0

I am a beginner in Android and I have the following code: (On the PHP side, after the user logs into my Android App)

session_start();
$username = $_POST['username'];
$password = $_POST['password'];

$query = mysql_query("SELECT * FROM users WHERE c_name='$username' AND c_password='$password'") or die("Could not run query!");

$rows = mysql_num_rows($query);
if($rows == 0){
  echo "No user was found";
}else{

  $row = mysql_fetch_assoc($query);
  $_SESSION['id'] = $row['id'];
  $_SESSION['username'] = $row['c_name'];   
  echo "User Found";     
  }

In the file where I want to obtain the ID of the user whom was logged in I have: 

session_start();
$r_name = $_POST['r_name'];
$r_address = $_POST['r_address'];
$r_phone = $_POST['r_phone'];
$r_username = $_POST['r_username'];

$req_id = $_SESSION['id'];
$req_username = $_SESSION['username'];

$query_add = "INSERT INTO data_collection VALUES ('','$r_name','$r_address','$r_phone','$r_username','$req_id')";

$query_exec = mysql_query($query_add) or die("Could not insert to db");
if($query_exec){
echo "Success";
}else
 echo "Error in query";

And the Android side that posts the data to the 2nd php file:

public void onClick(View v) {
// TODO Auto-generated method stub
String s_res_name = res_name.getText().toString();
String s_res_address = res_address.getText().toString();
String s_res_phone = res_phone.getText().toString();


ArrayList<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("r_name", s_res_name));//c_name is the value in PHP and in the mySQL db
nameValuePairs.add(new BasicNameValuePair("r_address", s_res_address));
nameValuePairs.add(new BasicNameValuePair("r_phone", s_res_phone));

            try{
                HttpClient httpclient = new DefaultHttpClient();
                HttpPost httppost = new HttpPost("http://10.0.2.2/thesis/data_collection.php");
                httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
                response = httpclient.execute(httppost);
                HttpEntity entity = response.getEntity();
                is = entity.getContent();

                ResponseHandler<String> responseHandler = new BasicResponseHandler();
                final String response = httpclient.execute(httppost,responseHandler);

                tv.setText(""+response);
                if (response.equals("Success")){
                    Toast toast = Toast.makeText(getApplicationContext(), "Data Collection task successfully created", Toast.LENGTH_LONG);
                    toast.show();
                    finish();                       
                }       
            }catch(Exception e){
                Log.e("log.tag","Error in http connection"+e.toString());
            }
        }
    });

How can I obtain the session ID in the second php file and store it in a new table? This code runs well through the web, when I post the data through a form, but on the android side it doesn't...

Thank you for your help.

Elona
  • 3
  • 3

2 Answers2

0

How can I obtain the session ID in the second php file and store it in a new table?

The session ID is part of the request. If you mean $_SESSION['id'] you need to call session_start() first or have session auto-start configured.

Do I have to do sth on the Android side? Thank you for your help.

Yes, you need to pass the real session ID (not that $_SESSION['id'] value), it's a cookie or a query-parameter commonly named PHPSESSID by default. See also session-name. If you don't pass that info with the request, PHP does not know which session this request should belong to.

For more info, please continue here: http://php.net/sessions

hakre
  • 193,403
  • 52
  • 435
  • 836
  • Do you perhaps have an example of the real session ID on the Android side please? – Elona May 05 '13 at 17:50
  • @Beginner: No, that actually is not an example I have at hand, sorry. Check how to obtain cookies from the first response and how you can use them then in the second request. That does normally do it but it also depends on your workflow on the android side so I can not give an easy example. – hakre May 05 '13 at 17:53
0

In my applications I do it this way: I have PHP script, that do real login. This script return string as "HTML page". That page is erad within application, string is parsed and data from that string are used in application for login.

Example of return string:

nick|user_id|hashed_security_string

Now in nick you have user name, user_id is his ID from DB and hashed_security_string is something used for security purposes when you for example commit something from your app to DB, this string is send with data and controlled on server if user is really logged or if user exist.

Martin Perry
  • 9,232
  • 8
  • 46
  • 114
  • Thank you for your reply.. How can I return the HTML string on the android side? What I want to do is retrieve the 2 sessions on the android side and post them in the second php file as well in the table.. Is this how you did it? – Elona May 05 '13 at 17:58
  • I am using sockets. Same way as if I want to load content of page to variable. For example, I call site: http://www.example.com/login.php and allong with that I fill POST variables and send them. So basicly I manually create and send form. Result I got is the same as if you show the page by browser. That way, I can have almost the same login script for web and for my app. I dont know exactly in Android, I am using it with iOS. I am using something like this: http://stackoverflow.com/questions/7118127/loading-data-from-site-as-stringandroid – Martin Perry May 05 '13 at 18:01