在android中登錄到服務器端的會話處理php

Question

我想在android中執行會話處理過程。 在這裏，我已經成功登錄到Android，現在我無法處理登錄用戶的會話。 這是我login_suer.java（Android部分）

package com.iwantnew.www; 



import java.util.ArrayList; 
import java.util.List; 

import org.apache.http.NameValuePair; 
import org.apache.http.message.BasicNameValuePair; 
import org.json.JSONException; 
import org.json.JSONObject; 

import android.app.Activity; 
import android.app.ProgressDialog; 
import android.content.Intent; 
import android.os.AsyncTask; 
import android.os.Bundle; 
import android.util.Log; 
import android.view.View; 
import android.widget.Button; 
import android.widget.EditText; 
import android.widget.TextView; 

public class login_user extends Activity{ 
    private ProgressDialog pDialog; 
    JSONParser jsonParser = new JSONParser(); 
    EditText login_email; 
    EditText login_password; 
    Button signin; 
    TextView error_msg; 

    private static String url_create_signin= "http://10.0.2.2/android_iwant/login_user.php"; 
    // JSON Node names 
      private static final String TAG_SUCCESS = "success"; 
      public void onCreate(Bundle savedInstanceState) { 
       super.onCreate(savedInstanceState); 
       setContentView(R.layout.user_form); 

       // Edit Text 
       login_email = (EditText) findViewById(R.id.login_email); 
       login_password = (EditText) findViewById(R.id.login_password);    
       signin = (Button) findViewById(R.id.signin); 
       error_msg = (TextView) findViewById(R.id.error_msg); 

       signin.setOnClickListener(new View.OnClickListener() { 

        @Override 
        public void onClick(View view) { 
         // creating new product in background thread 
         new CheckLogin().execute(); 
        } 
       }); 
      } 

      class CheckLogin extends AsyncTask<String, String, String> { 
       /** 
       * Before starting background thread Show Progress Dialog 
       * */ 
       @Override 
       protected void onPreExecute() { 
        super.onPreExecute(); 
        pDialog = new ProgressDialog(login_user.this); 
        pDialog.setMessage("Signing in.."); 
        pDialog.setIndeterminate(false); 
        pDialog.setCancelable(true); 
        pDialog.show(); 
       } 
       /** 
       * Creating product 
       * */ 
       protected String doInBackground(String... args) { 

        //Building Parameters 
        List<NameValuePair> params = new ArrayList<NameValuePair>(); 
        params.add(new BasicNameValuePair("email",login_email.getText().toString())); 
        params.add(new BasicNameValuePair("password", login_password.getText().toString())); 

        // getting JSON Object 
        // Note that create product url accepts POST method 
        JSONObject json = jsonParser.makeHttpRequest(url_create_signin, 
          "POST", params); 

        // check log cat fro response 
        Log.d("Create Response", json.toString()); 

        // check for success tag 
        try { 
         int success = json.getInt(TAG_SUCCESS); 

         if (success == 1) { 
          // successfully created users 
          Intent i = new Intent(getApplicationContext(), post_item.class); 
          startActivity(i); 

          // closing this screen 
          finish(); 
         } else { 
          // failed to sign in 
          error_msg.setText("Incorrect username/password"); 

         } 
        } catch (JSONException e) { 
         e.printStackTrace(); 
        } 

        return null; 
       } 

       /** 
       * After completing background task Dismiss the progress dialog 
       * **/ 
       protected void onPostExecute(String file_url) { 
        // dismiss the dialog once done 
        pDialog.dismiss(); 
       } 

      } 


} 

現在我需要的想法在這個Java文件來啓動會話處理。 和服務器側的代碼如下：即login_user.php

<?php 
session_start(); 
// array for JSON response 
$response = array(); 
if(isset($_POST['email']) && isset($_POST['password'])){ 
    $email = $_POST['email']; 
    $password = $_POST['password']; 

// include db handler 
    require_once 'DB_Functions.php'; 
    $db = new DB_Functions(); 

    $user = $db->getUesrByEmailAndPassword($email, $password); 
     if ($user != false) { 
      // user found 
      // echo json with success = 1 
      $response["success"] = 1; 
      $response["uid"] = $user["unique_id"]; 
      $response["user"]["name"] = $user["name"]; 
      $response["user"]["email"] = $user["email"]; 
      $response["user"]["created_at"] = $user["created_at"]; 
      $response["user"]["updated_at"] = $user["updated_at"]; 
      echo json_encode($response); 
     } else { 
      // user not found 
      // echo json with error = 1 
      $response["error"] = 1; 
      $response["error_msg"] = "Incorrect email or password!"; 
      echo json_encode($response); 
     } 

} 

?> 

在此以上的PHP文件中使用的功能是即getUesrByEmailAndPassword（$電子郵件，$密碼） 低於：

public function getUserByEmailAndPassword($email, $password) { 
     $result = mysql_query("SELECT * FROM users WHERE email = '$email'") or die(mysql_error()); 
     // check for result 
     $no_of_rows = mysql_num_rows($result); 
     if ($no_of_rows > 0) { 
      $result = mysql_fetch_array($result); 
      $salt = $result['salt']; 
      $encrypted_password = $result['encrypted_password']; 
      $hash = $this->checkhashSSHA($salt, $password); 
      // check for password equality 
      if ($encrypted_password == $hash) { 
       // user authentication details are correct 
       //return $result; 
       session_start(); 
       $_SESSION['clientId'] = $result[0]; 
       $_SESSION['logged_in'] = TRUE; 
      } 
     } else { 
      // user not found 
      return false; 
     } 
    } 

請幫我使我的代碼工作。 任何幫助將不勝感激。 任何包含此類問題解決方案的鏈接都可能對我有所幫助。謝謝！

Answer 1

據我所見，您的getUserByEmailAndPassword()從未在成功的密碼檢查後返回實際的用戶數據。 //return $result;已被註釋掉。 $user因此是null，並且客戶端收到「不正確的電子郵件或密碼！」信息。

另一件事。爲了使PHP會話正常工作，客戶端必須接收並記住其session_id，並將其作爲GET或COOKIE參數與每個請求一起發送。看看你的代碼，我沒有看到android接收它的session_id。請參閱：http://www.php.net/manual/en/session.idpassing.php

順便說一句，在您的SQL查詢中直接使用未轉義的$email是一個壞主意。請參閱：How can I prevent SQL injection in PHP?