$row = mysql_fetch_array($user,MYSQL_ASSOC);
$active = $row['active'];
$count = @mysql_num_rows($user);
$response =array();
if($count==1){
$response['success']=1;
$response['message']="Records Retrieved sucessfully";
}else{
$response['success']=0;
$response['message']="Retrieval Failure";
}
echo json_encode($response);
?>
***請[停止使用'mysql_ *'功能(http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions在PHP 7中已經刪除了*** [這些擴展](http://php.net/manual/en/migration70.removed-exts-sapis.php)。瞭解[prepared](http ://en.wikipedia.org/wiki/Prepared_statement)[PDO](http://php.net/manual/en/pdo.prepared-statements.php)和[MySQLi](http:// php。 net/manual/en/mysqli.quickstart.prepared-statements.php)並考慮使用PDO,[這真的很簡單](http://jayblanchard.net/demystifying_php_pdo.html)。 –
**切勿存儲純文本密碼!**請使用PHP的[內置函數](http://jayblanchard.net/proper_password_hashing_with_PHP.html)來處理密碼安全性。如果您使用的PHP版本低於5.5,則可以使用'password_hash()'[兼容包](https://github.com/ircmaxell/password_compat)。確保你*** [不要越獄密碼](http://stackoverflow.com/q/36628418/1011527)***或在哈希之前使用其他任何清理機制。這樣做*更改密碼並導致不必要的附加編碼。 –
[Little Bobby](http://bobby-tables.com/)說*** [你的腳本存在SQL注入攻擊風險。](http://stackoverflow.com/questions/60174/how-can- I-防止-SQL注入式-PHP)***。即使[轉義字符串](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)是不安全的! *** SQL注入!*** *這不僅僅是早餐!* –