2

I'm building a php API that needs the client to be signed on to return some information.. the code for this page is as follows:` 

include('connect.php');
session_start();
if(isset($_SESSION['username'])) {
    # select data from the database and echo it back.
}
else {
    session_unset();
    session_destroy();
    echo -1;
}
?>

but before this the customer should login using another page ` 

if (isset($_GET['usr']) && isset($_GET['password'])){
    $usr = $_GET['usr'];
    $passwd = $_GET['password'];

    $login = 0;
    $stmt = $conn->prepare("select * from users where userName=? and passwd =?");
    $stmt->execute(array($usr,$passwd));
    while($row = $stmt->fetch()) {
            $login = 1;
            session_start();
            $id = session_id();
            $_SESSION['username'] = $usr;
            break;
    }

    if($login == 1) {       
        echo "signed on";
    }

    if($login == 0) {
        echo "username or password incorrect";
    }
}
else {
    echo "parameter not set";
}

?>

when I try this from the browser it works very well. but when I tried this from the android app it didn't seem to work, I set the PHPSESSID Cookie using setHeader for the metho, also I tried the method from the answer here How to Handle the Session in HttpClient 4.1 but it didn't work, I could sign in, and when printing the cookies in the CookieSotre I can see the PHPSESSID is set, but also the server can't consider me as logged in.. Here is my code
ClientUtils.java

public class ClientUtils {

public static final DefaultHttpClient myHttpClient = new DefaultHttpClient();
public static final HttpContext httpContext = new BasicHttpContext();
public static final CookieStore cookieStore = new BasicCookieStore();


public static void config() {
    httpContext.setAttribute(ClientContext.COOKIE_STORE, cookieStore);
}

public static void printCookies() {
    for(Cookie k :cookieStore.getCookies())
        Log.d(k.getName(), k.getValue());
     }
}


LoginTask.java

public class LoginTask extends AsyncTask<String, Integer, String> {
protected String doInBackground(String... url) {
    try {
        ClientUtils.config();
        String urlll = "http://192.168.200.15/login.php?usr=monim&password=monim";
        HttpGet httpget = new HttpGet(urlll);               
        HttpResponse response = ClientUtils.myHttpClient.execute(httpget, ClientUtils.httpContext); 
        ClientUtils.printCookies(); //this print the value of PHPSESSID
    }catch(Exception e) {}
    return null;
}
protected void onPostExecute(String... url) {
    // do something 
}
}


and for the second page I use this snippet of code

HttpGet getRequest = new HttpGet(url);
    getRequest.addHeader("accept", "application/json");
    HttpResponse response = ClientUtils.myHttpClient.execute(getRequest, ClientUtils.httpContext);

but this does not work I always get the wrong response, am I missing something? is there any other headers other than the sessionId I should use? please help..

Community
  • 1
  • 1
monim
  • 3,427
  • 3
  • 23
  • 36

1 Answers1

0

I don't know that much on HTTP Components, but there is a nice webpage which may help you: HttpComponents Wiki

Also, :

  1. Instead of simply starting the PHP session, you should try getting the 

session_id()

in the first snippet.

  1. Check if the cache of Java is activated. Try Tag Property

  2. URLConnection to read cookies

  3. And this thread on "How to share session between php app and Java EE app?"

Good luck!!!

Community
  • 1
  • 1
StillBuggin
  • 280
  • 1
  • 3
  • 14