0
我是使用php,json,mysql和httpclient的android應用程序的新手。 我想做一個註冊和登錄應用程序。在註冊中,已成功。但是當我登錄時遇到問題。每個輸入的電子郵件和密碼都會給出錯誤「無效的電子郵件或密碼」。即使我輸入了一個正確的電子郵件和密碼。代碼如下。使用Httpclient進行Android登錄
login1.php
<?php
define('HOST','mxxxx.xxxxx.com');
define('USER','xxxxxx');
define('PASS','xxxxx');
define('DB','xxxxxx');
$con = mysqli_connect(HOST,USER,PASS,DB);
$emailAddress = $_POST['email'];
$passWord = $_POST['password'];
$sql = "select * from user where email='$emailAddress' and password='$passWord'";
$res = mysqli_query($con,$sql);
$check = mysqli_fetch_array($res);
if(isset($check)){
echo 'success';
}else{
echo 'failure';
}
mysqli_close($con);
?>
則LoginActivity.class(在eclipse)
public class LoginActivity extends Activity{
public static final String KEY_EMAIL="emailAddress";
public static final String KEY_PASSWORD="passWord";
private EditText etPassword, etEmail;
String passWord,emailAddress,email;
Button login;
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.login);
TextView registerScreen = (TextView) findViewById(R.id.link_to_register);
etEmail=(EditText)findViewById(R.id.ET_email);
etPassword=(EditText)findViewById(R.id.ET_password);
login=(Button)findViewById(R.id.btnLogin);
login.setOnClickListener(new View.OnClickListener() {
public void onClick(View arg0) {
//fullName= etFullName.getText().toString();
passWord=etPassword.getText().toString();
emailAddress=etEmail.getText().toString();
if (!isValidEmail(emailAddress)) {
etEmail.setError("Please Enter Valid Email");
etEmail.requestFocus();
}
else if (!isValidPassword(passWord)){
etPassword.setError("Password min. 6 characters");
etPassword.requestFocus();
}else{
//new LoginAsync().execute(emailAddress,passWord);
login(emailAddress,passWord);
// new BackgroundTaskLogin(LoginActivity.this).execute(emailAddress,passWord);
etEmail.setText("");
etPassword.setText("");
}
}
});
// Listening to register new account link
registerScreen.setOnClickListener(new View.OnClickListener() {
public void onClick(View v) {
// Switching to Register screen
Intent i = new Intent(getApplicationContext(), RegisterActivity.class);
startActivity(i);
}
});
}
private void login(final String emailAddress, final String passWord) {
class LoginAsync extends AsyncTask<String, Void, String>{
//private Context context;
public static final String KEY_EMAIL = "email";
private Dialog loadingDialog;
@Override
protected void onPreExecute() {
super.onPreExecute();
loadingDialog = ProgressDialog.show(LoginActivity.this, "Please wait", "Loading...");
}
@Override
protected String doInBackground(String... params) {
String emailAddress = params[0];
String passWord = params[1];
InputStream is = null;
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("email", emailAddress));
nameValuePairs.add(new BasicNameValuePair("password", passWord));
//return nameValuePairs;
String result = null;
try{
HttpClient httpClient = new DefaultHttpClient();
HttpPost httpPost = new HttpPost("http://xxxx.com/login1.php");
httpPost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpResponse response = httpClient.execute(httpPost);
HttpEntity entity = response.getEntity();
is = entity.getContent();
BufferedReader reader = new BufferedReader(new InputStreamReader(is, "UTF-8"), 8);
StringBuilder sb = new StringBuilder();
String line = null;
while ((line = reader.readLine()) != null)
{
sb.append(line + "\n");
}
result = sb.toString();
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return result;
}
@Override
protected void onPostExecute(String result){
String s = result.trim();
loadingDialog.dismiss();
if(s.equalsIgnoreCase("success")){
Intent intent = new Intent(LoginActivity.this, ActivityUserProfile.class);
intent.putExtra(KEY_EMAIL, emailAddress);
startActivity(intent);
finish();
}else {
Toast.makeText(getApplicationContext(), "Invalid Email or Password", Toast.LENGTH_LONG).show();
}}
}
new LoginAsync().execute(emailAddress, passWord);
}
private boolean isValidEmail(String email) {
String EMAIL_PATTERN = "^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]+)*@"
+ "[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$";
Pattern pattern = Pattern.compile(EMAIL_PATTERN);
Matcher matcher = pattern.matcher(email);
return matcher.matches();
}
// validating password with retype password
private boolean isValidPassword(String pass) {
if (pass != null && pass.length() >= 6) {
return true;
}
return false;
}
}
**警告**:使用'mysqli'時,應該使用[參數化查詢](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)和[ 'bind_param'](http://php.net/manual/en/mysqli-stmt.bind-param.php)將用戶數據添加到您的查詢中。 **不要**使用字符串插值或連接來完成此操作,因爲您創建了嚴重的[SQL注入漏洞](http://bobby-tables.com/)。 **絕不**將'$ _POST'或'$ _GET'數據直接放入查詢中,如果有人試圖利用您的錯誤,這會非常有害。 – tadman
您是否嘗試登錄在進行登錄服務調用時作爲參數傳遞的值?如果不是那麼請檢查他們是否傳遞正確的值? – Mahamadali
可以請你幫我,怎麼做? – Sasya