m7m m7m - 1 month ago 28
Android Question

Android PHP server

I am working with an Android app that sends information to a PHP server.
The Android app should login first and if the login is successful start to send the data.

This is the php page (login):

<?php
$data = file_get_contents('php://input');
$json = json_decode($data);
$id=$json->{'im'};

$con = mysql_connect('localhost','root','1111');
mysql_select_db('root') or die(' ');
$sql = "SELECT name FROM chiled WHERE `im` LIKE $id ";

$query = mysql_query( $sql );

$a=mysql_fetch_row($query);
print(json_encode($a[0]));
$n=$json->{'name'};


mysql_close();
?>


The PHP page receives the id from the Android App and checks if the id exists in the DB then sends response to the Android App. According to the received request the App will decided if the login is successful or not, if the login is successful then it will start sending the data.

What do you think is the best way to receive the data in the PHP server (if the login is successful)? Can I use a new page to receive (create a new connection in Android App that connects to another page then start sending the data) the data or can I do that in the same login page?

Answer

if the login is successful then you can start a php session that store the session and validation. Most websites works in this fasion (for example Stack Overflow).

A session in php by default is passed through cookie PHPSESSID. So, if the login is correct then you can return the cookie and locally (server side) associate the session with the user.

Also, PHP allow to create and manipulate a session cookie-less.

The only detail is that you must associate a session with the ip because security issues.

So, the cycle can be:

android --user/password--> login.php ---phpsessid--> android

android --phpsessid --> content_page.php ---information--->android

and if you are not logged (or the session has expired)

android --phpsessid --> content_page.php ---error page (you are not allowed)--->android