could not be logged in using retrofit2 android

Question

I want to register and login using retrofit, but in vain, my register service is

<?php

    $name= $_POST['name'];
    $email = $_POST['email'];
    $password= $_POST['password'];
    $encpass = md5($password);
    $gender= $_POST['gender'];

    $con = mysqli_connect("localhost", "root", "smpwd", "apidb");
    $query= mysqli_query($con, "INSERT INTO users(name,email, password, gender) VALUES('$name','$email', '$encpass', '$gender')");

    if($query){
        $json = array("name" => $name, "email" => $email, "password" => $encpass,'gender' => $gender); 

            header('content-type: application/json');
            echo json_encode($json);
    }

    else{
        $json = array("status" => "Invalid"); 

            header('content-type: application/json');
            echo json_encode($json);
    }

    mysqli_close($con);

?>

my login service is

<?php
session_start();

    $email=$_POST['email'];
    $password=$_POST['password'];
    $encpass = md5($password);
    $con = mysqli_connect("localhost", "root", "smpwd", "apidb");
    $query= mysqli_query($con,"Select * from users where email= '$email' and password='$encpass'");

    $result=mysqli_fetch_array($query);

    if($result[0]>0){
        $json = array("email" => $email, "password" => $encpass); 

            header('content-type: application/json');
            echo json_encode($json);
    }

    else{
        $json = array("status" => "Invalid"); 

            header('content-type: application/json');
            echo json_encode($json);
    }

    mysqli_close($con);
?>

my model is

public class User implements Serializable{

    @Expose
    public String name;
    @Expose
    public String email;
    @Expose
    public String password;
    @Expose
    public String gender;

    public User(){
        //
    }
    ....
    // omitting get/set methods
}

service is

public interface ApiService {

    @GET("/AllJobs.php")
    Call<List<Job>> getJobData();

    @FormUrlEncoded
    @POST("/login.php")
    Call<User> loginUser(@Field("email") String email,
                          @Field("password") String password);

    @FormUrlEncoded
    @POST("/register.php")
    Call<User> createUser(@Field("name") String name,
                          @Field("email") String email,
                          @Field("password") String password,
                          @Field("gender") String gender);
}

at this point the registration works good using this code

mRegisterButton.setOnClickListener(new View.OnClickListener() {
    @Override
    public void onClick(View view) {
        if (validateForm()){
            mUserCall = mRestManager.getApiService()
                    .createUser(mNameEditText.getText().toString(),
                                        mEmailEditText.getText().toString(),
                                        mPasswordEditText.getText().toString(),
                                        mGenders[position]);
            mUserCall.enqueue(new Callback<User>() {
                @Override
                public void onResponse(Call<User> call, Response<User> response) {
                    User user1 = response.body();
                    Log.e("RESPONSE", "Is " + user1.toString());
                    Toast.makeText(getApplicationContext(), user1.name , Toast.LENGTH_SHORT).show();
                }

                @Override
                public void onFailure(Call<User> call, Throwable t) {
                    //
                }
            });
        }
    }
});

but when I try to login using the code below

mLoginBtn.setOnClickListener(new View.OnClickListener() {
    @Override
    public void onClick(View view) {
        if (validateForm()) {

            mUserCall = mRestManager.getApiService()
                    .loginUser(mEmailEditText.getText().toString(),
                            mPasswordEditText.getText().toString());

            Log.e("EMAIL", "email " + mEmailEditText.getText().toString());
            Log.e("Password", "password " + mPasswordEditText.getText().toString());

            mUserCall.enqueue(new Callback<User>() {
                @Override
                public void onResponse(Call<User> call, Response<User> response) {
                    User user1 = response.body();
                    Log.w("RESPONSE", "Is " + user1.toString());
                }

                @Override
                public void onFailure(Call<User> call, Throwable t) {
                    Log.w("RETRO_LOGIN_ERROR", " message is " + t.getMessage()
                            + "\n" + call.request().url());
                }
            });
        }
    }
});

I never be able to send data to server and always get the message

{"status":"Invalid"}

don't know why this happens any help is highly appreciated...

https://stackoverflow.com/questions/44550203/getting-same-data-everytime-when-using-parceable — , Jun 14 '17 at 17:30
Your code is vulnerable to [**SQL injection**](https://en.wikipedia.org/wiki/SQL_injection) attacks. You should use prepared statements with bound parameters, via either the [**mysqli**](https://secure.php.net/manual/en/mysqli.prepare.php) or [**PDO**](https://secure.php.net/manual/en/pdo.prepared-statements.php) drivers. [**This post**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) has some good examples. — Alex Howansky, Jun 14 '17 at 17:35
MD5 is considered broken for security purposes and is not sufficient for password hashing. Use [`password_hash()`](http://us3.php.net/manual/en/function.password-hash.php) and [`password_verify()`](http://us3.php.net/manual/en/function.password-verify.php) instead. — Alex Howansky, Jun 14 '17 at 17:35
this is not a retrofit issue, it is a backend or web service problem, title should be changed — Max Pinto, Jun 14 '17 at 17:48

could not be logged in using retrofit2 android

0 Answers0