当前位置: 文江博客话题详情

php 会话在 Android 应用程序中被破坏

发布于 2024-11-06 07:21:28 字数 278 浏览 0 评论 0原文

我正在android中构建一个登录应用程序,其中我点击一个url(带有用户名和密码),直到该部分它工作正常,但之后每当我点击一个url(一旦用户通过身份验证),它什么都不返回(即错误消息,例如请先登录)。 然而,它在非常相似的 iPhone 应用程序和浏览器上运行良好。

我不明白真正的问题是什么。服务器端是否有任何问题(即在 php 编码中)或者 Android 应用程序有问题。我们实际上不能责怪服务器端编码,因为它在同一个 iPhone 应用程序和浏览器上工作得很好。

任何想法或帮助将不胜感激。 谢谢。

原文

I am building a login application in android in which i am hitting a url(with username and password) upto that part it works fine but after that whenever I am hitting a url(once the user is authenticated) , it return nothing(i.e. a error message like please login first).
However it works fine in very similar iphone app and on browser.

I could not understand that what is the actual problem. Is there any problem on server side(i.e. in php coding ) or there is something wrong with android app. We cant actually blame the server side coding because it works fine for same iphone app and on browser.

Any idea or help will be highly appreciated.
Thanks.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

木緿 2024-11-13 07:21:28

当您通过浏览器浏览站点时,您的 Php 脚本使用会话令牌来识别访问者。通常它存储在 PHPSESSID 变量中。

如果您希望 Android 应用程序在服务器端保持身份验证,您需要在第一次连接后获取该 id,然后将其发送到所有后续请求的标头中。

**编辑:** 这就是您想要做的: 如何在 Android 和/或 Java 中使用 HttpClient 管理 cookie?

Your Php script uses a session token to identify the visitor when you browse the site via a browser. Ususally its stored in a PHPSESSID variable.

If you want your Android application to stay authenticated on the server side you need to fetch that id after the first connection and then send it in the headers of all your subsequent requests.

**EDIT : ** This is what you want to do : How do I manage cookies with HttpClient in Android and/or Java?

回复 原文
久夏青 2024-11-13 07:21:28

您可以使用活动的 DefaultHttpClient 连接,并通过 $_SESSION 在服务器端对每个移动请求进行验证。这是一个小示例代码(不适用于生产)

首先有一个类:

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.ArrayList;

import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;

public class NetClient {

    private HttpClient client = null;

    public NetClient() {
        client = new DefaultHttpClient();
    }

    public String request(String url) throws ClientProtocolException, IOException {
        HttpPost post = new HttpPost(url);
        HttpResponse res = client.execute(post);

        BufferedReader br = new BufferedReader(new InputStreamReader(res.getEntity().getContent()));
        String data = "";
        String line = "";
        while ((line = br.readLine()) != null) {
             data = data + line;
        }
        return data;
    }

    public String login(String url) throws ClientProtocolException, IOException {
        HttpPost post = new HttpPost(url);

        ArrayList pa = new ArrayList();
        pa.add( new BasicNameValuePair( "username", "admin"));
        pa.add( new BasicNameValuePair( "password", "admin"));
        post.setEntity( new UrlEncodedFormEntity(pa, "UTF-8"));

        HttpResponse res = client.execute(post);

        BufferedReader br = new BufferedReader(new InputStreamReader(res.getEntity().getContent()));
        String data = "";
        String line = "";
        while ((line = br.readLine()) != null) {
             data = data + line;
        }
        return data;
    }
}

然后在 mainactivity.java

StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder().permitAll().build();
StrictMode.setThreadPolicy(policy);

try {
    NetClient n = new NetClient();

    String k = n.login("http://x.com/testAREA/securetrans/login.php");
    Log.w("login result", k);

    String l = n.request("http://x.com/testAREA/securetrans/content.php");
    Log.w("ask if logged in", l);

} catch (ClientProtocolException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
} catch (IOException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
}

其中 login.php

<?php
session_start();

if(isset($_POST['username']))
{
    $username = $_POST['username'];
    $password = $_POST['password'];

    if($username == 'admin' && $password == 'admin')
    {
        $_SESSION['username'] = $username;

        echo "admin setted";

        exit;
    }
    else
    {
        echo "-1";
    }
}
?>

content.php 为:

