1) Why are you trying to strip out SQL commands from the input? That's a losing battle on the client side. Your php framework should provide a means of using parameters to make sql statements. They usually handle invalid content better than you can.
2) Separate your UI code from your network code, otherwise your app will get an Application Not Responding dialog error. 3) No, if you simply login by passing parameters to a 'regular' php script then most likely it keeps state by setting a cookie. I don't know what you mean by 'then call xx.com' but you have to make sure that you keep the state between HTTP calls. I believe there are some options for HTTPClient so that it does it automatically. On Mon, Jun 6, 2011 at 11:11 AM, Knutsford Software < [email protected]> wrote: > > ----- Original Message ----- From: Miguel Morales > > To: [email protected] > Sent: Monday, June 06, 2011 5:46 PM > > Subject: Re: [android-developers] login form > > > Wow, I really hope that's not for an enterprise application. > I believe this is a candidate for http://thedailywtf.com > > > Don't bother stripping bad characters/phrases, do this on the server side. > Also, don't ever mix UI code and networking code in the same thread. > > > Read: > http://developer.android.com/resources/articles/painless-threading.html > > > > > > All I am trying to do is a simple simple log in form to a mobile version of > a site. You log in using the details from a mysql database and if it is ok > go to a welcome page and store the passwrod in shared preferences so that > next time it uses that to try and log in with. I am brand new to android > which must be obvious. > > > > Can someone point me to an example > > > > I have this as the onclick > > > > btnLogin.setOnClickListener(new OnClickListener() { > > public void onClick(View v) { > > String email = StrippedChars(Email.getText().toString().trim()); > > String password = > StrippedChars(Password.getText().toString().trim()); > > String remember = StrippedChars(Remember.trim()); > > > String url = StrippedChars(Url.getText().toString().trim()); > > final SharedPreferences mPreferences; > > mPreferences = getSharedPreferences("CurrentUser", MODE_PRIVATE); > > if(email.equals("guest") && password.equals("guest")){ > > SharedPreferences.Editor editor=mPreferences.edit(); > > editor.putString("Email", email); > > editor.putString("PassWord", password); > > editor.putString("Remember", remember); > > editor.putString("Url", url); > > editor.commit(); > > String urltemp = "http://www.extraplay.com/mobile/index.php";; > > Intent i = new Intent(Intent.ACTION_VIEW); > > i.setData(Uri.parse(urltemp)); > > startActivity(i); > > } > > else { > > SharedPreferences.Editor editor=mPreferences.edit(); > > editor.remove("Email"); > > editor.remove("PassWord"); > > editor.commit(); > > lblResult.setText("Login failed. Email address and/or password > doesn't exist."); > > } > > } > > > > }); > > > > > > I need to change this > > > > > if(email.equals("guest") && password.equals("guest")){ > SharedPreferences.Editor editor=mPreferences.edit(); > > editor.putString("Email", email); > > editor.putString("PassWord", password); > > editor.putString("Remember", remember); > > editor.putString("Url", url); > > editor.commit(); > > String urltemp = "http://www.extraplay.com/mobile/index.php";; > > Intent i = new Intent(Intent.ACTION_VIEW); > > i.setData(Uri.parse(urltemp)); > > startActivity(i); > > > > > > So that it post the details to the php script and either goes to the > welcome page and stores the login details in the preferences or come back > with an error message. The index page needs to test that the login session > details are set before it does anything. How do you do it? Do you post to > the login php script first ands test the return response then call > http://www.extraplay.com/mobile/index.php? Will the session variables > which were set in the php script still be set in index.php if you do that? > > > > > > > > > > > > -- > You received this message because you are subscribed to the Google > Groups "Android Developers" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/android-developers?hl=en > -- ~ Jeremiah:9:23-24 Android 2D MMORPG: http://solrpg.com/, http://www.youtube.com/user/revoltingx -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
