Authenticate PHP page through the application is not working

Asked

Viewed 107 times

0

I’m trying to make a connection to the MYSQL database to login the user in the android application, I already have some users registered in the database but I’m not able to login with the user data.

<?php
 if($_SERVER['REQUEST_METHOD']=='POST'){
 $username = $_POST['username'];
 $password = $_POST['password'];

 require_once('dbConnect.php');

 $sql = "select * from usuarios where username='1' and password='1'";

 $check = mysqli_fetch_array(mysqli_query($con,$sql));

 if(isset($check)){
 echo "success";
 }else{
 echo "Invalid Username or Password";
 }

 }else{
 echo "error try again";
 }
 ?>

Follow the code Java (Android Studio)

package --------;

import android.app.Activity;
import android.app.AlertDialog;
import android.app.ProgressDialog;
import android.content.DialogInterface;
import android.content.Intent;
import android.os.AsyncTask;
import android.support.v7.app.ActionBarActivity;
import android.os.Bundle;
import android.view.*;
import android.widget.*;

import java.util.HashMap;


public class Login extends Activity implements View.OnClickListener {
    public static final String USER_NAME = "USER_NAME";

    public static final String PASSWORD = "PASSWORD";

    private static final String LOGIN_URL = "http://caixapretadasaude.org.br/aplicativo/login.php";

    private EditText login;
    private EditText senha;
    private Button acessar;
    private Button facebook;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.act_login);

        login = (EditText) findViewById(R.id.login);
        senha = (EditText) findViewById(R.id.senha);
        acessar = (Button) findViewById(R.id.acessar);
        facebook = (Button) findViewById(R.id.facebook);
        acessar.setOnClickListener(this);
        facebook.setOnClickListener(this);
    }
    private void login(){
        String username = login.getText().toString().trim();
        String password = senha.getText().toString().trim();
        userLogin(username,password);
    }

    private void userLogin(final String username, final String password){
        class UserLoginClass extends AsyncTask<String,Void,String> {
            ProgressDialog loading;
            @Override
            protected void onPreExecute() {
                super.onPreExecute();
                loading = ProgressDialog.show(Login.this,"Please Wait",null,true,true);
            }

            @Override
            protected void onPostExecute(String s) {
                super.onPostExecute(s);
                loading.dismiss();
                if(s.equalsIgnoreCase("success")){
                    Intent intent = new Intent(Login.this,Home.class);
                    intent.putExtra(USER_NAME,username);
                    startActivity(intent);
                }else{
                    Toast.makeText(Login.this,s,Toast.LENGTH_LONG).show();
                }
            }

            @Override
            protected String doInBackground(String... params) {
                HashMap<String,String> data = new HashMap<>();
                data.put("username",params[0]);
                data.put("password",params[1]);

                RegisterUserClass ruc = new RegisterUserClass();

                String result = ruc.sendPostRequest(LOGIN_URL,data);

                return result;
            }
        }
        UserLoginClass ulc = new UserLoginClass();
        ulc.execute(username,password);
    }

    @Override

    public void onClick(View v) {
        if(v == acessar){
            login();
        }

        final String valorLogin = login.getText().toString();
        final String valorSenha = senha.getText().toString();

        if (valorLogin.trim().isEmpty() || valorSenha.trim().isEmpty()) {
            AlertDialog.Builder dialogo = new AlertDialog.Builder(this);
            dialogo.setMessage("Campos Vazios");
            dialogo.setNeutralButton("Ok", null);
            dialogo.show();
        }
        else if(valorLogin.equals("[email protected]") && valorSenha.equals("123")){
            /*AlertDialog.Builder dialogo = new AlertDialog.Builder(this);
            dialogo.setMessage("Campos Vazios");
            dialogo.setNeutralButton("Ok", null);
            dialogo.show();*/

            Intent it = new Intent(this, Home.class);
            startActivity(it);
        }
        else {
            AlertDialog.Builder dialogo = new AlertDialog.Builder(this);
            dialogo.setMessage("Usuario não encontrado, deseja se cadastrar?");
            dialogo.setPositiveButton("Sim", new DialogInterface.OnClickListener() {
                // C DIGO QUE SER  EXECUTADO SE O USU RIO PRESSIONAR O BOT O N O - O usuario ser  levado para a dela de cadastro
                public void onClick(DialogInterface dialog, int which) {
                    Intent itt = new Intent(Login.this, Perfil.class);
                    itt.putExtra("VALOR", login.getText().toString());

                    startActivity(itt);
                }
            });
            dialogo.setNegativeButton("Não", new DialogInterface.OnClickListener() {
                public void onClick(DialogInterface dialog, int which) {
                    // C DIGO QUE SER  EXECUTADO SE O USU RIO PRESSIONAR O BOT O N O
                }
            });
            dialogo.setTitle("Cadastre-se");
            dialogo.show();
        }
    }

    @Override
    public boolean onCreateOptionsMenu(Menu menu){
        // Inflate the menu; this adds items to the action bar if it is present.
        getMenuInflater().inflate(R.menu.menu_login, menu);
        return true;
    }

    @Override
    public boolean onOptionsItemSelected (MenuItem item){
        // Handle action bar item clicks here. The action bar will
        // automatically handle clicks on the Home/Up button, so long
        // as you specify a parent activity in AndroidManifest.xml.
        int id = item.getItemId();

        //noinspection SimplifiableIfStatement
        if (id == R.id.action_settings) {
            return true;
        }

        return super.onOptionsItemSelected(item);
    }
}
  • What mistake you’re making ?

  • Invalid Username or Password

2 answers

0

Hello,

I believe you have to modify the line that makes the query (if you haven’t already, and this is just an example)

of

$sql = "select * from usuarios where username='1' and password='1'";

for

$sql = sprintf("select * from usuarios where username='%s' and password='%s'",
    mysql_real_escape_string($username),
    mysql_real_escape_string($password));

this ensures that the data sent is used in the query.

As it stands, the compared data is always 1 for both fields.

^^V

0


The correct is for you to use your SQL query string like this:

$sql = sprintf("select * from usuarios where username='$username' and password='$password'",

so that the query can be returned from the past POST method.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.