<?php
session_start();

if(isset($_SESSION['username']))
{
    echo "login ok";
}
else
{
    echo "not login";
}
?>

当我们运行时此示例代码将以

echo "login ok";

更多信息结尾: http: //www.pipiscrew.com/2014/11/phpandroid-secure-connection-with-session-variable/

You can use an active DefaultHttpClient connection and make validations on each mobile-request, at server side, through $_SESSION. Here is a small sample code (is not for production)

First there is a class:

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.ArrayList;

import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;

public class NetClient {

    private HttpClient client = null;

    public NetClient() {
        client = new DefaultHttpClient();
    }

    public String request(String url) throws ClientProtocolException, IOException {
        HttpPost post = new HttpPost(url);
        HttpResponse res = client.execute(post);

        BufferedReader br = new BufferedReader(new InputStreamReader(res.getEntity().getContent()));
        String data = "";
        String line = "";
        while ((line = br.readLine()) != null) {
             data = data + line;
        }
        return data;
    }

    public String login(String url) throws ClientProtocolException, IOException {
        HttpPost post = new HttpPost(url);

        ArrayList pa = new ArrayList();
        pa.add( new BasicNameValuePair( "username", "admin"));
        pa.add( new BasicNameValuePair( "password", "admin"));
        post.setEntity( new UrlEncodedFormEntity(pa, "UTF-8"));

        HttpResponse res = client.execute(post);

        BufferedReader br = new BufferedReader(new InputStreamReader(res.getEntity().getContent()));
        String data = "";
        String line = "";
        while ((line = br.readLine()) != null) {
             data = data + line;
        }
        return data;
    }
}

Then at mainactivity.java

StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder().permitAll().build();
StrictMode.setThreadPolicy(policy);

try {
    NetClient n = new NetClient();

    String k = n.login("http://x.com/testAREA/securetrans/login.php");
    Log.w("login result", k);

    String l = n.request("http://x.com/testAREA/securetrans/content.php");
    Log.w("ask if logged in", l);

} catch (ClientProtocolException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
} catch (IOException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
}

Where login.php

<?php
session_start();

if(isset($_POST['username']))
{
    $username = $_POST['username'];
    $password = $_POST['password'];

    if($username == 'admin' && $password == 'admin')
    {
        $_SESSION['username'] = $username;

        echo "admin setted";

        exit;
    }
    else
    {
        echo "-1";
    }
}
?>

and content.php as :

<?php
session_start();

if(isset($_SESSION['username']))
{
    echo "login ok";
}
else
{
    echo "not login";
}
?>

When we run this sample code will end with

echo "login ok";

More information at: http://www.pipiscrew.com/2014/11/phpandroid-secure-connection-with-session-variable/

回复 原文
恬淡成诗 2024-11-13 07:21:28

我最近遇到过这个问题,当我们从 Android 访问 API 时,PHP 会话没有被创建。

花了一些时间后,我想通了。

要创建会话,您需要为 API 调用启用 cookie。
您必须设置可以接受来自传入 HTTP 响应的 cookie 并为传出 HTTP 请求提供 cookie 的处理程序。

要启用 cookie,您必须在 OkHttpClient 中添加 cookieJar

import okhttp3.JavaNetCookieJar
import java.net.CookieManager

    val okHttpClient = OkHttpClient.Builder()
                .cookieJar(JavaNetCookieJar(CookieManager()))
                .build()

I have encountered this very recently, the PHP session was not getting created when we hit the API from Android.

After spending some time, I figured it out.

For creating sessions you need to enable cookies for the API call.
you have to set the handler that can accept cookies from incoming HTTP responses and provides cookies to outgoing HTTP requests.

For enabling cookies you have to add cookieJar in your OkHttpClient.

import okhttp3.JavaNetCookieJar
import java.net.CookieManager

    val okHttpClient = OkHttpClient.Builder()
                .cookieJar(JavaNetCookieJar(CookieManager()))
                .build()
回复 原文
~没有更多了~

关于作者

拔了角的鹿

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

烙印

文章 0 评论 0

singlesman

文章 0 评论 0

给自己一个微笑

文章 0 评论 0

独孤求败

文章 0 评论 0

晨钟暮鼓

文章 0 评论 0

我是自愿种绣球花的

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文