I am building a login application in android in which i am hitting a url(with username and password) upto that part it works fine but after that whenever I am hitting a url(once the user is authenticated) , it return nothing(i.e. a error message like please login first). However it works fine in very similar iphone app and on browser.
I could not understand that what is the actual problem. Is there any problem on server side(i.e. in php coding ) or there is something wrong with android app. We cant actually blame the server side coding because it works fine for same iphone app and on browser.
Any idea or help will be highly appreciated. Thanks.
Your Php script uses a session token to identify the visitor when you browse the site via a browser. Ususally its stored in a PHPSESSID variable.
If you want your Android application to stay authenticated on the server side you need to fetch that id after the first connection and then send it in the headers of all your subsequent requests.
**EDIT : ** This is what you want to do : How do I manage cookies with HttpClient in Android and/or Java?
You can use an active DefaultHttpClient connection and make validations on each mobile-request, at server side, through $_SESSION. Here is a small sample code (is not for production)
First there is a class:
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.ArrayList;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
public class NetClient {
private HttpClient client = null;
public NetClient() {
client = new DefaultHttpClient();
}
public String request(String url) throws ClientProtocolException, IOException {
HttpPost post = new HttpPost(url);
HttpResponse res = client.execute(post);
BufferedReader br = new BufferedReader(new InputStreamReader(res.getEntity().getContent()));
String data = "";
String line = "";
while ((line = br.readLine()) != null) {
data = data + line;
}
return data;
}
public String login(String url) throws ClientProtocolException, IOException {
HttpPost post = new HttpPost(url);
ArrayList pa = new ArrayList();
pa.add( new BasicNameValuePair( "username", "admin"));
pa.add( new BasicNameValuePair( "password", "admin"));
post.setEntity( new UrlEncodedFormEntity(pa, "UTF-8"));
HttpResponse res = client.execute(post);
BufferedReader br = new BufferedReader(new InputStreamReader(res.getEntity().getContent()));
String data = "";
String line = "";
while ((line = br.readLine()) != null) {
data = data + line;
}
return data;
}
}
Then at mainactivity.java
StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder().permitAll().build();
StrictMode.setThreadPolicy(policy);
try {
NetClient n = new NetClient();
String k = n.login("http://x.com/testAREA/securetrans/login.php");
Log.w("login result", k);
String l = n.request("http://x.com/testAREA/securetrans/content.php");
Log.w("ask if logged in", l);
} catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
Where login.php
<?php
session_start();
if(isset($_POST['username']))
{
$username = $_POST['username'];
$password = $_POST['password'];
if($username == 'admin' && $password == 'admin')
{
$_SESSION['username'] = $username;
echo "admin setted";
exit;
}
else
{
echo "-1";
}
}
?>
and content.php as :
<?php
session_start();
if(isset($_SESSION['username']))
{
echo "login ok";
}
else
{
echo "not login";
}
?>
When we run this sample code will end with
echo "login ok";
More information at: http://www.pipiscrew.com/2014/11/phpandroid-secure-connection-with-session-variable/
来源:https://stackoverflow.com/questions/5947988/php-session-destroyed-in-android-application