I currently have a SSL Secure server setup on a linux box with php scripts.
I currently have an android application whereby a login page will establish a secure connection to my server and authenticate the user by crossing referencing the details within a database using the php scripts. If the details are correct it will return a specific value to my app.
When assigning the URL object to "https://mydomain/myscript" the value returned is "null", however when I assign the URL object to "http://mydomain/myscript" the correct value is returned and authentication within the app can begin.
I have -
- Checked my library imports and i'm using "javax.net.ssl.HttpsURLConnection"
- Checked my secure link "https://mydomain/myscript" is accessible to the open world
- SSL certificate is installed correctly and applied across the board within the apache server
Here is my Android code:
protected String doInBackground(String... params) {
String login_url = "https://xxx.xxxxx.com/json/json_login.php";
String method = params[0];
if(method.equals("login")){
String database_name = params[1];
String password_user = params[2];
try {
URL url = new URL(login_url);
HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
httpsURLConnection.setRequestMethod("POST");
httpsURLConnection.setDoOutput(true);
httpsURLConnection.setDoInput(true);
OutputStream outputStream = httpsURLConnection.getOutputStream();
BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(outputStream, "UTF-8"));
String data = URLEncoder.encode("database_name","UTF-8")+"="+URLEncoder.encode(database_name,"UTF-8")+"&"+
URLEncoder.encode("password_user","UTF-8")+"="+URLEncoder.encode(password_user,"UTF-8");
bufferedWriter.write(data);
bufferedWriter.flush();
bufferedWriter.close();
outputStream.close();
InputStream inputStream = httpsURLConnection.getInputStream();
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream,"iso-8859-1"));
response = "";
String line = "";
while((line = bufferedReader.readLine())!=null){
response += line;
}
bufferedReader.close();
inputStream.close();
httpsURLConnection.disconnect();
return response;
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
return null;
}
@Override
protected void onPostExecute(String result) {
if(result.equals("Login Failed")){
Toast.makeText(ctx, "Database password incorrect", Toast.LENGTH_SHORT).show();
}else{
//Create shared preferences module called "database" and write result to shared preferences variable "database_name"
SharedPreferences preferences = ctx.getSharedPreferences("database", Context.MODE_PRIVATE);
SharedPreferences.Editor editor = preferences.edit();
editor.putString("database_name", result);
editor.apply();
Intent intent = new Intent(ctx, MainActivity.class);
ctx.startActivity(intent);
((Activity)ctx).finish();
}
Here is my PHP code:
<?php
require "../init_accounts.php";
$database_name = $_POST["database_name"];
$password_user = $_POST["password_user"];
$sql_query = "SELECT database_name FROM xxx_Table WHERE database_name LIKE '$database_name' and password_user LIKE '$password_user';";
$result = mysqli_query($con,$sql_query);
if (mysqli_num_rows($result)>0)
{
$row = mysqli_fetch_assoc($result);
$database_name = $row["database_name"];
echo "$database_name";
}
else
{
echo "Login Failed" . mysqli_error($con);
}
?>
Here is the debug results when using HTTPS URL (incorrect return value):
Here is the debug results when using HTTP URL (correct return value):
If anyone can shed some light / point me in the correct direction that would be great! Thanks in advance
UPDATE 19/07/2017:
This is now fixed, I used Trusting all certificates using HttpClient over HTTPS to help resolve issue!
